Master Linux System Inspection: lsmod, lsof, lspci & lsscsi with Real Examples

As an operations professional, you should be familiar with the Linux commands lsmod, lsof, lspci, and lsscsi; this article explains each command and provides real examples.

1. lsmod command

The lsmod command displays the status of modules loaded into the kernel. It lists all modules currently loaded, reflecting Linux's modular kernel design where functionality can be compiled as separate modules and loaded on demand.

Syntax

lsmod

Example

Explanation of the columns:

Column 1: module name.

Column 2: module size.

Column 3: number of dependent modules.

Column 4: list of dependent modules.

Typical usage combines lsmod with grep, e.g., lsmod | grep -i ext3, to check whether a specific module is loaded.

2. lsof command

The lsof command lists open files, the processes that opened them, and the ports (TCP/UDP) those processes are using. It can also help recover deleted files. Because it accesses kernel memory and various files, it usually requires root privileges.

In Linux, everything is represented as a file, including network connections and hardware devices. Each process receives file descriptors that serve as a universal interface to interact with the underlying system, making lsof valuable for monitoring and troubleshooting.

Syntax

lsof(选项)

Options

-a: list processes that have opened files.

-c<process_name>: list files opened by the specified process.

-g: display GID details.

-d<file_number>: list processes using the specified file descriptor.

+d<directory>: list files opened under the directory.

+D<directory>: recursively list files opened under the directory.

-n<directory>: list files using NFS.

-i<condition>: list processes matching the condition (protocol, port, @ip, etc.).

-p<pid>: list files opened by the specified PID.

-u: display UID details.

-h: show help.

-v: show version.

Example

Column meanings in the output:

COMMAND: process name.

PID: process identifier.

PPID: parent process identifier (requires -R).

USER: owner of the process.

PGID: process group ID.

FD: file descriptor used by the process.

3. lspci command

The lspci command displays information about all PCI buses and devices connected to the host.

Syntax

lspci(选项)

Options

-n: show PCI vendor and device codes numerically.

-t: display devices in a tree hierarchy.

-b: show a bus-centric view.

-d: show information for a specific vendor/device.

-s: show devices on a specific bus/slot.

-i: specify a PCI ID list file instead of the default.

-m: output in machine‑readable format.

Example

4. lsscsi command

Parameters

-s: display capacity size.

-c: show full default information.

-d: display major and minor device numbers.

-g: show corresponding sg device name.

-H: list host controllers (options -Hl, -Hlv).

-l: display related attributes (options -ll, -lll=-L).

-v: show device attribute directory.

-x: display LUN in hexadecimal.

-p: output DIF/DIX protection types.

-P: output valid protection mode information.

-i: display udev‑related attributes.

-w: display WWN.

Example

Additional reference image: