Crontab is the program used to install, remove or list the tables used to serve the
cron(8) daemon. Each user can have their own crontab, and though these are files
in /var/spool/, they are not intended to be edited directly
format of crontab entry
123456789101112131415
cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
run uptime as root every minute, hour, day of month, month, on weekdays
12
crontab -e
* * * * 1-5 uptime >> /root/log.txt
12345678
You have new mail in /var/spool/mail/root
[root@tron ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 4 messages 4 new
>N 1 (Cron Daemon) Mon Oct 9 14:10 25/850 "Cron <root@tron> root"
N 2 (Cron Daemon) Mon Oct 9 14:11 25/850 "Cron <root@tron> root"
N 3 (Cron Daemon) Mon Oct 9 14:12 25/850 "Cron <root@tron> root"
N 4 (Cron Daemon) Mon Oct 9 14:13 25/850 "Cron <root@tron> root"
Unlike cron(8), it does not assume that the machine is running continuously.
Hence, it can be used on machines that are not running 24 hours a day to control
regular jobs as daily, weekly, and monthly jobs
1234567891011121314151617
cat /etc/anacrontab
# /etc/anacrontab: configuration file for anacron
# See anacron(8) and anacrontab(5) for details.
SHELL=/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# the maximal random delay added to the base delay of the jobs
RANDOM_DELAY=45
# the jobs will be started during the following hours only
START_HOURS_RANGE=3-22
#period in days delay in minutes job-identifier command
1 5 cron.daily nice run-parts /etc/cron.daily
7 25 cron.weekly nice run-parts /etc/cron.weekly
@monthly 45 cron.monthly nice run-parts /etc/cron.monthly
anacron job
1
1 1 demo netstat -lnt > /root/conn.txt
Check validity of job file with anacron -T
at
executes commands at a specified time
schedule job and use Ctrl-D at the prompt when you’re done
1234
at 19:08 oct 09
at> netstat -lnt > /root/ports.txt
at> <EOT>
job 3 at Mon Oct 9 19:08:00 2017
atq
lists the user’s pending jobs, unless the user is the superuser; in that case,
everybody’s jobs are listed.
12
[root@tron ~]# atq
3 Mon Oct 9 19:08:00 2017 a root
ldd
print shared library dependencies
In the usual case, ldd invokes the standard dynamic linker (see ld.so(8))
with the LD_TRACE_LOADED_OBJECTS environment variable set to 1, which causes the
linker to display the library dependencies. Be aware, > however, that in some
circumstances, some versions of ldd may attempt to obtain the dependency information
by directly executing the program. Thus, you should never employ ldd on an untrusted
executable, since this may result in the execution of arbitrary code. A safer
alternative when dealing with untrusted executables is:
vmstat
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
r b swpd free buff cache si so bi bo in cs us sy id wa st
4 0 0 776148 1004 503192 0 0 70 8 79 169 2 1 97 0 0
tload
graphic representation of system load average
1
0.01, 0.07, 0.17
watch
execute a program periodically, showing output fullscreen
lscpu
display information about the CPU architecture
123456789101112131415161718192021222324
lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 1
On-line CPU(s) list: 0
Thread(s) per core: 1
Core(s) per socket: 1
Socket(s): 1
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 69
Model name: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz
Stepping: 1
CPU MHz: 2493.585
BogoMIPS: 4988.45
Hypervisor vendor: VMware
Virtualization type: full
L1d cache: 32K
L1i cache: 32K
L2 cache: 256K
L3 cache: 3072K
NUMA node0 CPU(s): 0
If a runlevel cannot be determined, N is printed instead
12
runlevel
N 5
init / telinit
legacy
1234567891011121314
init [OPTIONS...] {COMMAND}
Send control commands to the init daemon.
--help Show this help
--no-wall Don't send wall message before halt/power-off/reboot
Commands:
0 Power-off the machine
6 Reboot the machine
2, 3, 4, 5 Start runlevelX.target unit
1, s, S Enter rescue mode
q, Q Reload init daemon configuration
u, U Reexecute init daemon
lastlog -u root
Username Port From Latest
root :0 Sat Oct 7 14:45:28 +0300 2017
last
show listing of last logged in users
Last searches back through the file /var/log/wtmp (or the file designated by the
f flag) and displays a list of all users logged in (and out) since that file was
created.
12345678910111213
last -n 10
root pts/1 :0 Sat Oct 7 14:53 still logged in
root pts/0 :0 Sat Oct 7 14:45 still logged in
root :0 :0 Sat Oct 7 14:45 still logged in
(unknown :0 :0 Sat Oct 7 14:42 - 14:45 (00:02)
reboot system boot 3.10.0-514.21.1. Sat Oct 7 14:41 - 14:54 (00:13)
root pts/1 :0 Fri Oct 6 21:48 - 23:19 (01:30)
root pts/0 :0 Fri Oct 6 21:47 - 23:19 (01:32)
root :0 :0 Fri Oct 6 21:43 - 23:19 (01:36)
(unknown :0 :0 Fri Oct 6 21:37 - 21:43 (00:05)
reboot system boot 3.10.0-514.21.1. Fri Oct 6 21:36 - 23:19 (01:43)
wtmp begins Tue Apr 26 15:32:43 2016
lastb
shows a log of the file /var/log/btmp, which contains all the bad login attempts
123456
lastb
root :0 :0 Sat Oct 7 14:57 - 14:57 (00:00)
root :0 :0 Sat Oct 7 14:57 - 14:57 (00:00)
nixhat :0 :0 Sat Oct 7 14:57 - 14:57 (00:00)
btmp begins Sat Oct 7 14:57:26 2017
logrotate
rotates, compresses, and mails system logs
Config file: /etc/logrotate.conf
journalctl
Query the systemd journal
1234567
journalctl -u httpd.service
-- Logs begin at Sat 2017-10-07 14:41:21 EEST, end at Sat 2017-10-07 15:34:36 EE
Oct 07 14:42:14 localhost.localdomain systemd[1]: Starting The Apache HTTP Serve
Oct 07 14:42:23 localhost.localdomain httpd[1099]: AH00558: httpd: Could not rel
Oct 07 14:42:24 localhost.localdomain systemd[1]: Started The Apache HTTP Server
Oct 07 15:11:02 localhost.localdomain httpd[6068]: AH00558: httpd: Could not rel
Oct 07 15:11:02 localhost.localdomain systemd[1]: Reloaded The Apache HTTP Serve
show boot log
1234567891011
journalctl -b | tail
Jan 25 18:28:01 rhel7 systemd[1]: Created slice user-993.slice.
Jan 25 18:28:01 rhel7 systemd[1]: Starting user-993.slice.
Jan 25 18:28:01 rhel7 systemd[1]: Started Session 45 of user pcp.
Jan 25 18:28:01 rhel7 systemd[1]: Starting Session 45 of user pcp.
Jan 25 18:28:01 rhel7 CROND[6820]: (pcp) CMD ( /usr/libexec/pcp/bin/pmie_check -C)
Jan 25 18:28:01 rhel7 systemd[1]: Removed slice user-993.slice.
Jan 25 18:28:01 rhel7 systemd[1]: Stopping user-993.slice.
Jan 25 18:30:01 rhel7 systemd[1]: Started Session 46 of user root.
Jan 25 18:30:01 rhel7 systemd[1]: Starting Session 46 of user root.
Jan 25 18:30:01 rhel7 CROND[6978]: (root) CMD (/usr/lib64/sa/sa1 1 1)
show error events
12345678910111213
journalctl -p err
-- Logs begin at Thu 2018-01-25 14:28:07 EET, end at Thu 2018-01-25 18:30:01 EET. --
Jan 25 14:28:10 rhel7 kernel: piix4_smbus 0000:00:07.3: Host SMBus controller not enabled!
