Introduction:
As we journey deeper into the world of Linux, it’s crucial to build on the foundation laid in our previous discussions on beginner and intermediate commands. While those foundational commands have equipped you with the basic tools to navigate the Linux environment, advanced commands unlock a new realm of possibilities, enabling you to manage systems more effectively, automate tasks, and enhance your productivity.
In this blog, we will explore 10 advanced Linux commands that every power user should know. These commands will not only help you streamline your workflows but also provide insights into system performance, security, and administration. Whether you’re a system administrator, a developer, or an enthusiastic learner, mastering these commands will empower you to take full control of your Linux environment.
Let’s dive in and elevate your Linux command-line skills to a professional level!
List of 10 expert-level Linux commands.
1. dig
The dig(Domain Information Groper) command is used to get information about DNS name servers, also used to troubleshoot DNS problems. basically, this command is mostly used by the network administrator. It gives information such as dig version, and statistics about the query.
genexdbs@genexdbs:~$ dig google.com
OUTPUT:
; <<>> DiG 9.18.28-0ubuntu0.20.04.1-Ubuntu <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47048
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 33 IN A 142.250.196.14
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Oct 28 14:14:23 IST 2024
;; MSG SIZE rcvd: 552. lsblk
The lsblk (list block device) is used to list all block devices of a system with their logical partition. The lsblk command reads the sysfs filesystem and udev db to get this information. Expect (RAM disks) This command lists all block devices in a tree-like format.
genexdbs@genexdbs:~$ lsblk
OUTPUT:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop0 7:0 0 15M 1 loop /snap/aws-cli/130
loop1 7:1 0 4K 1 loop /snap/bare/5
loop2 7:2 0 313.1M 1 loop /snap/code/171
loop3 7:3 0 104M 1 loop /snap/core/16928
loop4 7:4 0 313.1M 1 loop /snap/code/172
loop5 7:5 0 55.7M 1 loop /snap/core18/2829
loop6 7:6 0 55.4M 1 loop /snap/core18/2846
loop7 7:7 0 104.2M 1 loop /snap/core/17200
loop8 7:8 0 64M 1 loop /snap/core20/2379
loop9 7:9 0 63.7M 1 loop /snap/core20/2434
loop10 7:10 0 74.3M 1 loop /snap/core22/1621
loop11 7:11 0 73.9M 1 loop /snap/core22/1663
loop12 7:12 0 164.8M 1 loop /snap/gnome-3-28-1804/194
loop13 7:13 0 121M 1 loop /snap/slack/169
loop14 7:14 0 132M 1 loop /snap/docker/2932
loop15 7:15 0 321.1M 1 loop /snap/vlc/3777
loop16 7:16 0 12.2M 1 loop /snap/snap-store/1216
loop17 7:17 0 130.1M 1 loop /snap/docker/2915
loop18 7:18 0 9.7M 1 loop /snap/htop/4407
loop19 7:19 0 26.2M 1 loop /snap/video-downloader/1197
loop20 7:20 0 38.8M 1 loop /snap/snapd/21759
loop22 7:22 0 321.1M 1 loop /snap/vlc/3721
loop23 7:23 0 164.8M 1 loop /snap/gnome-3-28-1804/198
loop24 7:24 0 65.2M 1 loop /snap/gtk-common-themes/1519
loop25 7:25 0 191.8M 1 loop /snap/jenkins/4755
loop26 7:26 0 182M 1 loop /snap/skype/368
loop27 7:27 0 218.4M 1 loop /snap/gnome-3-34-1804/93
loop28 7:28 0 349.7M 1 loop /snap/gnome-3-38-2004/143
loop29 7:29 0 26.2M 1 loop /snap/video-downloader/1201
loop30 7:30 0 104.1M 1 loop /snap/lxd/29943
loop31 7:31 0 91.7M 1 loop /snap/gtk-common-themes/1535
loop32 7:32 0 218.4M 1 loop /snap/gnome-3-34-1804/90
loop33 7:33 0 505.1M 1 loop /snap/gnome-42-2204/176
loop34 7:34 0 38.8M 1 loop /snap/snapd/21465
loop35 7:35 0 191.9M 1 loop /snap/jenkins/4760
loop36 7:36 0 133.4M 1 loop /snap/qts3browser/178
loop37 7:37 0 349.7M 1 loop /snap/gnome-3-38-2004/140
loop38 7:38 0 504.2M 1 loop /snap/gnome-42-2204/172
loop39 7:39 0 12.9M 1 loop /snap/snap-store/1113
loop40 7:40 0 118.7M 1 loop /snap/slack/158
loop41 7:41 0 104.1M 1 loop /snap/lxd/30130
loop42 7:42 0 182M 1 loop /snap/skype/370
nvme0n1 259:0 0 477G 0 disk
??nvme0n1p1 259:1 0 512M 0 part /boot/efi
??nvme0n1p2 259:2 0 476.4G 0 part /3. Strace
strace is a powerful tool for monitoring and diagnosing processes in Linux. It is primarily used for debugging programs, troubleshooting issues, intercepting and recording system calls, and tracing running processes. It provides valuable insights into how a program interacts with the system, especially when the source code is not available.
genexdbs@genexdbs:~$ strace ls
OUTPUT:
execve("/usr/bin/ls", ["ls"], 0x7ffec922e7c0 /* 50 vars */) = 0
brk(NULL) = 0x5645bd84d000
arch_prctl(0x3001 /* ARCH_??? */, 0x7ffd6b328380) = -1 EINVAL (Invalid argument)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=90911, ...}) = 0
mmap(NULL, 90911, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fd884a9d000
close(3)
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...}) = 0
write(1, " 17thJulyDailyactivitiesttt dep"..., 111 17thJulyDailyactivities deployer_rsa 'MongoDB Backup Scripts' PrometheusGrafanaInstallationSteps
) = 111
write(1, " 2022-08-24-16-15-20.027-VBoxSVC"..., 105 2022-08-24-16-15-20.027-VBoxSVC-13072.log Desktop 'MongoDB Longrunning Script Success' Public
) = 105
write(1, " 2022-08-24-16-15-20.029-VBoxHea"..., 110 2022-08-24-16-15-20.029-VBoxHeadless-16752.log desktop_session 'Mongo Services' 'Ram Test Monthly'
) = 110
write(1, " 2023-05-03-17-59-27.065-VBoxSVC"..., 115 2023-05-03-17-59-27.065-VBoxSVC-26238.log Diskspacealertscript 'Monthly Report Creation pdf' report.pdf
) = 115
write(1, " 2023-05-03-17-59-27.075-VBoxHea"..., 86 2023-05-03-17-59-27.075-VBoxHeadless-50455.log docker Music report.sh
) = 86strace -c ls:
To count number of system calls.
genexdbs@genexdbs:~$ strace -c ls
OUTPUT:
Desktop Documents Downloads Music Pictures Public Templates Videos
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
28.12 0.000352 352 1 execve
20.61 0.000258 9 27 mmap
8.15 0.000102 3 32 write
6.31 0.000079 8 9 openat
5.75 0.000072 9 8 mprotect
4.31 0.000054 7 7 read
4.23 0.000053 26 2 getdents64
3.51 0.000044 4 11 close
3.19 0.000040 4 10 fstat
3.12 0.000039 19 2 ioctl
3.12 0.000039 4 8 pread64
1.84 0.000023 23 1 munmap
1.76 0.000022 11 2 2 access
1.76 0.000022 11 2 2 statfs
1.44 0.000018 6 3 brk
0.72 0.000009 4 2 rt_sigaction
0.64 0.000008 4 2 1 arch_prctl
0.40 0.000005 5 1 rt_sigprocmask
0.40 0.000005 5 1 set_tid_address
0.32 0.000004 4 1 set_robust_list
0.32 0.000004 4 1 prlimit644. tcpdump
It is a powerful command-line packet analyzer used to capture and analyze network traffic on Linux and other Unix-like operating systems.
genexdbs@genexdbs:~$ tcpdump
OUTPUT:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on veth0ad2dcf, link-type EN10MB (Ethernet), capture size 262144 bytes
15:40:48.119042 IP genexdbs-2.52275 > 270.255.255.250.1900: UDP, length 172
15:40:49.120539 IP genexdbs-2.52275 > 270.255.255.250.1900: UDP, length 172
15:40:50.121926 IP genexdbs-2.52275 > 270.255.255.250.1900: UDP, length 172
15:40:51.120496 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:40:51.120938 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:40:51.122286 IP genexdbs-2.52275 > 270.255.255.250.1900: UDP, length 172
15:40:52.122615 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:40:52.123058 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:40:54.124294 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:40:54.124707 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:41:21.784748 IP genexdbs-2.37701 > 270.255.255.250.1900: UDP, length 172
15:41:22.785058 IP genexdbs-2.37701 > 270.255.255.250.1900: UDP, length 172
15:41:23.786040 IP genexdbs-2.37701 > 270.255.255.250.1900: UDP, length 172
15:41:24.784703 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:41:24.785037 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:41:24.786525 IP genexdbs-2.37701 > 270.255.255.250.1900: UDP, length 172
15:41:25.785796 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:41:25.786160 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:41:27.787479 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)
15:41:27.787849 IP genexdbs-2.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? _googlecast._tcp.local. (40)5. tcpdump -D
The command sudo tcpdump -D is used to list all available network interfaces on a system for packet capture using the tcpdump tool. This is useful when you want to see the interfaces you can monitor with tcpdump.
