Linux Documentation

This article offers a consolidated Linux command reference combining daily Cloud Support & Media Engineering commands with CompTIA Linux+ (XK0-006) certification objectives.
Background: I have been learning Linux for the last 5 years. In my working computer I cannot work without a Linux terminal to do my troubleshooting. Now I want to formalize that knowledge with the CompTIA Linux+ (XK0-006) certification.
Talk is cheap. Show me the code.
– Linus Torvalds
XK0-006 Exam Domains Overview
| Domain | Description | Weight |
|---|---|---|
| 1 | System Management | ~23% |
| 2 | Services & User Management | ~20% |
| 3 | Security | ~18% |
| 4 | Automation, Orchestration & Scripting | ~17% |
| 5 | Troubleshooting | ~22% |
1. File System Navigation & Management (Core Utilities)
cat
Display file contents or concatenate files:
cat /etc/issue # Show Linux distribution info
cat /etc/passwd # View user accounts
cat /etc/fstab # View filesystem mount table
cat file1 file2 > combined.txt # Concatenate filescd
Change directory:
cd /var/log # Navigate to logs
cd ~ # Go to home directory
cd - # Return to previous directorychmod
Change file permissions:
chmod 755 script.sh # rwxr-xr-x
chmod u+x file # Add execute for owner
chmod -R 644 /path/to/dir # Recursive permission change
chmod 4755 /usr/bin/program # Set SUID bit
chmod 2755 /shared/dir # Set SGID bit
chmod 1777 /tmp # Set sticky bitchown
Change file ownership:
chown user:group file.txt
chown -R www-data:www-data /var/www/cp
Copy files and directories:
cp source.txt destination.txt
cp -r /source/dir /destination/ # Recursive copy
cp -a /source/ /backup/ # Archive mode (preserves all attributes)dd
Low-level block copy (disk duplication, backups):
dd if=/dev/sda of=/dev/sdb bs=4M status=progress # Clone disk
dd if=/dev/zero of=/swapfile bs=1M count=1024 # Create swap file
dd if=/dev/sda of=disk.img bs=4096 # Create disk imagedf
Display filesystem disk space usage:
df -h # Human-readable format
df -i # Show inode usage
df -T # Show filesystem typedu
Estimate file/directory space usage:
du -sh /path/to/folder # Total size, human-readable
du -sh /path/to/folder/ | less # Pipe to less for large output
du -h --max-depth=1 /var # One level deep summaryfile
Determine file type:
file document.pdf
file /bin/lsfind
Search for files in a directory hierarchy:
find / -name "*.conf" # Find by name
find /var/log -mtime -7 # Modified in last 7 days
find / -type f -perm /4000 # Find SUID files
find / -type f -size +100M # Files larger than 100MB
find /home -user username # Files owned by user
find / -nouser # Files with no ownerln
Create links between files:
ln file hardlink # Hard link
ln -s /path/to/file symlink # Symbolic (soft) linkls
List directory contents:
ls -la # Long format, all files (including hidden)
ls -lh # Human-readable sizes
ls -lt # Sort by modification time
ls -li # Show inode numbers
ls -lR # Recursive listingmkdir
Create directories:
mkdir newdir
mkdir -p /path/to/nested/dir # Create parent dirs as neededmv
Move or rename files:
mv oldname.txt newname.txt
mv file.txt /destination/path/pwd
Print current working directory:
pwdrm
Remove files and directories:
rm file.txt
rm -rf /path/to/dir # Force recursive delete (use with caution!)rmdir
Remove empty directories:
rmdir emptydirrsync
Remote (or local) file synchronization:
rsync -av /source/folder/ /destination/folder/
rsync -avz --progress user@remote:/path/ /local/path/
rsync -av --delete /source/ /destination/ # Mirror (delete extra files at dest)-a: Archive mode (preserves permissions, timestamps, symlinks, etc.)-v: Verbose-z: Compress during transfer--delete: Delete files at destination not in source
Example: Copy SourceFolder from Drive1 to Drive2:
rsync -av /media/username/Drive1/SourceFolder/ /media/username/Drive2/Note the trailing slash — it copies the contents of the folder.