Jan 25 14:28:11 rhel7 kernel: intel_rapl: no valid rapl domains found in package 0
Jan 25 14:28:35 rhel7 cntlm[1121]: Error creating a new PID file
Jan 25 14:28:45 rhel7 spice-vdagent[2501]: Cannot access vdagent virtio channel /dev/virtio-ports/com.redhat.spice.0
Jan 25 14:28:57 rhel7 udisksd[2652]: Error probing device: Error sending ATA command IDENTIFY PACKET DEVICE to /dev/sr0: ATA command failed: error=0x01 count=0x02 status=0x5
Jan 25 14:47:48 rhel7 gdm-launch-environment][2380]: pam_systemd(gdm-launch-environment:session): Failed to release session: Interrupted system call
Jan 25 14:47:50 rhel7 spice-vdagent[3306]: Cannot access vdagent virtio channel /dev/virtio-ports/com.redhat.spice.0
Jan 25 14:48:15 rhel7 pulseaudio[3318]: GetManagedObjects() failed: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote applicat
Jan 25 14:53:38 rhel7 kernel: ata4: exception Emask 0x10 SAct 0x0 SErr 0x4010000 action 0xe frozen
Jan 25 14:53:38 rhel7 kernel: ata4: irq_stat 0x00400040, connection status changed
Jan 25 14:53:38 rhel7 kernel: ata4: SError: { PHYRdyChg DevExch }
rpm
RPM Package Manager
count all installed packages
12
rpqm -qa | wc -l
1366
get info about installed package
12345678910111213141516171819202122
rpm -qi samba
Name : samba
Epoch : 0
Version : 4.4.4
Release : 14.el7_3
Architecture: x86_64
Install Date: Thu 08 Jun 2017 10:55:00 AM EEST
Group : System Environment/Daemons
Size : 1869228
License : GPLv3+ and LGPLv3+
Signature : RSA/SHA256, Thu 25 May 2017 04:16:22 PM EEST, Key ID 24c6a8a7f4a80eb5
Source RPM : samba-4.4.4-14.el7_3.src.rpm
Build Date : Thu 25 May 2017 02:35:40 PM EEST
Build Host : c1bm.rdu2.centos.org
Relocations : (not relocatable)
Packager : CentOS BuildSystem <http://bugs.centos.org>
Vendor : CentOS
URL : http://www.samba.org/
Summary : Server and Client software to interoperate with Windows machines
Description :
Samba is the standard Windows interoperability suite of programs for Linux and
Unix.
yum info nmap
[...]
Available Packages
Name : nmap
Arch : x86_64
Epoch : 2
Version : 6.40
Release : 7.el7
Size : 4.0 M
Repo : base/7/x86_64
Summary : Network exploration tool and security scanner
URL : http://nmap.org/
License : GPLv2 and LGPLv2+ and GPLv2+ and BSD
Description : Nmap is a utility for network exploration or security auditing.
: It supports ping scanning (determine which hosts are up), many
: port scanning techniques (determine what services the hosts are
: offering), and TCP/IP fingerprinting (remote host operating system
: identification). Nmap also offers flexible target and port
: specification, decoy scanning, determination of TCP sequence
: predictability characteristics, reverse-identd scanning, and more.
: In addition to the classic command-line nmap executable, the Nmap
: suite includes a flexible data transfer, redirection, and
: debugging tool (netcat utility ncat), a utility for comparing scan
: results (ndiff), and a packet generation and response analysis
: tool (nping).
find packages when you know something about the package but aren’t sure of its name.
1
yum search name
list package summary
123456789101112131415
yum info scapy
Available Packages
Name : scapy
Arch : noarch
Version : 2.3.3
Release : 1.el7
Size : 983 k
Repo : epel/x86_64
Summary : Interactive packet manipulation tool and network scanner
URL : http://www.secdev.org/projects/scapy/
License : GPLv2
Description : Scapy is a powerful interactive packet manipulation program built
: on top of the Python interpreter. It can be used to forge or
: decode packets of a wide number of protocols, send them over the
: wire, capture them, match requests and replies, and much more.
yum repolist
repo id repo name status
base/7/x86_64 CentOS-7 - Base 9,591
*epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 11,985
extras/7/x86_64 CentOS-7 - Extras 227
nux-dextop/x86_64 Nux.Ro RPMs for general desktop use 1,599
updates/7/x86_64 CentOS-7 - Updates 731
repolist: 24,133
see past transactions
1
yum history
list available kernels
123456789
yum list kernel
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-
: manager
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
Installed Packages
kernel.x86_64 3.10.0-514.el7 @anaconda/7.3
kernel.x86_64 3.10.0-514.26.2.el7 @rhel-7-server-rpms
Available Packages
kernel.x86_64 3.10.0-693.2.2.el7 rhel-7-server-rpms
install new kernel and set it as default boot choice
1
yum --enablerepo=kernelrepo install kernelname
Set GRUB_DEFAULT=0 to make it default, 1 otherwise
123456789
_____________________________________
/ Fine day for friends. So-so day for \
\ you. /
-------------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||