Unlock Linux Mastery: From Command-Line Essentials to Advanced System Administration

Linux Basics: From Command Line to System Management

Linux is a versatile platform for system administrators; this guide covers everything from basic commands to advanced management techniques.

Chapter 1: Linux Command Line Basics

1.1 Essential Commands

# File and directory operations
ls -la          # list detailed files (including hidden)
cd /path/to/dir # change directory
pwd            # show current directory
mkdir -p dir1/dir2 # create directories recursively
rm -rf directory   # remove recursively (use with care)
cp -r source dest   # copy recursively
mv oldname newname  # move or rename

# File content viewing
cat file.txt       # view file content
less file.txt       # paginate view (large files)
head -n 20 file    # first 20 lines
tail -f logfile     # real‑time log monitoring
grep "error" file  # search keyword

Practical Tips : Combine commands for powerful one‑liners, e.g., find recent config files:

find /etc -type f -name "*.conf" -mtime -7 | xargs ls -lt

1.2 Pipes and Redirection

# Count 404 errors in nginx logs
cat access.log | grep "404" | wc -l
# Top 10 CPU‑intensive processes
ps aux | sort -k3 -rn | head -10
# Real‑time keyword monitoring
tail -f /var/log/app.log | grep --line-buffered "ERROR"
# Redirect error output
command 2> error.log
# Redirect both stdout and stderr
command &> all_output.log

1.3 Text Processing: grep, sed, awk

# grep examples
grep -E "error|warning" /var/log/syslog
grep -v "debug" file.log
grep -r "config" /etc

# sed examples
sed -i 's/old/new/g' file.txt
sed -n '10,20p' file.txt
sed '/^#/d' config.file

# awk examples
awk '{print $1,$3}' file.txt
awk -F: '{print $1}' /etc/passwd
awk '$3>1000 {print $0}' data.txt

Real‑world Example : Find top 10 IPs by request count:

awk '{print $1}' access.log | sort | uniq -c | sort -rn | head -10

Chapter 2: Process Management

2.1 Monitoring Processes

# View all processes
ps aux
ps -ef | grep nginx
pstree
# Real‑time monitoring tools
top
htop
iotop
iftop
# Process control
kill -9 PID
killall process_name
nice -n 10 command
renice -n 5 -p PID

2.2 Background Jobs

# Run commands in background
command &
nohup command &
screen -S session_name
tmux new -s myproject
# Job control
jobs
fg %1
bg %1
disown %1

Professional Advice : Use screen or tmux for long‑running production tasks.

Chapter 3: System Performance Analysis

3.1 CPU Performance

# CPU usage monitoring
vmstat 1
mpstat -P ALL 1
sar -u 1 10
# Per‑process CPU analysis
pidstat -u 1 -p PID
perf top

3.2 Memory Management

# Memory usage
free -h
cat /proc/meminfo
vmstat -s
slabtop
ps aux --sort=-%mem | head
# Clear cache (use cautiously)
sync && echo 3 > /proc/sys/vm/drop_caches

3.3 Disk I/O Optimization

# Disk usage
df -h
du -sh *
lsblk
# I/O statistics
iostat -x 1
iotop -o
# Find large files
find / -type f -size +1G 2>/dev/null

Practical troubleshooting order:

Use top to check CPU and memory.

Use iostat to examine disk I/O.

Use netstat or ss for network connections.

Review recent system logs.