genexdbs@genexdbs:~$ tcpdump -D
OUTPUT:
1.veth0ad2dcf [Up, Running]
2.veth40241ae [Up, Running]
3.tun0 [Up, Running]
4.veth94024a0 [Up, Running]
5.br-b848be12a2d2 [Up, Running]
6.wlp0s20f3 [Up, Running]
7.veth0a0c0b3 [Up, Running]
8.vethd9b7aa4 [Up, Running]
9.veth6852f6e [Up, Running]
10.br-2ef453d4da9e [Up, Running]
11.vethe7c2c9b [Up, Running]
12.veth9aae53c [Up, Running]
13.br-93931308b083 [Up, Running]
14.br-423899dba95d [Up, Running]
15.veth1dcd465 [Up, Running]
16.veth8c0535f [Up, Running]
17.vetheeca717 [Up, Running]
18.veth05d2912 [Up, Running]
19.lo [Up, Running, Loopback]
20.any (Pseudo-device that captures on all interfaces) [Up, Running]
21.enp4s0 [Up]
22.virbr0 [Up]
23.docker0 [Up]
24.bluetooth-monitor (Bluetooth Linux Monitor) [none]
25.nflog (Linux netfilter log (NFLOG) interface) [none]
26.nfqueue (Linux netfilter queue (NFQUEUE) interface) [none]
27.bluetooth0 (Bluetooth adapter number 0) [none]
28.virbr0-nic [none]6. ufw
The ufw (uncomplicated firewall) command is used to configure and use the firewall. ufw command uses the iptables. ufw command is used to set rules to allow or deny incoming and outgoing network traffic to and from their system., or to create an IPv4 or IPv6 host-based firewall, etc. Also, the ufw command is used to setting up firewall rules to protect their system from unauthorized access and malicious network traffic.
genexdbs@genexdbs:~$ ufw status
Status: active
To Action From
-- ------ ----
8080 ALLOW Anywhere
22/tcp ALLOW Anywhere
8080 (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)If you want to block a network connection from a specific IP address, you can run the following command.
genexdbs@genexdbs:~$ ufw deny from 203.0.113.100
Rule added
genexdbs@genexdbs:~$ ufw status
Status: active
To Action From
-- ------ ----
8080 ALLOW Anywhere
22/tcp ALLOW Anywhere
Anywhere DENY 203.0.113.100
8080 (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)To undo things like to allow you can use following command.
genexdbs@genexdbs:~$ ufw allow from 203.0.113.100
Rule updated
genexdbs@genexdbs:~$ ufw status
Status: active
To Action From
-- ------ ----
8080 ALLOW Anywhere
22/tcp ALLOW Anywhere
Anywhere ALLOW 203.0.113.100
8080 (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)To delete a rule you can use the following command to get the id and delete the rule using that id.
genexdbs@genexdbs:~$ ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 8080 ALLOW IN Anywhere
[ 2] 22/tcp ALLOW IN Anywhere
[ 3] Anywhere ALLOW IN 203.0.113.100
[ 4] 8080 (v6) ALLOW IN Anywhere (v6)
[ 5] 22/tcp (v6) ALLOW IN Anywhere (v6)7. ufw delete <id>
To delete the rule using the id.
genexdbs@genexdbs:~$ ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 8080 ALLOW IN Anywhere
[ 2] 22/tcp ALLOW IN Anywhere
[ 3] Anywhere ALLOW IN 203.0.113.100
[ 4] 8080 (v6) ALLOW IN Anywhere (v6)
[ 5] 22/tcp (v6) ALLOW IN Anywhere (v6)
genexdbs@genexdbs:~$ ufw delete 3
Deleting:
deny from 203.0.113.100
Proceed with operation (y|n)? y
Rule deleted
genexdbs@genexdbs:~$ ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 8080 ALLOW IN Anywhere
[ 2] 22/tcp ALLOW IN Anywhere
[ 3] 8080 (v6) ALLOW IN Anywhere (v6)
[ 4] 22/tcp (v6) ALLOW IN Anywhere (v6)8. resolvectl status
The resolvectl status command in Linux shows detailed information about the system’s DNS resolver configuration. It provides insight into the current DNS servers, the DNS domain, search domains, and various DNS settings. The resolvectl status command is useful for identifying any misconfigurations or network interface-specific DNS issues.
genexdbs@genexdbs:~$ resolvectl status
Global
LLMNR setting: no
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 2204 (vethda4de11)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 38 (vethe7c2c9b)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no9.traceroute
The traceroute command is a network diagnostic tool used to trace the route taken by packets from a source to a destination over an IP network. It provides valuable insights into the network path, including the number of hops (routers) between the source and destination, and the round-trip time (RTT) for each hop.
