Top 10 Items in the Linux Admin Toolkit

Joe Barr writes "Joe 'Zonker' Brockmeier has listed his favorite top ten tools for Linux system administration in a story on Linux.com, one of Slashdot's sister sites." From the site: " Since I spend a lot of my time working with text files, either when I'm writing and editing or when I'm mucking with configuration files and shell scripts, I've become very attached to my editor of choice -- Vim. Over the years, I've tried a lot of other editors, but none of them has been sufficient to coax me away from Vim. Part of the reason for that is the fact that I no longer have to think about using Vi-style keybindings, and adjusting to anything else would seriously hinder my productivity."

Mine

[hackstraw]

In alphabetical order:

• [rs]sh - enables me to go places w/o passwords, copy files, and remotely execute commands. I can't live without it
  
• cron - does my work for me while I sleep, and mails me the results in the morning
  
• grep - the filter of filters. Keeps down the signal to noise ratio
  
• less - the pager of pagers. With a proper lessopen/pipe, you can do what no man has done before. You can go backwards in files, although I guess some 'more's can do this now. Less always can. It also highlights text searches so I don't have to search for what I just searched for.
  
• man - that's where they hide the documentation. Shame on those that only provide info, text, or worst, html documentation (or none)
  
• perl - anything that any other command cannot do, or cannot do well enough, perl can with some coaching.
  
• rsync - although its binary diff algorithm is not very good, rsync is close to heavenly, especially
• when teamed with [rs]sh and cron
  
• telnet - no, I never telnet to login to a machine, but I do it to test if a port is open, what's listening there, etc. very handy.
  
• vim - good editor, I can live with vi, but that makes me a little grumpy. I simply do not know or care to learn emacs. Its just a text editor.
  
• zsh - excellent shell. Very user friendly, consistent error messages, powerful. It can do anything any other shell can do and more. I understan
  d that bash has made some progress over the years, but zsh is my friend.
  
• /dev/null - where I put all of my important stuff. So should you!
  
  
• Honorable mention - /bin/sh Only because it is always there by definition on UNIX systems, and a good shell programming language. tcsh, csh, and zsh are not as good as /bin/sh, and its always available, but a little boring to write about.
  

Re:Mine

[frodo+from+middle+ea]

use netcat instead of telnet to test port connectivity. you can even use it in a shell script.

My additions

• find and xargs
• dmesg
• uname -a
• ps --forest
• awk :- for when perl is not available
• ssh/scp
• netcat
• mc
• elinks :- better alternative to lynx

Re:Mine

[rs]sh - enables me to go places w/o passwords, copy files, and remotely execute commands. I can't live without it

You know, I think it's funny every time I hear some Windows admin complain about trying to upgrade and change settings across a bunch of computers for programs for which Group Policy (I think that's what they call it, isn't it?) isn't supported. With ssh/scp on the client machines (port 22 appropriately firewalled off from everything else), it is as straightforward as such things can possibly be to install a program or push a config file in batch to many similar machines.

Re:Mine

[BrookHarty]

Everyone I know switched to SSH and dumped RSH. Keyfiles are your friend.

ssh/scp
snoop
cat (Sometimes easier to paste a file than scp one)
tail (-100f, I dont care if you are changing the command!)
ksh (solaris standard)
du (I always catalog an entire system, quicker than find, and im impatient)
But grep, perl and less, vi are always on the list.
and bzip/gzip for log files.
telnet for testing ports.
Cron is more server process, I wouldnt coun't it as a command.

But for home use, wget, screen, links, du. Wget under screen for files.

Re:Mine

[hackstraw]

Everyone I know switched to SSH and dumped RSH. Keyfiles are your friend.

I use rsh/rcp on private networks. Less overhead, no need for keys, and it reminds me of the good old days when the internet was a friendly place :)

I require ssh to access a machine from the outside world, but once your in, we are all friends again.

Yeah, du is arguably top 10 or 20. gzip/bzip/tar definitely top 20, but boring.

I cannot believe that I forgot truss/strace/ktrace.

That family of commands are top 10 to knock somebody off. Don't know whats going on? These guys will tell you.

Cron is more server process, I wouldnt coun't it as a command.

True.

I also guess sed is top 10 or 20 as well. Top 10 is rough for UNIX because there are so many small utilities that do killer stuff.