Chapter 4: Network Management

4.1 Network Configuration and Diagnosis

# Show IP addresses and routes
ip addr show
ip route show
nmcli device status
# Basic connectivity tests
ping -c 4 google.com
traceroute google.com
mtr google.com
# DNS queries
dig google.com
nslookup google.com
# Port and service checks
netstat -tuln
ss -tuln
lsof -i :80
telnet host port
nc -zv host port

4.2 Firewall Management

# iptables example
iptables -L -n -v
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
# firewalld example
firewall-cmd --state
firewall-cmd --list-all
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --reload

Chapter 5: Service Management

5.1 Systemd Service Management

# Service control
systemctl start nginx
systemctl stop nginx
systemctl restart nginx
systemctl reload nginx
systemctl status nginx
# Enable at boot
systemctl enable nginx
systemctl disable nginx
systemctl is-enabled nginx
# View logs
journalctl -u nginx
journalctl -f -u nginx
journalctl --since "2024-01-01" -u nginx

5.2 Creating Custom Services

# /etc/systemd/system/myapp.service
[Unit]
Description=My Application
After=network.target

[Service]
Type=simple
User=appuser
WorkingDirectory=/opt/myapp
ExecStart=/opt/myapp/start.sh
Restart=on-failure
RestartSec=10

[Install]
WantedBy=multi-user.target

Chapter 6: Log Management

6.1 Log Viewing and Analysis

# Common log files
/var/log/syslog   # Debian/Ubuntu
/var/log/messages # RHEL/CentOS
/var/log/auth.log # authentication
/var/log/kern.log # kernel
# Log analysis examples
grep -i error /var/log/syslog | tail -20
awk '{print $5}' /var/log/syslog | sort | uniq -c | sort -rn
sed -n '/2024-01-01 10:00/,/2024-01-01 11:00/p' logfile

6.2 Log Rotation Configuration

# /etc/logrotate.d/myapp
/var/log/myapp/*.log {
    daily
    rotate 7
    compress
    delaycompress
    missingok
    notifempty
    create 0644 root root
    postrotate
        systemctl reload myapp
    endscript
}

Chapter 7: User and Permission Management

7.1 User Management

# User operations
useradd -m -s /bin/bash username
passwd username
usermod -aG sudo username
userdel -r username
# Query user info
id username
who
last

7.2 Permission Management

# File permissions
chmod 755 file
chmod u+x file
chown user:group file
# Special bits
chmod u+s file   # SUID
chmod g+s directory   # SGID
chmod +t directory   # Sticky bit
# ACL example
setfacl -m u:username:rwx file
getfacl file

Security Tip : Never set 777 permissions on files or directories.

Chapter 8: Shell Scripting

8.1 Basic Script Structure

#!/bin/bash
# System health check script
set -e
set -u
LOG_FILE="/var/log/health_check.log"
THRESHOLD=80
check_disk_usage() {
    usage=$(df -h / | awk 'NR==2 {print $(NF-1)}' | sed 's/%//')
    if [ "$usage" -gt "$THRESHOLD" ]; then
        echo "Warning: Disk usage exceeds $THRESHOLD%"
        return 1
    fi
    return 0
}
main() {
    echo "Starting system check - $(date)" >> "$LOG_FILE"
    if check_disk_usage; then
        echo "Disk check passed" >> "$LOG_FILE"
    else
        echo "Disk space insufficient!" >> "$LOG_FILE"
        mail -s "Disk Space Alert" [email protected] < "$LOG_FILE"
    fi
}
main "$@"

8.2 Practical Script Examples

# Batch server inspection script
#!/bin/bash
SERVERS="server1 server2 server3"
for server in $SERVERS; do
    echo "Checking server: $server"
    ssh $server <<'EOF'
        echo "=== Disk Usage ==="
        df -h
        echo "=== Memory Usage ==="
        free -h
        echo "=== CPU Load ==="
        uptime
        echo "=== Critical Services ==="
        systemctl status nginx postgresql redis
EOF
    echo "------------------------"
done

Chapter 9: Backup and Recovery

9.1 Backup Strategies

# Incremental rsync backup
rsync -avz --delete /source/ /backup/
# Tar archive with date
tar -czf backup-$(date +%Y%m%d).tar.gz /important/data/
# Database dumps
mysqldump -u root -p database > backup.sql
pg_dump database > backup.sql

