Thursday, April 27, 2017

locate command examples in linux ?

When you need to search for some files, you might typically use find command. find is a good search utility but it is slow.
However locate can search for files very quickly.
Though the locate command works very fast, it still has not out-thrown the find command because it has some limitations.
This article explains everything you need to know about locate command .

How Locate Command Works? – updatedb and updatedb.conf

When we say that locate searches very quickly, then the first question that comes into mind is that what makes locate so fast?.
Well, locate does not search the files on disk rather it searches for file paths in a database.
The database is a file that contains information about the files and their path on your system. The locate database file is located at:
/var/lib/mlocate/mlocate.db
The next logical question is, what keeps this mlocate database updated?
Well, there is another utility known as updatedb. When you execute updatedb, it scans the whole system and updates the mlocate.db database file.
So one limitation of the ‘locate’ command is its dependency on the database which can be updated by another utility ‘updatedb’. Hence, in order to get the latest and reliable results from ‘locate’ command the database on which it works should be updated at regular intervals.
We can also configure the ‘updatedb’ utility as per our needs. This can be achieved by updating the updatedb.conf. This is a configuration file that updatedb reads before updating the database. updatedb.conf is located under /etc/ :

# cat /etc/updatedb.conf
PRUNE_BIND_MOUNTS="yes"
PRUNENAMES=".git .bzr .hg .svn"
PRUNEPATHS="/tmp /var/spool /media"
PRUNEFS="NFS nfs nfs4 rpc_pipefs afs binfmt_misc proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs shfs sysfs cifs lustre_lite tmpfs usbfs udf fuse.glusterfs fuse.sshfs ecryptfs fusesmb devtmpfs"

updatedb.conf file contains information in the form of VARIABLES=VALUES. These variables can be classified into :
    PRUNEFS : A  whitespace-separated  list of file system types (as used in /etc/mtab) which should not be scanned by updatedb.  The file system type matching is case-insensitive.  By default, no file system types are skipped. When scanning a file system is skipped, all file systems mounted in the subtree are skipped too, even if their  type  does  not  match  any entry in PRUNEFS.
    PRUNENAMES : A  whitespace-separated list of directory names (without paths) which should not be scanned by updatedb.  By default, no directory names are skipped. Note that only directories can be specified, and no pattern mechanism (e.g.  globbing) is used.
    PRUNEPATHS : A whitespace-separated list of path names of directories which should not be scanned by updatedb.  Each path name must be exactly in the form in which the directory would be reported by locate.  By default, no paths are skipped.
    PRUNE_BIND_MOUNTS :  One  of  the  strings  0,  no,  1  or yes.  If PRUNE_BIND_MOUNTS is 1 or yes, bind mounts are not scanned by updatedb.  All file systems mounted in the subtree of a bind mount are skipped as well, even if they are not bind mounts. By default, bind mounts are not skipped.
Note that all of the above configuration information can also be changed or updated through the command line options to the utility ‘updatedb’.


Practical Examples of Locate Command

1. Search a File using locate

To search a particular file using locate, just do the following
srini@linuxforfreshers.com:~$ locate mysql.conf
/etc/init/mysql.conf

The following command searches for apache2.conf in the entire system.
srini@linuxforfreshers.com:~$ locate apache2.conf
/etc/apache2/apache2.conf

You can also use “locate -0” to display all the output in one line. For example:
 Locate -0 apache2.conf

2. Display only the Count

To get the count of number of matching entry, use locate -c as shown below.
srini@linuxforfreshers.com:~$ locate -c apache2.conf
1

3.Restrict the Locate Output

In the following example, locate command displayed several entries.
$ locate passwd
/etc/passwd
/etc/passwd-
/etc/dovecot/conf.d/auth-passwdfile.conf.ext
/etc/pam.d/passwd
/etc/security/opasswd
/etc/vsftpd/passwd
/lib64/security/pam_unix_passwd.so
/usr/bin/gpasswd
/usr/bin/htpasswd
/usr/bin/ldappasswd
/usr/bin/mksmbpasswd.sh
/usr/bin/passwd
If you want to display only certain number of records, use locate -l option and specify how many records you want to see in the locate command output.
For example, the following displays only 5 records (Even when locate command finds several records..)
srini@linuxforfreshers.com:~$ locate -l 5 passwd
/etc/passwd
/etc/passwd-
/etc/alternatives/vncpasswd
/etc/alternatives/vncpasswd.1.gz
/etc/cron.daily/passwd

