Unix commands

Debugging

Trace doing of given command ( useful debugging ) 
truss executable

Using multiple windows, this can be used to trace setuid/setgid programs
truss -f -p <pid of a shell>

 

Arp, ethernet trouble shooting

Shows the ethernet address arp table 
arp -a .

Delete a stale ethernet entry for host myhost
arp -d myhost

 

Disk Commands

Reports disk space used in Kilobytes 
du -k .

Reports only total disk space used in Kilobytes
du -sk .

Tells you how big the /var files are in reverse order
du -ad /var | sort -nr

Format diskette 
fdformat -d -U

Command to display drives statistics 
/usr/bin/iostat -E

Mount an ISO 9660 CDROM 
/bin/mount -F hsfs -o ro /dev/sr0 /cdrom

Disk geometry and partitioning info 
prtvtoc /dev/rdsk/c0t0d0s2

How much space is used by users in kilobytes 
quot -af

 

Driver Parameters

Shows IP variables in the kernel 
ndd /dev/ip \?

Tells you if forwarding is on (=1) 
ndd /dev/ip ip_forwarding

Enables IP forwarding between interfaces 
ndd -set /dev/ip ip_forwarding 1

 

File Manipulation

Converts DOS file formats to Unix 
dos2unix | -ascii <filename>

Split files into pieces 
split

Search and Replace text in vi 
[vi] : %s/existing/new/g

Set line numbers in vi 
[vi] :set nu

Set tab stops in vi 
[vi] :set ts=[num]

 

File System

Zero’s out the file without breaking pipe 
cat /dev/null > filename

Make a mirror image of your boot disk 
dd if=/dev/rdsk/… of=/dev/rdsk/… bs=4096

Unmount all file systems in disk group dg 
df -k | grep dg| awk ‘{print $6}’ |xargs -n 1 umount

Check a UFS filesystem on c0t0d0s0 
fsck -F ufs /dev/rdsk/c0t0d0s0

Check answering yes to all questions 
fsck -F ufs -y /dev/rdsk/c0t0d0s0

Check using an alternate super block 
fsck -F ufs -o b=97472 /dev/rdsk/c0t0d0s0

Unpack .tar.gz files in place 
gzip -dc file1.tar.gz | tar xf –

Creating hard links and soft links
ln [-fhns] <source file> <destination file>

File sizes of current directory 
ls -la | awk ‘{ print $5,” “,$9 }’ | sort -rn

Mount DOS fdisk partition from Solaris 
mount -f pcfs /dev/dsk/c0d0p1 /export/dos

Used to remount root to make it writeable
mount -F ufs -o rw,remount /

Re-mount the ro file system rw and turn on ufs logging 
mount -o remount,logging /spare

Create a tape (tar) archive 
tar cvf filename.tar

Extract a tape (tar) archive 
tar xvf filename.tar

Recursively copy files and their permissions 
tar cf – . | (cd /newdir ; tar xf -)

Syncs File Systems and Reboots systems fast 
/sbin/uadmin x x

Extract the patch_file that is a compressed tar file
zcat <patch_file.tar.Z | tar xvf –

 

File Transfer

Undocumented Feature of FTP 
put “| tar cf – .” filename.tar

Fast alternative to cp -pr 
find . -depth | cpio -pdmv /path/tobe/copied/to

Transferring large numbers of files within the same ftp control session 
sendport

 

General

Create windex databases for man page directories 
/usr/bin/catman -w

List out mail headers for specified user 
mailx -H -u <username>

Set file-completion for csh 
set filec

 

Hardware

Verify reconfigurable hardware resources 
cfgadm

Print M64 hardware configuration 
m64config -prconf

Sets the screen depth of your M64 graphics accelerator 
m64config -depth 8|24

Change the resolution of your M64 graphics accelerator 
m64config -res ‘video_mode’

 