9.2 Automated Backup Script

#!/bin/bash
BACKUP_ROOT="/backup"
TODAY=$(date +%Y%m%d)
# Database backup
backup_database() {
    echo "Starting database backup..."
    mysqldump --all-databases > "$BACKUP_ROOT/db/mysql_$TODAY.sql"
    gzip "$BACKUP_ROOT/db/mysql_$TODAY.sql"
    find "$BACKUP_ROOT/db" -name "mysql_*.sql.gz" -mtime +7 -delete
}
# File incremental backup
backup_files() {
    echo "Starting file backup..."
    rsync -avz --backup --backup-dir="$BACKUP_ROOT/incremental/$TODAY" \
        --exclude='*.log' --exclude='cache/*' /var/www/ "$BACKUP_ROOT/current/"
}
# Remote sync
sync_to_remote() {
    echo "Syncing to remote backup server..."
    rsync -avz "$BACKUP_ROOT/" backup@remote-server:/backup/
}
backup_database
backup_files
sync_to_remote
echo "Backup completed: $(date)"

Chapter 10: Container Deployment

10.1 Docker Basics

# Image management
docker images
docker pull nginx:latest
docker build -t myapp:v1 .
# Container operations
docker run -d -p 80:80 nginx
docker ps
docker logs <container_id>
docker exec -it <container_id> bash
# Cleanup
docker system prune -a

10.2 Docker Compose

# docker-compose.yml example
version: '3.8'
services:
  web:
    image: nginx:alpine
    ports:
      - "80:80"
    volumes:
      - ./html:/usr/share/nginx/html
    depends_on:
      - app
  app:
    build: .
    environment:
      - DATABASE_URL=postgresql://db:5432/myapp
    depends_on:
      - db
  db:
    image: postgres:13
    environment:
      - POSTGRES_PASSWORD=secret
    volumes:
      - db_data:/var/lib/postgresql/data
volumes:
  db_data:

Chapter 11: Monitoring and Alerting

11.1 System Monitoring Script

#!/bin/bash
# Comprehensive monitoring script
WEBHOOK_URL="https://hooks.slack.com/services/xxx"
LOG_FILE="/var/log/monitor.log"
send_alert() {
    local message="$1"
    local severity="$2"
    echo "[$(date '+%Y-%m-%d %H:%M:%S')] [$severity] $message" >> "$LOG_FILE"
    curl -X POST "$WEBHOOK_URL" -H 'Content-Type: application/json' -d "{\"text\":\"🚨 [$severity] $message\"}"
}
check_web_service() {
    local rt=$(curl -o /dev/null -s -w '%{time_total}' http://localhost)
    if (( $(echo "$rt > 2" | bc -l) )); then
        send_alert "Web response time too high: ${rt}s" "WARNING"
    fi
}
check_disk_space() {
    local usage=$(df -h / | awk 'NR==2 {print $(NF-1)}' | sed 's/%//')
    if [ "$usage" -gt 80 ]; then
        send_alert "Disk usage alert: ${usage}%" "CRITICAL"
    fi
}
check_database() {
    if ! mysql -h localhost -u monitor -ppassword -e "SELECT 1" >/dev/null 2>&1; then
        send_alert "Database connection failed" "CRITICAL"
    fi
}
while true; do
    check_web_service
    check_disk_space
    check_database
    sleep 60
done

11.2 Log Monitoring and Alerts

#!/bin/bash
LOG_FILE="/var/log/application.log"
PATTERN="ERROR|CRITICAL|FATAL"
LAST_CHECK_FILE="/tmp/last_log_check"
if [ -f "$LAST_CHECK_FILE" ]; then
    LAST_SIZE=$(cat "$LAST_CHECK_FILE")
else
    LAST_SIZE=0
fi
CURRENT_SIZE=$(stat -c%s "$LOG_FILE")
if [ "$CURRENT_SIZE" -gt "$LAST_SIZE" ]; then
    tail -c +$((LAST_SIZE+1)) "$LOG_FILE" | grep -E "$PATTERN" | while read -r line; do
        echo "Found error log: $line"
        # Add alerting here
    done
fi
echo "$CURRENT_SIZE" > "$LAST_CHECK_FILE"