4. Ignore Case in Locate Output

The locate command by default is configured to accept the file name in a case sensitive manner. In order to make the results case insensitive, we can use the -i option :
In the following example, we created two files with both lowercase and uppercase.
# cd /tmp
# touch new.txt NEW.txt

# updatedb
If you use the locate command only with the lowercase, it will find only the lowercase file.
# locate new.txt
/tmp/new.txt
Use locate -i, which will ignore case, and look for both lowercase and uppercase file.
$ locate -i new.txt
/tmp/NEW.txt
/tmp/new.txt
/usr/share/doc/samba-common/WHATSNEW.txt.gz




Tuesday, April 25, 2017

How to run a program on specific CPU core on linux ?

Now i am using watch command set  taskset to core 3.
Before going set the taskset first find out the pid of the particular process using following commands.

[root@linuxforfreshers.com~]# ps -ef | grep watch
root     14063 27683  0 16:29 pts/47   00:00:00 watch -db ifconfig
root     14172 14070  0 16:30 pts/49   00:00:00 grep --color=auto watch

or

[root@linuxforfreshers.com~]# pidof watch
14063

Example:

[root@linuxforfreshers.com~]# taskset 03 -p 14063

Verifying

[root@linuxforfreshers.com~]# taskset -p 14063
pid 14063's current affinity mask: 3

or

ps -o pid,psr,comm -p <pid>

Example:

[root@linuxforfreshers.com~]#  ps -o pid,psr,comm -p 14063
  PID PSR COMMAND
14063   3 watch

If u want to bind the particular process to particular core u can use following command.

taskset -pc 1 <PID>

Example:
[root@linuxforfreshers.com~]# taskset -pc 1 14063

Where p is -p, --pid
              Operate on an existing PID and do not launch a new task.
             -c, --cpu-list
              Specify a numerical list of processors instead of a bitmask.  The numbers are       separated by commas and may include ranges.  For example: 0,5,7,9-11.

Verifying

[root@linuxforfreshers.com~]# ps -o pid,psr,comm -p 14063
  PID PSR COMMAND
14063   1 watch

Or

[root@linuxforfreshers.com~]# taskset -p 14063
pid 14063's current affinity mask: 1


If We want to dedicate a whole CPU core to a particular program and no other then your process should use this core.
Then use "isolcpus" kernel parameter in grub option.

GRUB_CMDLINE_LINUX_DEFAULT="cpuidle.off=1 idle=poll isolcpus=1-5 nohz_full=5 maxcpus=6"

update-grub

Note: below are meaning

cpuidle.off=1 (Do not make cpu idle)
isolcpus=5  (Isolate cpu core are 1-5)
maxcpus=6 (Use only 6 core (out of 8 cores of system)) 
idle=poll (Poll forces a polling idle loop)

Sunday, April 16, 2017

Linux Common Interview Questions and Answers ?

Q.0 What does the last two sections define in fstab file?

Ans: The 5th column tells the dump information if whether the partition has to be backed up. It it is "0" the filesystem will be ignored
The 6th column tells the order in which fsck command would check the filesystem on boot. If it is "0" then fsck won't check the filesystem

Q:1 How To check the uptime of a Linux Server ?

Ans: Using uptime command we can determine how long a linux box has been running , also uptime can be viewed by the top & w command.

Q:2 How to check which Redhat version is installed on Server ?

Ans: Use the command cat /etc/redhat-release , output of this command will tell you the redhat version.

Q:3 How to install rpm packages in Redhat & CentOS linux ?

Ans: rpm and yum command are used to install packages in redhat linux and CentOS.

Q:4 How to check the ip address of LAN Card ?

Ans: Using ‘ifconfig’ & ‘ip address’ command we can determine the ip address of LAN Card.

Q:5 How to determine the hostname of a linux box ?

Ans: On typing the hostname command on terminal we can determine the hostname of a linux server.

Q:6 How To check the default gatway ?

Ans: Using ‘route -n’ command we can determine the default gateway in linux.

Q:7 Which Command is used to check the kernel Version ?

Ans: ‘uname -r’

Q:8 How to check the current runlevel of a linux box ?

Ans : ‘who -r’ and ‘runlevel’ , both of these command are used to find current run level.

Q:9 What is Initrd ?

Ans: Initrd stands for initial ram disk , which contains the temporary root filesystem and neccessary modules which helps in mounting the real root filesystem in read mode only.

Q:10 What is Bootloader ?