Kernel

Display kernel module information 
/usr/sbin/modinfo

Load a kernel module 
/usr/sbin/modload <module>

Unload a kernel module 
/usr/sbin/modunload -i <module id>

Tuneable kernel parameters
nm -x /dev/ksyms | grep OBJ | more

Show system kernal tunable details 
/usr/sbin/sysdef

 

Memory

Display Memory Size 
prtconf | grep “Memory size”

 

Network Information

Prints ARP table in cache with IP and MAC address 
ndd /dev/arp arp_cache_report

Displays number active established connections to the localhost 
netstat -a | grep EST | wc -l

Undocumented netstat command 
netstat -k hme0

Show the TCP/IP network interfaces
netstat -i

Similar to arp -a without name resolution
netstat -np

Show network route table 
netstat -r

Displays routing information but bypasses hostname lookup. 
netstat -rn

Show the state of all sockets 
netstat -a | more

Follow the route to the ipaddress 
traceroute <ipaddress>

 

Network/Tuning

Change MTU of interface 
ifconfig eth0 mtu 1500

Add an Interface 
ifconfig eth0 10.1.1.1 netmask 255.255.255.255

Virtual Interfaces 
/sbin/ifconfig hme0:1 inet 10.210.xx.xxx netmask 255.255.0.0 broadcast 10.210.xxx.xxx

Bring virtual interface up 
/sbin/ifconfig hme0:1 up

Nailling to 100Mbps 
/usr/sbin/ndd -set /dev/hme adv_100fdx_cap 1

To set more than 256 virtual ip addresses. 
ndd -set /dev/ip ip_addrs_per_if 1-8192

Increase TCP-transmitbuffers 
ndd -set /dev/tcp tcp_xmit_hiwat 65535

Increase TCP-receivebuffers 
ndd -set /dev/tcp tcp_recv_hiwat 65535

 

Processes

Processes that are running from /var 
fuser -uc /var

HUP any related process in one step 
kill -HUP `ps -ef | grep [p]roccess | awk ‘{print $2}’`

Shows processes’ current open files 
pfiles <pid>

Kill a process by name 
pkill -n <name>

pkill for solaris 2.6 
kill `ps -ef | grep program_name | grep -v grep | cut -f8 -d ‘ ‘`

An alternative for top command 
prstat -a

Displays CPU % usage for each process in ascending order 
/usr/ucb/ps -aux | more

Gives the full listing of the process (long listing) 
/usr/ucb/ps -auxww | grep <process name>

Creates list of running PID by 
ps -ef | grep -i <string> | awk ‘{ print $2 }’

Gives you a list of any process with CPU time more than 0:00
ps -ef | grep -v “0:00” | more

Show all processes running 
ps -ef | more

See which instances of Oracle are running 
ps -fu oracle|grep pmon

Print the parent/child process ‘tree’ of a process 
/usr/proc/bin/ptree <pid>

Print the working directory of a process 
/usr/proc/bin/pwdx <pid>

Returns the process utilizing the most cpu and quits 
top -b 1

 

Resource Management

List the dynamic dependencies of executable files 
/usr/bin/ldd [filename]

Report address space map a process occupies 
/usr/proc/bin/pmap pid

 

Route Configuration

Adds route to 128.50 network via 128.50.1.6 
route add net 128.50.0.0 128.50.1.6 1

Deletes route to 128.50 network 
route delete net 128.50.0.0 128.50.1.6

Which interface will be used to contact hostname 
route get [hostname]

Monitors traffic to the routes 
route monitor

Removes all entries in the route table 
route flush

 

Searching Items

Search for multiple patterns within the same file 
egrep “patterna|patternb” <filename>

Find a string in files starting cwd 
find . -exec egrep -li “str” {} \;

Find without traversing NFS mounted file systems 
find / -fstype nfs -prune -o fstype autofs -prune -o -name filename -print