Re:Mine

[gregoryl]

"You can go backwards in files, although I guess some 'more's can do this now. Less always can. "

'more' on commercial UNIXes has been able to do that for ages (though in Solaris and MP-RAS you have to use /usr/xpg4/bin/more instead). At least 5 years (memory doesn't go back further than that.) It's only linux that's dragged behind on this. Personally it infuriates me - linux is one of 5 UNIX[-like] OSes that I use daily, and the only one that thinks to be different in this. I've been typing 'more' in UNIX now for 15 years, and still do on everything except for linux. Why rename it? (Yes I know I could just rm and symlink or do an alias - I have done - it's the principle.) I can emerge several different vi derivatives and they all answer to 'vi'.
It's not the only thing too that's annoyingly different in linux:
* most distros complain that nslookup 'depreciated' and should use dig - nslookup is still the standard on other UNIXes.
* head and tail complain that should be using the -n argument instead of the normal "head -#" like UNIX has had for decades. Why???
* shells wont properly parse:
echo "one two three" | while read blah ; do echo $blah ; done
which it will on all other UNIXes.

Seriously, why be different? I used to be an eager linux touter like the other slashdotters, and when I write scripts and work instructions to be used on all the commercial UNIXes I find the odd silly difference - but when we got a couple of linux systems the other day my initial joy when out the window.

I currently maintain 300 UNIX boxes in a major corporation, of which linux would only be suited for a couple of the roles (more of hardware limits and software compatibility than politics) and it's these silly little things that cause linux to not subtly slip in to the corporate world.

help please.

The autor makes a quick mention of vim, but what I'd really like to see is a full-blown developer session with vim, covering everything--common activities dealing with source, navigation, most used keystrokes, popular .vimrc mods, everything a "dyed-in-the-wool" GNU/Linux developer does when they are coding.

To take it another step further, a peer review and commentary about the session from other hardcore GNU/Linux developers at the end, so I can see the critiques, favorites, etc.

If anyone knows of such a article, or book, or could get such a thing started, I'd like to see it. The vim site is very helpful, but it is a lot more fragmented than what I'd like to see, something like "How the pros develop under GNU/Linux" with a full commentary/bull session attached...this would be very helpful to me.

Telnet ...?

[stevey]

It is suprising the author chose "telnet" as one of the programs in his list.

Sure it is useful for diagnosing random problems, and troubleshooting things - for example connecting straight to a webserver, or simulating a POP3 login request, but I've always preferred netcat.

netcat is much more useful, it allows you to bind to sockets and handling incoming requests as well as make outgoing ones this introduction is a good read.

Missing tools from the list? curl, links/lynx, rsync, sudo, nmap, lsof, and less.

Re:Telnet ...?

[JanneM]

The main benefit of sudo is when you have many admins working on a machine. If you're not in such an environment, you really don't need sudo.

In Ubuntu the root account is not active by default, meaning you _always_ use sudo to do administrative tasks. And after geting used to that I feel distinctly uncomfortable with actually having a root shell open and unprotected on the Redhat box. If nothing else I know myself and know it's only a matter of time until I type something into the wrong terminal (and I know that from previous experience)...

Cream for Vim

[digitect]

I'll plug my own project here: Cream is Vim tricked out in single mode with all the development tools pre-configured with all useful shortcut keys self-documented in the pull-down menus. You won't need to go searching through the help ever again.

Re:FLAME ON! Or not....

[arevos]

Does anyone seriously have flamewars over Vi vs. Emacs anymore?

I prefer this one

[toofast]

cat .bash_history | awk '{print $1}' | sort | uniq -c | sort -nr | head -20

GNU Screen.

[SlapAyoda]

I'm surprised at how few serious *NIX Administrators I know are using GNU Screen. For some reason, it seems that the majority of them have not yet discovered the sheer power of the console window manager. It allows me to manage dozens of virtual windows all within the same terminal. In addition to eliminating the need to window-switching on my local machine, it also allows me to perform complex select, copy, and paste operations using only my keyboard. WIthout using a mouse, I can select and copy text in one window, advance into another window, and paste the text. The best part is that if my DSL drops or I decide to reboot my computer, all of my screened sessions stay on the server, leaving my work in exactly the same place as it always was, and with a nice scrollback history. I couldn't work without it.

Fuel for the fire

[ctr2sprt]

I'll go ahead and add my list of tools I find myself using all the time. Note that because I admin more than just Linux boxes, I only use tools which are likely to be present on every Unix variant.