Ans: Bootloader is a program that boots the operating system and decides from which kernel OS will boot.

Q:11 How to list hidden files from the command line ?

Ans: ‘ls -a’ <Folder_Name>

Q:12 What is soft link ?

Ans: Soft link is a method to create short cuts in linux. It is similar to windows short cut feature.

Q:13 How to create a blank file in linux from command line ?

Ans: Using the command ‘touch <file-name>’

Q:14 What is run level 2 ?

Ans: Run level 2 is the multi-user mode without networking.

Q:15 Why linux is called OpenSource ?

Ans: Because One can customize the existing code and can redistribute it.

Q:16 How to check all the installed Kernel modules ?

Ans: Using the Command ‘lsmod’ we can see the installed kernel modules.

Q:17 What is the default uid & gid of root user ?

Ans: Default uid & gid of root user is 0.

Q:18 How To change the password of user from the Command Line ?

Ans: ‘passwd <User-Name>’

Q:19 What is a Process ?

Ans: Any program in execution is called a process.

Q:20 What is name of first process in linux ?

Ans: ‘init’ is the first process in linux which is started by kernel and whose pid is 1.


How to find out from which folder a process is running on linux ?

First step find out the pid of the particular process.
Example:

deb@linuxforfreshers.com:~$ pidof chrome

15499

Or

deb@linuxforfreshers.com:~$ ps -ef | grep chrome
deb     15499 15410  0 07:46 ?        00:02:33 /opt/google/chrome/chrome

Note: In above line second filed is pid number.

Method 1:
Using pwdx command.
Syntax:
pwdx  pid_number

Example:

deb@linuxforfreshers.com:~$ pwdx 15499
15499: /home/deb

Method 2:

Using lsof command.
Syntax: lsof -p PID | grep cwd

Example:

deb@linuxforfreshers.com:~$ lsof -p 15499| grep cwd
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /home/deb/.gvfs
      Output information may be incomplete.
chrome  15499 deb  cwd    DIR                8,6      4096  5767170 /home/deb

Method 3:

Using readlink command
Syntax: readlink -e /proc/PID/cwd

Example:

deb@linuxforfreshers.com:~$ readlink -e /proc/15499/cwd
/home/deb

Method 4:

Using ls command
Syntax: ls -l /proc/<PID>/cwd

Example:
deb@linuxforfreshers.com:~$ ls -l /proc/15499/cwd
lrwxrwxrwx 1 deb deb 0 Apr 13 16:21 /proc/15499/cwd -> /home/deb

Method 5:

Using ps command
Syntax : ps auxwwwe | grep process_name


It will give all the list of process running from current directory.

Tuesday, March 21, 2017

lsof command exapmles in linux ?

lsof a utility command every system admin and developer love. The lsof command stands for list open file descriptors and as the name suggest, it is used to find open files by process. Since almost everything in UNIX are file, you can use lsof command to find an open regular file, a directory, a symbolic link, a block special file, a NFS mounted file, a socket stream, a shared library, a character special file, a regular pipe, a named pipe, an internet socket, a UNIX domain socket and many others. It's an incredibly useful tool to do debugging and troubleshooting in UNIX and Linux environment. Since most of the production system runs on the UNIX-based operating system, knowledge of this tool become even more important.


lsof command generally comes pre-installed in many UNIX system. If you are getting -bash: lsof: command not found an error while using lsof then it could be that lsof is not in your PATH. just check /usr/bin or /usr/sbin folder for this command. If you don't find there then you can install it from source or you can ask your UNIX admin to do that for you.

1)      How to list all open files by all process

syntax: lsof

Simply running lsof without any argument print all opened file and process. This is not particularly useful but a good starting point.

Example:

dev@linuxforfreshers.com:~$ lsof | tail -10
tail      23119                  dev   1u      CHR             136,52       0t0       55 /dev/pts/52
tail      23119                  dev   2u      CHR             136,52       0t0       55 /dev/pts/52
lsof      23120                  dev cwd       DIR                8,6      4096  5767170 /home/dev
lsof      23120                  dev rtd       DIR                8,6      4096        2 /
lsof      23120                  dev txt       REG                8,6    163224 28574379 /usr/bin/lsof
lsof      23120                  dev mem       REG                8,6   7216688 28580440 /usr/lib/locale/locale-archive
lsof      23120                  dev mem       REG                8,6   1840928  2622444 /lib/x86_64-linux-gnu/libc-2.19.so
lsof      23120                  dev mem       REG                8,6    149120  2622402 /lib/x86_64-linux-gnu/ld-2.19.so
lsof      23120                  dev   4r     FIFO               0,10       0t0  2094341 pipe
lsof      23120                  dev   7w     FIFO               0,10       0t0  2094342 pipe

2) How to list all process which has opened a file

Syntax: lsof /home/someuser/somefile

will list all the process which has opened this file. you can see the command, PID, user and full file path to find out the process.