stat
Display detailed file/filesystem status:
stat filename # Inode, size, permissions, timestampstouch
Create empty file or update timestamps:
touch newfile.txt
touch -t 202601011200 file.txt # Set specific timestamptree
Display directory structure as a tree:
tree /etc/systemd
tree -L 2 /var # Limit depth to 2 levels2. File Content Viewing & Searching (Text Processing)
awk
Pattern scanning and text processing:
awk '{print $1, $3}' file.txt # Print columns 1 and 3
awk -F: '{print $1}' /etc/passwd # Use : as delimiter
awk '/error/ {print}' logfile.log # Print lines containing "error"
df -h | awk '{print $1, $5}' # Extract filesystem and usagecut
Remove sections from lines of files:
cut -d: -f1 /etc/passwd # First field, colon delimiter
cut -c1-10 file.txt # First 10 characters per linediff
Compare files line by line:
diff file1.txt file2.txt
diff -u old.conf new.conf # Unified format (for patches)grep
Search text patterns in files:
grep "pattern" file.txt
grep -r "error" /var/log/ # Recursive search
grep -i "warning" logfile # Case-insensitive
grep -c "pattern" file # Count matches
grep -v "exclude" file # Invert match
grep -E "regex|pattern" file # Extended regex (same as egrep)
grep -n "text" file # Show line numbershead
Display first lines of a file:
head -n 20 /var/log/syslog
head -c 100 file.bin # First 100 bytesless
View file contents with pagination (navigate with arrows, q to quit):
less /var/log/syslog
journalctl | lesssed
Stream editor for filtering and transforming text:
sed 's/old/new/g' file.txt # Replace all occurrences
sed -i 's/old/new/g' file.txt # In-place edit
sed -n '10,20p' file.txt # Print lines 10-20
sed '/^#/d' config.conf # Delete comment linessort
Sort lines of text:
sort file.txt
sort -n file.txt # Numeric sort
sort -r file.txt # Reverse sort
sort -k2 -t: /etc/passwd # Sort by second field with : delimiter
du -h | sort -h # Sort human-readable sizestail
Display last lines of a file:
tail -n 50 /var/log/syslog
tail -f /var/log/syslog # Follow (real-time output)
tail -f /var/log/*.log # Follow multiple filestee
Read from stdin and write to both stdout and file:
command | tee output.log # Display and save
command | tee -a output.log # Append to filetr
Translate or delete characters:
echo "HELLO" | tr 'A-Z' 'a-z' # Convert to lowercase
cat file | tr -d '\r' # Remove carriage returnsuniq
Report or filter out repeated lines (requires sorted input):
sort file.txt | uniq
sort file.txt | uniq -c # Count occurrences
sort file.txt | uniq -d # Show only duplicateswc
Word, line, character, and byte count:
wc -l file.txt # Line count
wc -w file.txt # Word count
wc -c file.txt # Byte countxargs
Build and execute commands from stdin:
find / -name "*.tmp" | xargs rm
cat urls.txt | xargs -n1 curl -O3. User & Group Management
chage
Change user password aging/expiry information:
chage -l username # List aging info
chage -M 90 username # Max password age 90 days
chage -E 2026-12-31 username # Set account expiry dategetent
Get entries from administrative databases (passwd, group, etc.):
getent passwd username
getent group groupnamegroupadd / groupdel / groupmod
Manage groups:
groupadd developers
groupdel oldgroup
groupmod -n newname oldnameid
Display user and group IDs:
id
id usernamelast / lastb / who / w
Login history and current sessions:
last # Recent logins
lastb # Failed login attempts
who # Currently logged in users
w # Who is logged in and what they are doingpasswd
Change user password:
passwd # Change own password
passwd username # Change another user's password (root)
passwd -l username # Lock account
passwd -u username # Unlock accountsu / sudo
Switch user / execute as superuser:
su - username # Switch user (login shell)
sudo command # Run command as root
sudo -u user command # Run as specific user
visudo # Edit sudoers safelyuseradd / userdel / usermod
Manage user accounts:
useradd -m -s /bin/bash newuser # Create user with home dir and shell
userdel -r username # Delete user and home directory
usermod -aG sudo username # Add user to supplementary group
usermod -L username # Lock user account
usermod -s /sbin/nologin username # Disable shell access4. Process Management & System Monitoring
free
Display memory usage:
free -h # Human-readable
free -h -s 5 # Refresh every 5 secondshtop / top
Interactive process viewer:
top # Basic process viewer
htop # Enhanced interactive viewer (if installed)
top -u username # Filter by userKey top columns: PID, USER, %CPU, %MEM, COMMAND.
ionice
Set I/O scheduling priority:
ionice -c 3 command # Idle priority (only when no other I/O)
ionice -c 2 -n 0 command # Best-effort, highest priorityiostat
Report CPU and I/O statistics:
iostat
iostat -xz 1 5 # Extended stats, every 1 sec, 5 timesKey fields: await (avg wait time), %util (device utilization).
kill / killall / pkill
Send signals to processes:
kill PID # Send SIGTERM (graceful)
kill -9 PID # Send SIGKILL (force)
kill -HUP PID # Send SIGHUP (reload config)
killall processname # Kill by name
pkill -f "pattern" # Kill by pattern matchlsof
List open files and the processes using them:
lsof /var/log/syslog # Who has this file open?
lsof -i :80 # What process uses port 80?
lsof -u username # Files open by user
lsof +D /directory # All open files in directorympstat
Report per-processor statistics:
mpstat -P ALL 1 5 # All CPUs, every 1 sec, 5 timesKey: %iowait (waiting for I/O), %steal (stolen by hypervisor in VMs).
nice / renice
Set or change process scheduling priority:
nice -n 10 command # Start with lower priority
renice -n 5 -p PID # Change running process priorityValues range from -20 (highest priority) to +19 (lowest).
ps
Report process status:
ps aux # All processes, detailed
ps -ef # Full-format listing
ps aux --sort=-%mem # Sort by memory usage
ps -eo pid,user,%cpu,cmd # Custom columnsstrace
Trace system calls and signals:
strace command # Trace a command
strace -p PID # Attach to running process
strace -e open command # Filter specific syscallsuptime
Show how long system has been running:
uptimevmstat
Report virtual memory statistics:
vmstat 1 5 # Every 1 sec, 5 timesKey columns: si/so (swap in/out), free, buff, cache.
5. Storage & Disk Management
blkid
Locate/print block device attributes:
blkid # Show all block device UUIDs and types
blkid /dev/sda1fdisk / gdisk / parted
Partition management tools:
fdisk -l # List all partitions (MBR)
fdisk /dev/sdb # Interactive partition editor
gdisk /dev/sdb # GPT partition editor
parted /dev/sdb print # Show partition tablefsck
Filesystem check and repair (run on unmounted filesystems):
fsck /dev/sda1
fsck -y /dev/sda1 # Auto-fixlsblk
List block devices:
lsblk
lsblk -f # Show filesystem type and mount pointsLVM commands (lvcreate, lvextend, vgcreate, pvcreate)
Logical Volume Manager operations:
# Physical Volume
pvcreate /dev/sdb1
# Volume Group
vgcreate myvg /dev/sdb1
vgdisplay
# Logical Volume
lvcreate -L 10G -n mylv myvg
lvextend -L +5G /dev/myvg/mylv
resize2fs /dev/myvg/mylv # Resize ext4 after extending
xfs_growfs /mountpoint # Resize XFS after extending
lvdisplaymdadm
Manage software RAID arrays:
mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdb1 /dev/sdc1
mdadm --detail /dev/md0
mdadm --manage /dev/md0 --add /dev/sdd1 # Add spare
cat /proc/mdstat # Check RAID statusmkfs
Create a filesystem:
mkfs.ext4 /dev/sda1
mkfs.xfs /dev/sdb1
mkfs.btrfs /dev/sdc1mount / umount
Mount and unmount filesystems:
mount /dev/sda1 /mnt/data
mount -t nfs server:/share /mnt/nfs
mount -o remount,rw / # Emergency remount read-write
umount /mnt/dataPersistent mounts go in /etc/fstab.
smartctl
S.M.A.R.T. disk monitoring (disk health):
smartctl -a /dev/sda # All SMART info
smartctl -t short /dev/sda # Run short self-test
smartctl -H /dev/sda # Health statusswap management
mkswap /dev/sda2 # Initialize swap partition
swapon /dev/sda2 # Enable swap
swapoff /dev/sda2 # Disable swap
swapon --show # Show active swap6. Networking
curl
Transfer data from/to a server:
curl -vo /dev/null https://google.comFrom the output: headers starting with > are sent by you, headers starting with < are the response from the origin.
