Essential Linux Commands Every Sysadmin Should Master
A concise cheat‑sheet of frequently used Linux commands covering file searching, bulk moving, log cleanup, directory checks, text substitution with sed, network packet capture, firewall rules, and log analysis to boost sysadmin productivity.
This article compiles a set of practical Linux commands that are commonly used by system administrators.
1. Move all *.zip files to a target directory
find . -name "*.zip" -exec mv {} ./backup/ \;2. Delete log files older than 30 days and larger than 100 MiB
find . -name "*.log" -mtime +30 -type f -size +100M | xargs rm -rf {};3. Batch unzip all *.zip files to a specific directory
for i in `find . -name "*.zip" -type f`; do
unzip -d $i /data/www/
doneNote: for i in (command); do … done is a common loop format where i is a user‑defined variable.
4. Delete *.log files created more than 3 days ago
find . -mtime +3 -name "*.log" | xargs rm -rf {};5. Move files larger than 100 kB from a directory to /tmp
find . -size +100k -exec mv {} /tmp;6. Check if a directory exists, create it if not, otherwise print a message
if [ ! -d /data/backup/ ]; then
mkdir -p /data/backup/
else
echo "Directory already exists"
fi7. Replace a directory path inside a file using sed
sed 's:/usr/local:/tmp:g' test.txt8. Common sed one‑liners
Remove the first character of each line: sed -i 's/^./ /g' test.txt Add an a at the beginning of each line: sed 's/^/a/g' test.txt Add an a at the end of each line: sed 's/$/a/' test.txt Append z after lines containing "rumen": sed '/rumen/az' test.txt Insert c before lines containing "rumen":
sed '/rumen/ic' test.txt9. Use sed to modify a specific line in place
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config10. List the top 20 IP addresses by request count in an Nginx access log
cat access.log | awk '{print $1}' | sort | uniq -c | sort -nr | head -2011. Replace lines ending with "ab" with "cd"
sed -e 's/ab$/cd/g' b.txt12. Capture network packets with tcpdump
# Capture traffic to 192.168.56.7 on port 80
tcpdump -nn host 192.168.56.7 and port 80
# Exclude traffic to 192.168.0.22 on port 80
tcpdump -nn host 192.168.56.7 or ! host 192.168.0.22 and port 8013. Show the 20 most frequently used commands from bash history
history | awk '{print $2}' | sort | uniq -c | sort -k1,1nr | head -1014. Simple firewall script allowing only remote access to port 80
iptables -F
iptables -X
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -j REJECTThese snippets provide a quick reference for routine system‑administration tasks, helping engineers type commands fluently and solve problems efficiently.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Liangxu Linux
Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.