Example:

dev@linuxforfreshers.com:~$ lsof /home/dev/ | grep ssh
ssh        8222 dev cwd    DIR    8,6     4096 5767170 /home/dev
ssh.expec  8266 dev cwd    DIR    8,6     4096 5767170 /home/dev
ssh.expec  8268 dev cwd    DIR    8,6     4096 5767170 /home/dev
ssh.expec  8274 dev cwd    DIR    8,6     4096 5767170 /home/dev

3) How to find all opened files by a user

You can use lsof -u command to list all opened file by a user as shown below
Syntax: lsof -u username

Example:          

dev@linuxforfreshers.com:~$ lsof -u dev| tail -10
lsof      23353 dev txt       REG                8,6    163224 28574379 /usr/bin/lsof
lsof      23353 dev mem       REG                8,6     43616  2622456 /lib/x86_64-linux-gnu/libnss_files-2.19.so
lsof      23353 dev mem       REG                8,6     47760  2622438 /lib/x86_64-linux-gnu/libnss_nis-2.19.so
lsof      23353 dev mem       REG                8,6     97296  2622400 /lib/x86_64-linux-gnu/libnsl-2.19.so
lsof      23353 dev mem       REG                8,6     39824  2622399 /lib/x86_64-linux-gnu/libnss_compat-2.19.so
lsof      23353 dev mem       REG                8,6   7216688 28580440 /usr/lib/locale/locale-archive
lsof      23353 dev mem       REG                8,6   1840928  2622444 /lib/x86_64-linux-gnu/libc-2.19.so
lsof      23353 dev mem       REG                8,6    149120  2622402 /lib/x86_64-linux-gnu/ld-2.19.so
lsof      23353 dev   4r     FIFO               0,10       0t0  2119980 pipe
lsof      23353 dev   7w     FIFO               0,10       0t0  2119981 pipe

4) How to list all files opened by a particular command
You can use lsof -c option to provide name of command and list down all the files opened by that command, for example, to list all file opened by mysql process, you can do this :
Syntax : lsof -c process_name


Example :
root@linuxforfreshers.com:~# lsof -c mysql | tail -10
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
      Output information may be incomplete.
mysqld  2149 mysql   54u   REG                8,6     1024 16515193 /var/lib/mysql/mysql/time_zone.MYI
mysqld  2149 mysql   55u   REG                8,6        0 16515194 /var/lib/mysql/mysql/time_zone.MYD
mysqld  2149 mysql   56u   REG                8,6     1024 16515202 /var/lib/mysql/mysql/time_zone_leap_second.MYI
mysqld  2149 mysql   57u   REG                8,6        0 16515203 /var/lib/mysql/mysql/time_zone_leap_second.MYD
mysqld  2149 mysql   58u   REG                8,6     1024 16515190 /var/lib/mysql/mysql/time_zone_name.MYI
mysqld  2149 mysql   59u   REG                8,6        0 16515191 /var/lib/mysql/mysql/time_zone_name.MYD
mysqld  2149 mysql   60u   REG                8,6     1024 16515196 /var/lib/mysql/mysql/time_zone_transition.MYI
mysqld  2149 mysql   61u   REG                8,6        0 16515197 /var/lib/mysql/mysql/time_zone_transition.MYD
mysqld  2149 mysql   62u   REG                8,6     1024 16515199 /var/lib/mysql/mysql/time_zone_transition_type.MYI
mysqld  2149 mysql   63u   REG                8,6        0 16515200 /var/lib/mysql/mysql/time_zone_transition_type.MYD