Follow redirects with -L:
curl -vo /dev/null -L https://google.comPass custom headers with -H:
curl -H 'Host: www.example.com' http://server-ip-address/Other useful flags:
curl -I https://example.com # HEAD request only
curl -X POST -d '{"key":"value"}' -H "Content-Type: application/json" https://api.example.com
curl -u user:pass https://secure.example.com # Basic auth
curl -k https://self-signed.example.com # Skip SSL verification
curl -o output.html https://example.com # Save to filedig
DNS lookup utility:
dig example.com # Query A record
dig example.com MX # Query MX records
dig @8.8.8.8 example.com # Query specific DNS server
dig +short example.com # Short output
dig -x 8.8.8.8 # Reverse DNS lookuphost
Simple DNS lookup:
host example.com
host 8.8.8.8 # Reverse lookupip
Modern replacement for ifconfig/route:
ip addr show # Show all interfaces and IPs
ip addr add 192.168.1.10/24 dev eth0 # Assign IP
ip link set eth0 up # Bring interface up
ip link set eth0 down # Bring interface down
ip route show # Show routing table
ip route add default via 192.168.1.1 # Add default gateway
ip neigh show # Show ARP table (neighbors)mtr
Combines traceroute and ping (real-time network diagnostics):
mtr google.com
mtr -r -c 10 google.com # Report mode, 10 cyclesnetstat / ss
Network connections and listening ports:
ss -tulnp # TCP/UDP listening ports with PIDs
ss -s # Summary statistics
ss -tnp state established # Active connections
netstat -tulnp # Legacy equivalentnmap
Network exploration and port scanning:
nmap 192.168.1.0/24 # Scan subnet
nmap -sV 192.168.1.1 # Service version detection
nmap -p 80,443 target # Scan specific portsping
Test network connectivity:
ping -c 4 google.com # Send 4 packets
ping -i 0.5 host # Interval 0.5 seconds
ping6 ::1 # IPv6 pingresolvectl
Manage DNS resolution (systemd-resolved):
resolvectl status
resolvectl query example.comDNS config file: /etc/resolv.conf
scp
Secure copy over SSH:
scp file.txt user@remote:/path/
scp -r localdir/ user@remote:/path/
scp user@remote:/path/file.txt ./ssh
Secure shell remote access:
ssh user@hostname
ssh -p 2222 user@host # Custom port
ssh -i ~/.ssh/key.pem user@host # Specific key
ssh -L 8080:localhost:80 user@host # Local port forwarding
ssh -D 1080 user@host # SOCKS proxy (dynamic forwarding)tcpdump
Network packet capture and analysis:
tcpdump -i eth0 # Capture on interface
tcpdump -i any port 80 # Filter by port
tcpdump -i eth0 host 192.168.1.1 # Filter by host
tcpdump -w capture.pcap # Write to file
tcpdump -r capture.pcap # Read from filetraceroute / tracepath
Trace the route to a host:
traceroute google.com
tracepath google.com # Does not require rootwget
Non-interactive network downloader:
wget https://example.com/file.tar.gz
wget -r -l 2 https://example.com # Recursive, depth 2
wget -c https://example.com/large.iso # Resume interrupted download7. Package Management
apt (Debian/Ubuntu)
apt update # Update package index
apt upgrade # Upgrade all packages
apt install package-name # Install package
apt remove package-name # Remove package
apt search keyword # Search packages
apt list --installed # List installed packages
apt show package-name # Package detailsdnf / yum (RHEL/Fedora/CentOS)
dnf update # Update all packages
dnf install package-name
dnf remove package-name
dnf search keyword
dnf list installed
dnf info package-name
dnf provides /usr/bin/command # Find which package provides a filedpkg (Debian low-level)
dpkg -i package.deb # Install .deb file
dpkg -l # List installed packages
dpkg -L package-name # List files in package
dpkg -S /path/to/file # Find which package owns a filerpm (Red Hat low-level)
rpm -ivh package.rpm # Install
rpm -qa # List all installed
rpm -ql package-name # List files in package
rpm -qf /path/to/file # Find owning packagesnap
Universal package manager:
snap install package
snap list
snap refresh # Update all snaps
snap remove package8. Service & Boot Management (systemd)
systemctl
Control the systemd system and service manager:
systemctl start service-name
systemctl stop service-name
systemctl restart service-name
systemctl reload service-name # Reload config without restart
systemctl status service-name
