Debugging
Trace doing of given command ( useful debugging )
truss executableUsing multiple windows, this can be used to trace setuid/setgid programs
truss -f -p <pid of a shell>
Arp, ethernet trouble shooting
Shows the ethernet address arp table
arp -a .Delete a stale ethernet entry for host myhost
arp -d myhost
Disk Commands
Reports disk space used in Kilobytes
du -k .Reports only total disk space used in Kilobytes
du -sk .Tells you how big the /var files are in reverse order
du -ad /var | sort -nrFormat diskette
fdformat -d -UCommand to display drives statistics
/usr/bin/iostat -EMount an ISO 9660 CDROM
/bin/mount -F hsfs -o ro /dev/sr0 /cdromDisk geometry and partitioning info
prtvtoc /dev/rdsk/c0t0d0s2How much space is used by users in kilobytes
quot -af
Driver Parameters
Shows IP variables in the kernel
ndd /dev/ip \?Tells you if forwarding is on (=1)
ndd /dev/ip ip_forwardingEnables IP forwarding between interfaces
ndd -set /dev/ip ip_forwarding 1
File Manipulation
Converts DOS file formats to Unix
dos2unix | -ascii <filename>Split files into pieces
splitSearch and Replace text in vi
[vi] : %s/existing/new/gSet line numbers in vi
[vi] :set nuSet tab stops in vi
[vi] :set ts=[num]
File System
Zero’s out the file without breaking pipe
cat /dev/null > filenameMake a mirror image of your boot disk
dd if=/dev/rdsk/… of=/dev/rdsk/… bs=4096Unmount all file systems in disk group dg
df -k | grep dg| awk ‘{print $6}’ |xargs -n 1 umountCheck a UFS filesystem on c0t0d0s0
fsck -F ufs /dev/rdsk/c0t0d0s0Check answering yes to all questions
fsck -F ufs -y /dev/rdsk/c0t0d0s0Check using an alternate super block
fsck -F ufs -o b=97472 /dev/rdsk/c0t0d0s0Unpack .tar.gz files in place
gzip -dc file1.tar.gz | tar xf –Creating hard links and soft links
ln [-fhns] <source file> <destination file>File sizes of current directory
ls -la | awk ‘{ print $5,” “,$9 }’ | sort -rnMount DOS fdisk partition from Solaris
mount -f pcfs /dev/dsk/c0d0p1 /export/dosUsed to remount root to make it writeable
mount -F ufs -o rw,remount /Re-mount the ro file system rw and turn on ufs logging
mount -o remount,logging /spareCreate a tape (tar) archive
tar cvf filename.tarExtract a tape (tar) archive
tar xvf filename.tarRecursively copy files and their permissions
tar cf – . | (cd /newdir ; tar xf -)Syncs File Systems and Reboots systems fast
/sbin/uadmin x xExtract the patch_file that is a compressed tar file
zcat <patch_file.tar.Z | tar xvf –
File Transfer
Undocumented Feature of FTP
put “| tar cf – .” filename.tarFast alternative to cp -pr
find . -depth | cpio -pdmv /path/tobe/copied/toTransferring large numbers of files within the same ftp control session
sendport
General
Create windex databases for man page directories
/usr/bin/catman -wList out mail headers for specified user
mailx -H -u <username>Set file-completion for csh
set filec
Hardware
Verify reconfigurable hardware resources
cfgadmPrint M64 hardware configuration
m64config -prconfSets the screen depth of your M64 graphics accelerator
m64config -depth 8|24Change the resolution of your M64 graphics accelerator
m64config -res ‘video_mode’
Kernel
Display kernel module information
/usr/sbin/modinfoLoad a kernel module
/usr/sbin/modload <module>Unload a kernel module
/usr/sbin/modunload -i <module id>Tuneable kernel parameters
nm -x /dev/ksyms | grep OBJ | moreShow system kernal tunable details
/usr/sbin/sysdef
Memory
Display Memory Size
prtconf | grep “Memory size”
Network Information
Prints ARP table in cache with IP and MAC address
ndd /dev/arp arp_cache_reportDisplays number active established connections to the localhost
netstat -a | grep EST | wc -lUndocumented netstat command
netstat -k hme0Show the TCP/IP network interfaces
netstat -iSimilar to arp -a without name resolution
netstat -npShow network route table
netstat -rDisplays routing information but bypasses hostname lookup.
netstat -rnShow the state of all sockets
netstat -a | moreFollow the route to the ipaddress
traceroute <ipaddress>
Network/Tuning
Change MTU of interface
ifconfig eth0 mtu 1500Add an Interface
ifconfig eth0 10.1.1.1 netmask 255.255.255.255Virtual Interfaces
/sbin/ifconfig hme0:1 inet 10.210.xx.xxx netmask 255.255.0.0 broadcast 10.210.xxx.xxxBring virtual interface up
/sbin/ifconfig hme0:1 upNailling to 100Mbps
/usr/sbin/ndd -set /dev/hme adv_100fdx_cap 1To set more than 256 virtual ip addresses.