• find. It can be a handy ps replacement for boxes you think might be rooted (find /proc -name exe) in addition to all its other uses.
• xargs. Everyone uses it with find, but it's also good with...
• awk and/or cut. Need to reset quotas for 900 users? awk -F: '{if($3 >= 1000) print $1)} | xargs edquota -p protouser.
• sh. If you need to run more than one command via xargs, you can use a while loop in sh. I actually prefer tcsh as my interactive shell because of its nifty history-completion feature, but it's weaker at scripting.
• sort and uniq. They get one item because I almost never use them individually. Your webserver's getting DoSed and you want to know what IPs to firewall? netstat -an | awk '$4 ~ /:80$/ {print $5}' | cut -d: -f1 | sort | uniq -c | sort -n.
• grep -v. Yes, the -v is part of it: I almost never use regular grep for some reason. -v does the opposite of usual grep and excludes matching lines, which for me turns out to be much more useful.
• telnet. Same reason as in TFA. I mainly use it as a quick way to see if relaying is actually disabled or not, or if a service is hung. (Running according to ps, listening according to netstat, accepting connections, but not doing anything.)
• less. Mainly because some versions of more are worthless and won't allow you to scroll up, for example.
• vi. You need an editor, and once you climb the sheer face of vi's learning cliff, this is good at it. I still can't stand to use vi for coding, but for writing and adjusting config files it's great. Also it's pretty much the only editor guaranteed to be in all of Solaris, HP-UX, IRIX, FreeBSD, and RedHat Linux, so it's not like I have much of a choice.
• ssh. The all-purpose Swiss Army Chainsaw of networking. If you need to move data across a network, ssh can do it. It may be complicated, painful, and slow, but by God it can be done. ssh outer ssh border ssh inner tar czf - / | ssh storage 'cat >inner.tar.gz'.

There are other useful tools, but I pretty much use those on every single box I touch for any reason.

My Ten Would Be...

[Shads]

... (as a sysadmin)

grep - Simple, Powerful, Elegant
sed - Powerful and versitile
awk - For what sed doesn't do easily
perl - For what awk doesn't do easily
vim - In the end there can be only one... it's vim.
cut - is your friend
make - automation is good and make makes it easy
lynx - great for testing web stuff
slrn - news, it keeps you sane after being locked in the closet for a month
mtr - just flatout helpful

Re:I got yer flamewar right here!

[sootman]

I know the guy who used to admin RedHat's FTP servers. He had the server(s) set up so if anyone was using a download accelerator, it'd kill *all* transfers to that IP address.

Mine

[Lord+Kano]

Midnight Commander is #1.
ddrescue #2.

and I'm not sure what else I need often enough to specifically include it. I'm working on a USB key system for emergency repairs and maintenence.

LK

Tsync

[Earlybird]

You may want to check out Tsync, one of the recent Google "Summer of Code" winners: "Tsync is a user-level daemon that provides transparent synchronization amongst a set of computers. Tsync uses a peer-to-peer architecture for scalability, efficiency, and robustness." Unlike rsync, Unison, etc., Tsync is a locally installed daemon which automatically and transparently syncs two or more hosts.

Re:I got yer flamewar right here!

What exactly constitutes a download accelerator? Multiple connections? Specific user agent strings? (for http transfers)

Here's my list

[insomaniac]

Here is my list of tools I can't live with in my admin life:

#1: vim (My editor of choice for anything)
#2: netcat (beats telnet for the network testing forte)
#3: ssh-agent/ssh (for secure remote logins and other nice tricks (like tarring over ssh)
#4: nmap (for a quick network scan to see what hosts are up in an unknown network or an in depth portscan of a particular machine)
#5: perl (who needs shell script when you have perl ;))
#6: mtr (cause traceroute is sooooo 1980's)
#7: screen (for those long taking operations on a bad network connection)
#8: grep (the all purpose filter/text finder with -r)
#9: find (flexible find/recursive operations tool)
#10: host (quicker and easier name resolves than dig)

My list...

[ledow]

- ssh (file transfers, port forwarding, encryption and remote login in one tiny tool. I even use it in place of WEP or WPA)
- pico (can't stand vi but pico is small and has enough of a help that I don't have to memorise keystrokes)
- grep, sed (with grep and sed, you can pretty much manipulate any file/program output into whatever you want, strip IP's out of errors/logs, etc.)
- x11vnc (like any other VNC program but supports Tight encoding and also lets me see what an EXISTING X session is doing. Combined with a script that seds/greps the auth code from the process list and you have automated remote desktop)
- screen (if for no other reason than it lets you start a job at work (like a kernel compile) and watch it's progress throughout the day even if you have to log off in between. And when you get home, you can still check on it)
- tinyproxy (wonderful small, easy to use web-proxy that I tunnel into from work to bypass the far-too-restrictive filters in the schools that I work in)
- slocate (worth it's weight in gold when you have it auto-indexing overnight across all filesystems. Where's that file I used ten years ago that had Xen in the name? a simple command, 2 seconds wait and you get the full path).
- dnsmasq (tiny util, bung it a massive list of public DNS servers and point your DNS requests to 127.0.0.1 and it will loop through them all until it gets a response. Failover to other servers, built-in full DHCP server, invaluable behind a NAT, simple config. Saved my life I-don't-know-how-many-times when my ISP DNS servers were feeling flaky. No one even noticed that half the time our ISP's weren't responding to DNS at all.)
- lsusb, lspci, /proc/cpuinfo, free etc. (Invaluable for hardware discovery. Boot a knoppix CD, run those commands and instantly you know everything about the hardware that you need to know.)
- dd, cat, more, sh, etc.(where would we be without them?)