systemctl enable service-name # Start at boot
systemctl disable service-name
systemctl is-active service-name
systemctl is-enabled service-name
systemctl list-units --type=service # List running services
systemctl list-unit-files # List all unit files
systemctl daemon-reload # Reload unit files after changes
systemctl mask service-name # Completely prevent starting
systemctl unmask service-namesystemd targets (runlevels)
systemctl get-default # Current default target
systemctl set-default multi-user.target # Set default to CLI (no GUI)
systemctl set-default graphical.target # Set default to GUI
systemctl isolate rescue.target # Switch to rescue mode| Target | Old Runlevel | Description |
|---|---|---|
| poweroff.target | 0 | Halt |
| rescue.target | 1 | Single user |
| multi-user.target | 3 | Multi-user, no GUI |
| graphical.target | 5 | Multi-user + GUI |
| reboot.target | 6 | Reboot |
journalctl
Query the systemd journal (logs):
journalctl # All logs
journalctl -u service-name # Logs for specific service
journalctl -f # Follow (like tail -f)
journalctl --since "1 hour ago"
journalctl --since "2026-01-01" --until "2026-01-02"
journalctl -p err # Only error priority and above
journalctl -b # Current boot only
journalctl -b -1 # Previous boot
journalctl --disk-usage # How much disk logs useGRUB2 (Boot Loader)
Key files:
/etc/default/grub— GRUB configuration/boot/grub/grub.cfg— Generated config (don’t edit directly)
update-grub # Debian/Ubuntu: regenerate grub.cfg
grub2-mkconfig -o /boot/grub2/grub.cfg # RHEL/CentOSGRUB rescue: If boot fails, use GRUB command line to set root, load kernel, and boot manually.
dmesg
Print kernel ring buffer messages:
dmesg
dmesg | grep -i error
dmesg --level=err,warn
dmesg -T # Human-readable timestamps9. Security & Firewalls
ACLs (Access Control Lists)
getfacl file.txt # View ACLs
setfacl -m u:username:rw file.txt # Set ACL for user
setfacl -m g:groupname:r file.txt # Set ACL for group
setfacl -x u:username file.txt # Remove ACL entry
setfacl -b file.txt # Remove all ACLsAppArmor
aa-status # Show AppArmor status
aa-complain /path/to/profile # Set profile to complain mode
aa-enforce /path/to/profile # Set profile to enforce modeauditd / ausearch / aureport
Linux Audit system:
auditctl -l # List audit rules
auditctl -w /etc/passwd -p wa # Watch file for writes/attributes
ausearch -m avc # Search for SELinux denials
ausearch -k mykey # Search by key
aureport --summary # Summary reportfirewall-cmd (firewalld)
firewall-cmd --state
firewall-cmd --list-all
firewall-cmd --add-service=http --permanent
firewall-cmd --add-port=8080/tcp --permanent
firewall-cmd --reload
firewall-cmd --zone=public --list-servicesGPG (GNU Privacy Guard)
gpg --gen-key # Generate key pair
gpg --encrypt -r recipient file.txt # Encrypt
gpg --decrypt file.txt.gpg # Decrypt
gpg --sign file.txt # Sign file
gpg --verify file.txt.sig # Verify signature
gpg --list-keys # List public keysiptables / nftables
# iptables (legacy)
iptables -L -n -v # List all rules
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -j DROP
iptables-save > /etc/iptables/rules.v4
# nftables (modern replacement)
nft list ruleset
nft add table inet filter
nft add chain inet filter input { type filter hook input priority 0 \; }
nft add rule inet filter input tcp dport 22 acceptopenssl
Cryptography and TLS/SSL toolkit:
openssl version
openssl s_client -connect example.com:443 # Test TLS connection
openssl x509 -in cert.pem -text -noout # View certificate details
openssl req -new -x509 -nodes -out cert.pem -keyout key.pem -days 365 # Self-signed cert
openssl dgst -sha256 file.txt # Hash a fileSELinux
getenforce # Show current mode
setenforce 0 # Set permissive (temporary)
setenforce 1 # Set enforcing (temporary)
sestatus # Detailed status
ls -Z file.txt # Show SELinux context
restorecon -Rv /path # Restore default contexts
audit2allow -a # Generate policy from denials
semanage fcontext -l # List file contextsPersistent mode change: edit /etc/selinux/config → SELINUX=enforcing|permissive|disabled
ufw (Uncomplicated Firewall)
ufw status verbose
ufw enable
ufw allow 22/tcp
ufw allow from 192.168.1.0/24
ufw deny 23