ndd -set /dev/ip ip_addrs_per_if 1-8192Increase TCP-transmitbuffers
ndd -set /dev/tcp tcp_xmit_hiwat 65535Increase TCP-receivebuffers
ndd -set /dev/tcp tcp_recv_hiwat 65535
Processes
Processes that are running from /var
fuser -uc /varHUP any related process in one step
kill -HUP `ps -ef | grep [p]roccess | awk ‘{print $2}’`Shows processes’ current open files
pfiles <pid>Kill a process by name
pkill -n <name>pkill for solaris 2.6
kill `ps -ef | grep program_name | grep -v grep | cut -f8 -d ‘ ‘`An alternative for top command
prstat -aDisplays CPU % usage for each process in ascending order
/usr/ucb/ps -aux | moreGives the full listing of the process (long listing)
/usr/ucb/ps -auxww | grep <process name>Creates list of running PID by
ps -ef | grep -i <string> | awk ‘{ print $2 }’Gives you a list of any process with CPU time more than 0:00
ps -ef | grep -v “0:00” | moreShow all processes running
ps -ef | moreSee which instances of Oracle are running
ps -fu oracle|grep pmonPrint the parent/child process ‘tree’ of a process
/usr/proc/bin/ptree <pid>Print the working directory of a process
/usr/proc/bin/pwdx <pid>Returns the process utilizing the most cpu and quits
top -b 1
Resource Management
List the dynamic dependencies of executable files
/usr/bin/ldd [filename]Report address space map a process occupies
/usr/proc/bin/pmap pid
Route Configuration
Adds route to 128.50 network via 128.50.1.6
route add net 128.50.0.0 128.50.1.6 1Deletes route to 128.50 network
route delete net 128.50.0.0 128.50.1.6Which interface will be used to contact hostname
route get [hostname]Monitors traffic to the routes
route monitorRemoves all entries in the route table
route flush
Searching Items
Search for multiple patterns within the same file
egrep “patterna|patternb” <filename>Find a string in files starting cwd
find . -exec egrep -li “str” {} \;Find without traversing NFS mounted file systems
find / -fstype nfs -prune -o fstype autofs -prune -o -name filename -printFind recently modified files
find . -mtime -1 -type fFind files modified during the past # of days
find / -mtime <# of days>Finds and removes files older than <days> specified
find . ! -mtime -<days> | /usr/bin/xargs rm -rfFind files containing <sub-string> within directory tree
find . -type f -exec grep “<sub-string>” {} \; -printRecursive grep on files
find . -type f -print | xargs grep -i [PATTERN]Find all files owned by <username>
find / -user <username>Fast way to search for files
find / | grep [file mask]Recursively finds files by name and automatically removes them
find <start_path> -name “<file_name>” -exec rm -rf {} \;Find large files held open by a process
find /proc/fd -links 0 -type f -size +2000 -lsFast alternative to find
ls -lR | grep <sub_string>
Security
Stops users logging in
echo ‘Please go away’ > /etc/nologinFind all your writable directories
find / -perm -0777 -type d -lsFind all SGID files
find / -type f -perm -2000 -printfind all SUID files
find / -type f -perm -4000 -print
Set Terminal Options
Sets the Backspace Key to erase
stty erase ^H
Sets the Delete Key to erase
stty erase ^?Rreset terminal after viewing a binary file.
stty saneReset to standard char set
tput rmacs
Snoop Your Network
Watch all network packets on device pcelx0
snoop -d pcelx0Saves packets from device pcelx0 to a file
snoop -o /tmp/mylog pcelx0View packets from logfile between host1 & host2
snoop -i /tmp/mylog host1 host2Show all info on packet number 101 from a logfile
snoop -i /tmp/mylog -v -p101Write a new logfile with all host1 packets
snoop -i /tmp/mylog -o /tmp/newlog host1Return the first 120 bytes in the packet header
snoop -s 120Capture arp broadcasts on your network
snoop -v arp
Swap File
Makes a 10 Megabyte swapfile in /export/disk
mkfile -v 10m /export/disk1/myswapMakes an empty 10 Megabyte swapfile
mkfile -nv 10m /export/disk1/myswap
Swap Space
List the amount of swap space available, also see mkfile
swap -sAdd a swapfile
swap -a /export/disk1/swapfileDeletes a swap device
swap -d /dev/dsk/c0t0d0s4List the current swap devices
swap -l
System Configuration
Changes eeprom autoboot? setting without going to Ok prompt
/usr/sbin/eeprom auto-boot? falseSet the system to perform diagnostics on the next reboot.
/usr/sbin/eeprom diag-switch? trueCheck /etc/group file syntax
/usr/sbin/grpckCheck /etc/passwd file syntax
/usr/sbin/pwckClear host specific network configuration information
/usr/sbin/sys-unconfig
System Information and Monitoring
Report global core
coreadm -e logConvert UNIX timestamp to something human-readable
/bin/echo “0t${stamp}>Y\n<Y=Y” | adbShow eeprom parameters
/usr/sbin/eepromList most recent attempts to switch to superuser account.
grep “\-root” /var/adm/sulog | grep -v \+ | tail -25Quickly checkout if machine is in 32 or 64 bit mode
isainfo -bvTells who was or still is on the system
lastLog the process ID
logger -iShow system configuration details
/usr/sbin/prtconf -vpSystem Diagnostics
/usr/platform/`/bin/uname -i`/sbin/prtdiag -vDisplay number of processors
psrinfo | wc -lProvides cumulative system report.
sar -A <time in sec>Report use of file access system routines.
sar -a <time in sec>Report CPU Utilization
sar -uDisplays system information
uname -aDisplays summary of what the system is doing every 10 seconds
vmstat 10Take the input of “ypcat hosts” or “cat /etc/inet/hosts” and sort by IP.
ypcat hosts | sort -n -t. +0 -1 +1 -2 +2 -3 +3 -4