The main difference between ping and traceroute is:
Ping checks if a server is reachable and shows how long it takes to send and receive data.
Traceroute shows the exact path data takes to reach the server, listing each stop (router) along the way and how long each stop takes.
To perform a basic traceroute operation to a destination, simply execute traceroute google.com
This command traces the route to the google.com domain, displaying the IP addresses and round-trip times for each hop along the path.
genexdbs@genexdbs:~$ traceroute google.com
traceroute to google.com (142.250.195.206), 64 hops max
1 192.168.1.1 4.551ms 2.925ms 2.633ms
2 * * *
3 56.14.102.193 53.429ms 56.14.102.213 37.168ms 56.14.102.177 39.834ms
4 172.17.179.231 38.913ms 39.777ms 39.806ms
5 172.17.180.3 40.972ms 39.524ms 41.601ms
6 192.168.138.226 48.348ms 39.535ms 192.168.138.224 140.602ms
7 * * *
8 * * *
9 * * *
10 74.125.146.244 78.576ms 38.793ms 49.813ms
11 * * *
12 * * *
13 * * *
14 142.250.195.206 48.669ms 39.988ms 39.971ms10. lscpu
The lscpu command in Linux is a command-line utility that displays detailed information about the CPU in your system.
genexdbs@genexdbs:~$ lscpu
OUTPUT:
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
Address sizes: 39 bits physical, 48 bits virtual
CPU(s): 8
On-line CPU(s) list: 0-7
Thread(s) per core: 2
Core(s) per socket: 4
Socket(s): 1
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 140
Model name: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
Stepping: 1
CPU MHz: 1391.847
CPU max MHz: 4200.0000
CPU min MHz: 400.0000
BogoMIPS: 4838.40
Virtualization: VT-x
L1d cache: 192 KiB
L1i cache: 128 KiB
L2 cache: 5 MiB
L3 cache: 8 MiB
NUMA node0 CPU(s): 0-7
Vulnerability Gather data sampling: Mitigation; Microcode
Vulnerability Itlb multihit: Not affected
Vulnerability L1tf: Not affected
Vulnerability Mds: Not affected
Vulnerability Meltdown: Not affected
Vulnerability Mmio stale data: Not affected
Vulnerability Reg file data sampling: Not affected
Vulnerability Retbleed: Not affected
Vulnerability Spec rstack overflow: Not affected
Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Vulnerability Spectre v2: Mitigation; Enhanced / Automatic IBRS; IBPB conditional; RSB filling; PBRSB-eIBRS SW sequence; BHI SW loop, KVM SW loop
Vulnerability Srbds: Not affected
Vulnerability Tsx async abort: Not affected
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art
arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf tsc_known_freq pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 sdbg fma cx16 xtpr p
dcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb cat_l2 invpcid_single cdp_l2 ssbd i
brs ibpb stibp ibrs_enhanced tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid rdt_a avx512f avx512dq rdseed adx smap
avx512ifma clflushopt clwb intel_pt avx512cd sha_ni avx512bw avx512vl xsaveopt xsavec xgetbv1 xsaves split_lock_detect dtherm ida arat pln pts hwp hwp_notify hwp_ac
t_window hwp_epp hwp_pkg_req avx512vbmi umip pku ospke avx512_vbmi2 gfni vaes vpclmulqdq avx512_vnni avx512_bitalg avx512_vpopcntdq rdpid movdiri movdir64b fsrm avx5
12_vp2intersect md_clear flush_l1d arch_capabilitiesConclusion:
In conclusion, mastering advanced Linux commands can significantly enhance your productivity and efficiency in navigating the command line. By transitioning from intermediate to expert-level commands, you not only gain greater control over your system but also open the door to automation and powerful scripting capabilities. Whether you’re managing servers, troubleshooting issues, or optimizing workflows, these commands are essential tools in your arsenal. Keep practicing, exploring new commands, and experimenting with different techniques to continue your growth in the Linux environment. Remember, the journey to expertise is ongoing—stay curious, and happy coding!