ufw delete allow 22/tcp10. Automation, Scripting & Scheduling
ansible
Agentless configuration management (push model via SSH):
ansible all -m ping # Test connectivity
ansible-playbook playbook.yml # Run playbook
ansible all -m shell -a "uptime" # Ad-hoc command
ansible-inventory --list # List inventoryat
Schedule a one-time task:
at 10:00 AM tomorrow
at> /path/to/script.sh
at> Ctrl+D
atq # List pending jobs
atrm 1 # Remove job #1cron / crontab
Schedule recurring tasks:
crontab -e # Edit current user's crontab
crontab -l # List current user's crontab
crontab -r # Remove crontabCron format: MIN HOUR DOM MON DOW command
# Example: Run backup daily at 2:30 AM
30 2 * * * /usr/local/bin/backup.sh
# Example: Every 5 minutes
*/5 * * * * /path/to/script.shSystem-level cron directories:
/etc/cron.d/— Custom cron files/etc/cron.daily/,/etc/cron.hourly/,/etc/cron.weekly/,/etc/cron.monthly/
systemd timers
Modern cron replacement:
systemctl list-timers # List active timers
systemctl status mytimer.timer
systemctl enable --now mytimer.timerBash scripting essentials
#!/bin/bash
# Variables
NAME="world"
echo "Hello, $NAME"
# Conditionals
if [ -f /etc/passwd ]; then
echo "File exists"
fi
# Loops
for i in 1 2 3 4 5; do
echo "Number: $i"
done
# While loop
while read -r line; do
echo "$line"
done < file.txt
# Functions
my_function() {
echo "Argument: $1"
return 0
}
# Exit codes
command
if [ $? -eq 0 ]; then
echo "Success"
figit
Version control (relevant to XK0-006 automation domain):
git init
git clone https://repo.example.com/project.git
git status
git add .
git commit -m "message"
git pull
git push
git log --oneline -10
git branch feature-branch
git checkout feature-branch
git merge feature-branch
git diff11. Containers & Virtualization
Docker
# Container lifecycle
docker ps # List running containers
docker ps -a # All containers (running + stopped)
docker run -d -p 8080:80 --name myapp nginx
docker exec -it container_name /bin/bash
docker stop container_name
docker rm container_name
docker rm -f container_name # Force remove
# Images
docker images
docker pull image:tag
docker build -t myimage:latest .
docker image prune -f # Clean old images
# Volumes and networks
docker volume ls
docker volume create mydata
docker network ls
# Docker Compose
docker compose up -d
docker compose down
docker compose logs -fExample - Open WebUI with Ollama:
docker run -d -p 3000:8080 \
--add-host=host.docker.internal:host-gateway \
-v open-webui:/app/backend/data \
--name open-webui --restart always \
ghcr.io/open-webui/open-webui:mainUpdate Open WebUI:
docker stop open-webui
docker rm open-webui
docker pull ghcr.io/open-webui/open-webui:main
docker run -d -p 3000:8080 \
-v open-webui:/app/backend/data \
--name open-webui --restart always \
ghcr.io/open-webui/open-webui:mainPodman
Rootless container engine (Docker-compatible, no daemon):
podman run -d -p 8080:80 nginx
podman ps
podman exec -it container_name bash
podman stop container_name
podman rm container_name
podman images
podman build -t myimage .KVM / libvirt / virsh
Kernel-based Virtual Machine management:
virsh list --all # List all VMs
virsh start vm-name
virsh shutdown vm-name
virsh destroy vm-name # Force power off
virsh console vm-name # Attach to console
virsh dominfo vm-name # VM info
virt-install --name=myvm --ram=2048 --vcpus=2 --disk size=20 --os-variant=ubuntu22.0412. Kernel & Hardware
lscpu
Display CPU architecture information:
lscpulshw
List detailed hardware information:
lshw -short
lshw -class networklsmod / modprobe / modinfo
Kernel module management:
lsmod # List loaded modules
modprobe module_name # Load module
modprobe -r module_name # Remove module
modinfo module_name # Module detailslspci / lsusb
List PCI and USB devices:
lspci
lspci -v # Verbose
lsusb
lsusb -t # Tree formatuname
Print system information:
uname -a # All information
uname -r # Kernel release
uname -m # Machine hardware (x86_64, aarch64)sysctl
Configure kernel parameters at runtime:
sysctl -a # Show all parameters
sysctl net.ipv4.ip_forward # Check specific value
sysctl -w net.ipv4.ip_forward=1 # Set temporarilyPersistent changes go in /etc/sysctl.conf or /etc/sysctl.d/.