Find recently modified files
find . -mtime -1 -type f

Find files modified during the past # of days 
find / -mtime <# of days>

Finds and removes files older than <days> specified
find . ! -mtime -<days> | /usr/bin/xargs rm -rf

Find files containing <sub-string> within directory tree 
find . -type f -exec grep “<sub-string>” {} \; -print

Recursive grep on files 
find . -type f -print | xargs grep -i [PATTERN]

Find all files owned by <username> 
find / -user <username>

Fast way to search for files 
find / | grep [file mask]

Recursively finds files by name and automatically removes them 
find <start_path> -name “<file_name>” -exec rm -rf {} \;

Find large files held open by a process 
find /proc/fd -links 0 -type f -size +2000 -ls

Fast alternative to find 
ls -lR | grep <sub_string>

 

Security

Stops users logging in 
echo ‘Please go away’ > /etc/nologin

Find all your writable directories 
find / -perm -0777 -type d -ls

Find all SGID files 
find / -type f -perm -2000 -print

find all SUID files 
find / -type f -perm -4000 -print

 

Set Terminal Options

 

Sets the Backspace Key to erase 
stty erase ^H

 

Sets the Delete Key to erase 
stty erase ^?

Rreset terminal after viewing a binary file. 
stty sane

Reset to standard char set 
tput rmacs

 

Snoop Your Network

Watch all network packets on device pcelx0 
snoop -d pcelx0

Saves packets from device pcelx0 to a file 
snoop -o /tmp/mylog pcelx0

View packets from logfile between host1 & host2 
snoop -i /tmp/mylog host1 host2

Show all info on packet number 101 from a logfile 
snoop -i /tmp/mylog -v -p101

Write a new logfile with all host1 packets 
snoop -i /tmp/mylog -o /tmp/newlog host1

Return the first 120 bytes in the packet header 
snoop -s 120

Capture arp broadcasts on your network 
snoop -v arp

 

Swap File

Makes a 10 Megabyte swapfile in /export/disk 
mkfile -v 10m /export/disk1/myswap

Makes an empty 10 Megabyte swapfile 
mkfile -nv 10m /export/disk1/myswap

 

Swap Space

List the amount of swap space available, also see mkfile
swap -s

Add a swapfile 
swap -a /export/disk1/swapfile

Deletes a swap device 
swap -d /dev/dsk/c0t0d0s4

List the current swap devices
swap -l

 

System Configuration

Changes eeprom autoboot? setting without going to Ok prompt 
/usr/sbin/eeprom auto-boot? false

Set the system to perform diagnostics on the next reboot. 
/usr/sbin/eeprom diag-switch? true

Check /etc/group file syntax 
/usr/sbin/grpck

Check /etc/passwd file syntax 
/usr/sbin/pwck

Clear host specific network configuration information 
/usr/sbin/sys-unconfig

 

System Information and Monitoring

Report global core 
coreadm -e log

Convert UNIX timestamp to something human-readable 
/bin/echo “0t${stamp}>Y\n<Y=Y” | adb

Show eeprom parameters 
/usr/sbin/eeprom

List most recent attempts to switch to superuser account. 
grep “\-root” /var/adm/sulog | grep -v \+ | tail -25

Quickly checkout if machine is in 32 or 64 bit mode 
isainfo -bv

Tells who was or still is on the system
last

Log the process ID
logger -i

Show system configuration details 
/usr/sbin/prtconf -vp

System Diagnostics 
/usr/platform/`/bin/uname -i`/sbin/prtdiag -v

Display number of processors 
psrinfo | wc -l

Provides cumulative system report. 
sar -A <time in sec>

Report use of file access system routines. 
sar -a <time in sec>

Report CPU Utilization 
sar -u

Displays system information 
uname -a

Displays summary of what the system is doing every 10 seconds 
vmstat 10

Take the input of “ypcat hosts” or “cat /etc/inet/hosts” and sort by IP.
ypcat hosts | sort -n -t. +0 -1 +1 -2 +2 -3 +3 -4