Example 2:
root@linuxforfreshers.com:~# lsof -c chrome| tail -10
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
      Output information may be incomplete.
chrome  22949 dev  74u      REG               0,22   4198400      167 /run/shm/.com.google.Chrome.frd729 (deleted)
chrome  22949 dev  75r      REG                8,6    333900  3670118 /usr/share/fonts/truetype/msttcorefonts/Times_New_Roman_Bold.ttf
chrome  22949 dev  78r      REG                8,6    123828  3670122 /usr/share/fonts/truetype/msttcorefonts/Trebuchet_MS_Bold.ttf
chrome  22949 dev  79r      REG                8,6    136032  3670125 /usr/share/fonts/truetype/msttcorefonts/Verdana_Bold.ttf
chrome  22949 dev  80u      REG               0,22   4198400       27 /run/shm/.com.google.Chrome.reBCyQ (deleted)
chrome  22949 dev  81r      REG                8,6    123828  3670122 /usr/share/fonts/truetype/msttcorefonts/Trebuchet_MS_Bold.ttf
chrome  22949 dev  86u      REG               0,22   4198400      172 /run/shm/.com.google.Chrome.opHb4S (deleted)
chrome  22949 dev  87r      REG                8,6    330412  3670117 /usr/share/fonts/truetype/msttcorefonts/Times_New_Roman.ttf
chrome  22949 dev  90r      REG                8,6    330412  3670117 /usr/share/fonts/truetype/msttcorefonts/Times_New_Roman.ttf
chrome  22949 dev 104u      REG               0,22   4198400      193 /run/shm/.com.google.Chrome.Y05n64 (deleted)

5) How to find all files opened by a particular user and command

You can combine users and process name in one lsof command to list down all the files opened by a particular process or a particular user as shown below :

Syntax: $ lsof -u dev -c chrome

root@linuxforfreshers.com:~# lsof -u dev-c chrome | tail -10
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
      Output information may be incomplete.
chrome    22949 dev  74u      REG               0,22   4198400      167 /run/shm/.com.google.Chrome.frd729 (deleted)
chrome    22949 dev  75r      REG                8,6    333900  3670118 /usr/share/fonts/truetype/msttcorefonts/Times_New_Roman_Bold.ttf
chrome    22949 dev  78r      REG                8,6    123828  3670122 /usr/share/fonts/truetype/msttcorefonts/Trebuchet_MS_Bold.ttf
chrome    22949 dev  79r      REG                8,6    136032  3670125 /usr/share/fonts/truetype/msttcorefonts/Verdana_Bold.ttf
chrome    22949 dev  80u      REG               0,22   4198400       27 /run/shm/.com.google.Chrome.reBCyQ (deleted)
chrome    22949 dev  81r      REG                8,6    123828  3670122 /usr/share/fonts/truetype/msttcorefonts/Trebuchet_MS_Bold.ttf
chrome    22949 dev  86u      REG               0,22   4198400      172 /run/shm/.com.google.Chrome.opHb4S (deleted)
chrome    22949 dev  87r      REG                8,6    330412  3670117 /usr/share/fonts/truetype/msttcorefonts/Times_New_Roman.ttf
chrome    22949 dev  90r      REG                8,6    330412  3670117 /usr/share/fonts/truetype/msttcorefonts/Times_New_Roman.ttf
chrome    22949 dev 104u      REG               0,22   4198400      193 /run/shm/.com.google.Chrome.Y05n64 (deleted)

6) How to list all open files by a process using PID
As I told, I mostly use lsof command to find all files opened by a particular process. In order to do that sometimes, I usually use grep command to filter lsof output by PID, but you can also use lsof -p option to do the same, as shown below :

$ lsof -p 17783

will list all files opened by the process with PID 17783.

List users and processes, you can also supply multiple PIDs to find files opened by multiple processes e.g. :

$ lsof -p 17783,17754,17984


7) How to list all network connection
You can use lsof - i option to find all open network connections which is nothing but open internet sockets (TCP and UDP), for example

Syntax: $ lsof -i

you can further find all TPC connection by using tcp option as shown below :

$ lsof -i tcp

Similarly, to find all open udp connections you can do :

$ lsof -i udp

will list all process with open internet sockets.



8) How to find which process is using a port
Though you can do this with netstat command as well, you would be surprised to know that you can find all process using a particular TCP or UDP port using lsof command.

Syntax: lsof -i :portnumber

Example:

root@linuxforfreshers.com:~# lsof -i :3306
COMMAND  PID  USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
mysqld  2149 mysql   10u  IPv4  12927      0t0  TCP localhost:mysql (LISTEN)


9) To list all open files on device /dev/sda, use:

     Syantax:    lsof /dev/sda

10) To find any open file, including an open UNIX domain socket file, with the name /dev/log, use:

    Syntax:        lsof /dev/log

11)  To find an IP version 4 socket file by its associated numeric dot-form address, use:

 Syntax: lsof -i@ipaddress

Example: lsof -i@192.168.101.1