13. Logging & System Information
logger
Add entries to the system log:
logger "Custom log message"
logger -p auth.warning "Security warning from script"lsb_release
Show distribution information:
lsb_release -aOutput example:
Distributor ID: Ubuntu
Description: Ubuntu 22.04.5 LTS
Release: 22.04
Codename: jammyAlternative: cat /etc/os-release
timedatectl
Control system time and date:
timedatectl # Show current settings
timedatectl set-timezone America/New_York
timedatectl set-ntp true # Enable NTP sync
timedatectl list-timezoneslogrotate
Manage log file rotation (configured in /etc/logrotate.conf and /etc/logrotate.d/):
logrotate -f /etc/logrotate.conf # Force rotation
logrotate -d /etc/logrotate.conf # Debug/dry run14. Archives & Compression
gzip / gunzip / bzip2 / xz
Compression utilities:
gzip file.txt # Compress → file.txt.gz
gunzip file.txt.gz # Decompress
bzip2 file.txt # Better compression → file.txt.bz2
bunzip2 file.txt.bz2
xz file.txt # Best compression → file.txt.xz
unxz file.txt.xztar
Archive utility (Tape ARchive):
# Create archives
tar -cvf archive.tar /path/to/dir # Create tar
tar -czvf archive.tar.gz /path/to/dir # Create gzipped tar
tar -cjvf archive.tar.bz2 /path/to/dir # Create bzip2 tar
tar -cJvf archive.tar.xz /path/to/dir # Create xz tar
# Extract archives
tar -xvf archive.tar
tar -xzvf archive.tar.gz
tar -xjvf archive.tar.bz2
tar -xJvf archive.tar.xz
tar -xvf archive.tar -C /destination/ # Extract to specific dir
# List contents
tar -tvf archive.tarzip / unzip
zip -r archive.zip /path/to/dir
unzip archive.zip
unzip -l archive.zip # List contents without extracting15. Text Editors
vi / vim
The standard Linux text editor (always available):
vim filenameModes:
- Normal mode (default): navigate, delete, copy/paste
- Insert mode: press
i,a,oto enter - Command mode: press
:from normal mode
Essential commands:
| Command | Description |
|---|---|
i |
Insert before cursor |
a |
Insert after cursor |
o |
New line below |
Esc |
Return to normal mode |
:w |
Save |
:q |
Quit |
:wq or ZZ |
Save and quit |
:q! |
Quit without saving |
dd |
Delete line |
yy |
Copy (yank) line |
p |
Paste below |
/pattern |
Search forward |
n |
Next match |
:%s/old/new/g |
Replace all |
:set number |
Show line numbers |
u |
Undo |
Ctrl+r |
Redo |
nano
Simple terminal text editor:
nano filenameKey bindings: Ctrl+O save, Ctrl+X exit, Ctrl+K cut line, Ctrl+U paste.
16. Terminal Multiplexers
Byobu
Text window manager and terminal multiplexer built on tmux/screen:
Keybindings:
- Shift+F1 = Help menu
- F2 = Create a new window
- Shift-F2 — Create a horizontal split
- Ctrl-F2 — Create a vertical split
- Ctrl-Shift-F2 — Create a new session
- F3/F4 — Move focus among windows
- Alt-Left/Right — Move focus among windows
- Alt-Up/Down — Move focus among sessions
- Shift-Left/Right/Up/Down — Move focus among splits
- Shift-F3/F4 — Move focus among splits
- Ctrl-F3/F4 — Move a split
- Ctrl-Shift-F3/F4 — Move a window
- Shift-Alt-Left/Right/Up/Down — Resize a split
- F6 — Detach session and then logout
tmux
Terminal multiplexer:
tmux # Start new session
tmux new -s mysession # Named session
tmux ls # List sessions
tmux attach -t mysession # ReattachKey prefix: Ctrl+b then:
c— new window%— vertical split"— horizontal splitd— detachn/p— next/previous windowarrow— switch pane
17. Performance Tuning & Troubleshooting
iotop
Display I/O usage by process (requires root):
iotop
iotop -o # Only show active I/Osmem
Report memory usage with shared memory divided proportionally:
smem -tk # Totals in KB
smem -u # Per-user summarysar
System Activity Reporter (collect and report system activity):
sar -u 1 5 # CPU usage, 1 sec interval, 5 times
sar -r 1 5 # Memory usage
sar -n DEV 1 5 # Network statistics
sar -d 1 5 # Disk I/Otuned-adm
Dynamic system tuning daemon:
tuned-adm active # Show current profile
tuned-adm list # List available profiles
tuned-adm profile throughput-performance # Set profile
tuned-adm recommend # Get recommended profileCommon profiles: balanced, throughput-performance, latency-performance, virtual-guest, powersave.