Chapter 12: Performance Optimization

12.1 Kernel Parameter Tuning

# /etc/sysctl.conf optimizations
net.core.somaxconn = 65535
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_tw_reuse = 1
vm.swappiness = 10
vm.dirty_ratio = 15
vm.dirty_background_ratio = 5
fs.file-max = 2097152
fs.nr_open = 1048576
sysctl -p

12.2 Nginx Optimization

# /etc/nginx/nginx.conf performance tweaks
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 65535;

events {
    worker_connections 65535;
    use epoll;
    multi_accept on;
}

http {
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    keepalive_requests 100;
    gzip on;
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_types text/plain text/css text/xml application/json application/javascript;
    open_file_cache max=2000 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 2;
}

Chapter 13: Troubleshooting Techniques

13.1 System Hang Diagnosis

# Check load, memory, I/O, network, logs, D‑state processes
uptime
top -b -n 1
free -h
vmstat 1 5
iostat -x 1 5
iotop -b -n 1
ss -s
netstat -i
dmesg | tail -50
journalctl -xe
ps aux | grep " D "

13.2 Application Fault Diagnosis

# Java debugging
jstack <pid>
jmap -heap <pid>
jstat -gcutil <pid> 1000
# Database connection checks
netstat -an | grep 3306 | wc -l
mysql -e "show processlist"
# Web service checks
curl -I http://localhost
ab -n 1000 -c 10 http://localhost/

Chapter 14: Security Hardening

14.1 Basic Security Settings

# SSH hardening (/etc/ssh/sshd_config)
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
Port 22022
# Restrict su to wheel group
echo "auth required pam_wheel.so use_uid" >> /etc/pam.d/su
# Password policy (/etc/security/pwquality.conf)
minlen = 12
dcredit = -1
ucredit = -1
lcredit = -1
ocredit = -1

14.2 Intrusion Detection

# Install and initialize AIDE
apt-get install aide
aide --init
mv /var/lib/aide/aide.db.new /var/lib/aide/aide.db
aide --check
# Suspicious process check
ps aux | grep -v "^\[" | awk '{print $11}' | xargs -I {} ls -la {} 2>/dev/null | grep -v "^/"
# Network connections
netstat -tulpn | grep LISTEN
lsof -i -P -n | grep LISTEN

Chapter 15: Automation Tools

15.1 Ansible Quick Start

# inventory file
[webservers]
web1 ansible_host=192.168.1.10
web2 ansible_host=192.168.1.11

[dbservers]
db1 ansible_host=192.168.1.20

# playbook.yml
---
- name: Deploy web application
  hosts: webservers
  become: yes
  tasks:
    - name: Install Nginx
      apt:
        name: nginx
        state: present
    - name: Copy configuration file
      template:
        src: nginx.conf.j2
        dest: /etc/nginx/nginx.conf
      notify: restart nginx
    - name: Ensure service is running
      service:
        name: nginx
        state: started
        enabled: yes

handlers:
  - name: restart nginx
    service:
      name: nginx
      state: restarted

15.2 CI/CD Pipeline Example

# .gitlab-ci.yml example
stages:
  - test
  - build
  - deploy

test:
  stage: test
  script:
    - npm test
    - npm run lint

build:
  stage: build
  script:
    - docker build -t myapp:$CI_COMMIT_SHA .
    - docker push myapp:$CI_COMMIT_SHA

deploy:
  stage: deploy
  script:
    - ssh deploy@server "docker pull myapp:$CI_COMMIT_SHA"
    - ssh deploy@server "docker stop myapp || true"
    - ssh deploy@server "docker run -d --name myapp -p 80:80 myapp:$CI_COMMIT_SHA"
  only:
    - main

Conclusion

The guide emphasizes continuous learning, hands‑on practice, and building a personal knowledge base to become an effective Linux system administrator.