Troubleshooting methodology
Network troubleshooting order: Physical → IP → Routing → DNS → Application
# 1. Check interface status
ip addr show
ip link show
# 2. Check routing
ip route show
ping gateway-ip
# 3. Check DNS
dig example.com
cat /etc/resolv.conf
resolvectl status
# 4. Check application / port
ss -tulnp
curl -v http://service:port18. Miscellaneous Tools
alias
Create command shortcuts:
alias ll='ls -la'
alias update='sudo apt update && sudo apt upgrade'
unalias ll # Remove aliasPersistent aliases go in ~/.bashrc or ~/.bash_aliases.
env / export
Environment variables:
env # Show all environment variables
export MY_VAR="value" # Set and export variable
echo $PATH # Show PATH
export PATH="$PATH:/new/path" # Add to PATHhistory
Command history:
history
history | grep "pattern"
!123 # Re-run command #123
!! # Re-run last command
!$ # Last argument of previous commandman / info / help
Documentation:
man command # Manual page
man 5 passwd # Section 5 (file formats)
info command # GNU info page
command --help # Quick help
apropos keyword # Search man pages by keywordmpv
Media player from the command line:
mpv --ytdl-format=best "https://youtu.be/Cwm6krslrOc?si=vODFbOAlI6inrhWR"Ollama (Local AI)
Run Large Language Models locally:
ollama list # List downloaded models
ollama run llama3 # Run a model
ollama pull mistral # Download a modelTest if running: http://localhost:11434/ → should output “Ollama is running”
screen
Terminal multiplexer (legacy alternative to tmux):
screen # Start new session
screen -S name # Named session
screen -ls # List sessions
screen -r name # Reattachshutdown / reboot / poweroff
System power management:
shutdown -h now # Halt immediately
shutdown -r +5 "Rebooting in 5 minutes"
reboot
powerofftype / which / whereis
Locate commands:
type ls # How shell interprets command
which python3 # Path to executable
whereis nginx # Binary, source, and man page locations19. Important Configuration Files
| File | Purpose |
|---|---|
/etc/passwd |
User account information |
/etc/shadow |
Encrypted passwords and aging |
/etc/group |
Group definitions |
/etc/fstab |
Filesystem mount table |
/etc/hosts |
Static hostname resolution |
/etc/resolv.conf |
DNS resolver configuration |
/etc/hostname |
System hostname |
/etc/sudoers |
Sudo privileges (edit with visudo) |
/etc/ssh/sshd_config |
SSH server configuration |
/etc/sysctl.conf |
Kernel parameters |
/etc/crontab |
System-wide cron jobs |
/etc/systemd/system/ |
Custom systemd unit files |
/etc/selinux/config |
SELinux mode configuration |
/etc/default/grub |
GRUB bootloader settings |
/var/log/ |
System log directory |
/proc/ |
Virtual filesystem (process/kernel info) |
/sys/ |
Virtual filesystem (hardware/driver info) |
20. Quick Reference — XK0-006 Domain-to-Command Map
| Domain | Key Commands |
|---|---|
| 1. System Management | systemctl, journalctl, dmesg, lsblk, fdisk, mount, lvm*, mdadm, grub2-mkconfig, uname, modprobe |
| 2. Services & Users | useradd, usermod, passwd, chmod, chown, setfacl, systemctl, docker/podman, crontab |
| 3. Security | getenforce, restorecon, audit2allow, aa-status, iptables, nft, firewall-cmd, ufw, openssl, gpg, ssh |
| 4. Automation | bash scripting, ansible, git, cron, systemd timers, at, python |
| 5. Troubleshooting | journalctl, dmesg, top, vmstat, iostat, strace, lsof, ss, tcpdump, fsck, smartctl, ip |
References & Study Resources
- CompTIA Linux+ Official Page
- GitHub: unixerius/XK0-006 Lab Files
- FlashGenius Linux+ XK0-006 Study Series
- My personal blog: tuertolin.com/linux
Last updated: July 2026 — Consolidated from daily engineering commands + CompTIA Linux+ (XK0-006) Study Guide.