Linux System Administration

Linux System Administration - Part 3

Jun 20, 2017

How to monitor the loaded kernel modules

A Linux system administrator may be required to watching the loaded kernel modules. The command that help to achieve this is “lsmod”.

Example :

    <div id="crayon-69432b71e7a25165903080" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ /sbin/lsmod Module Size Used by ctr 16384 1 ccm 20480 1 ipt_MASQUERADE 16384 3 nf_nat_masquerade_ipv4 16384 1 ipt_MASQUERADE iptable_nat 16384 1 nf_nat_ipv4 16384 1 iptable_nat nf_nat 24576 2 nf_nat_ipv4,nf_nat_masquerade_ipv4 nf_conntrack_ipv4 16384 2 nf_defrag_ipv4 16384 1 nf_conntrack_ipv4 xt_conntrack 16384 1 nf_conntrack 106496 5 nf_nat,nf_nat_ipv4,xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_ipv4 ipt_REJECT 16384 2 nf_reject_ipv4 16384 1 ipt_REJECT xt_CHECKSUM 16384 1 iptable_mangle 16384 1 xt_tcpudp 16384 6 bridge 110592 0 stp 16384 1 bridge llc 16384 2 stp,bridge ip6table_filter 16384 0 ip6_tables 28672 1 ip6table_filter iptable_filter 16384 1

$ /sbin/lsmod

Module Size Used by

ctr 16384 1

ccm 20480 1

ipt_MASQUERADE 16384 3

nf_nat_masquerade_ipv4 16384 1 ipt_MASQUERADE

iptable_nat 16384 1

nf_nat_ipv4 16384 1 iptable_nat

nf_nat 24576 2 nf_nat_ipv4,nf_nat_masquerade_ipv4

nf_conntrack_ipv4 16384 2

nf_defrag_ipv4 16384 1 nf_conntrack_ipv4

xt_conntrack 16384 1

nf_conntrack 106496 5 nf_nat,nf_nat_ipv4,xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_ipv4

ipt_REJECT 16384 2

nf_reject_ipv4 16384 1 ipt_REJECT

xt_CHECKSUM 16384 1

iptable_mangle 16384 1

xt_tcpudp 16384 6

bridge 110592 0

stp 16384 1 bridge

llc 16384 2 stp,bridge

ip6table_filter 16384 0

ip6_tables 28672 1 ip6table_filter

iptable_filter 16384 1

Another way to list all currently loaded kernel modules is to use “cat /proc/modules”.

Example :

    <div id="crayon-69432b71e7a29458896649" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ cat /proc/modules ctr 16384 1 - Live 0x0000000000000000 ccm 20480 1 - Live 0x0000000000000000 ipt_MASQUERADE 16384 3 - Live 0x0000000000000000 nf_nat_masquerade_ipv4 16384 1 ipt_MASQUERADE, Live 0x0000000000000000 iptable_nat 16384 1 - Live 0x0000000000000000 nf_nat_ipv4 16384 1 iptable_nat, Live 0x0000000000000000 nf_nat 24576 2 nf_nat_masquerade_ipv4,nf_nat_ipv4, Live 0x0000000000000000 nf_conntrack_ipv4 16384 2 - Live 0x0000000000000000 nf_defrag_ipv4 16384 1 nf_conntrack_ipv4, Live 0x0000000000000000 xt_conntrack 16384 1 - Live 0x0000000000000000 nf_conntrack 106496 5 nf_nat_masquerade_ipv4,nf_nat_ipv4,nf_nat,nf_conntrack_ipv4,xt_conntrack, Live 0x0000000000000000 ipt_REJECT 16384 2 - Live 0x0000000000000000 nf_reject_ipv4 16384 1 ipt_REJECT, Live 0x0000000000000000 xt_CHECKSUM 16384 1 - Live 0x0000000000000000 iptable_mangle 16384 1 - Live 0x0000000000000000 xt_tcpudp 16384 6 - Live 0x0000000000000000 bridge 110592 0 - Live 0x0000000000000000 stp 16384 1 bridge, Live 0x0000000000000000 llc 16384 2 bridge,stp, Live 0x0000000000000000 ip6table_filter 16384 0 - Live 0x0000000000000000 ip6_tables 28672 1 ip6table_filter, Live 0x0000000000000000 iptable_filter 16384 1 - Live 0x0000000000000000 ip_tables 28672 3 iptable_nat,iptable_mangle,iptable_filter, Live 0x0000000000000000

$ cat /proc/modules

ctr 16384 1 - Live 0x0000000000000000

ccm 20480 1 - Live 0x0000000000000000

ipt_MASQUERADE 16384 3 - Live 0x0000000000000000

nf_nat_masquerade_ipv4 16384 1 ipt_MASQUERADE, Live 0x0000000000000000

iptable_nat 16384 1 - Live 0x0000000000000000

nf_nat_ipv4 16384 1 iptable_nat, Live 0x0000000000000000

nf_nat 24576 2 nf_nat_masquerade_ipv4,nf_nat_ipv4, Live 0x0000000000000000

nf_conntrack_ipv4 16384 2 - Live 0x0000000000000000

nf_defrag_ipv4 16384 1 nf_conntrack_ipv4, Live 0x0000000000000000

xt_conntrack 16384 1 - Live 0x0000000000000000

nf_conntrack 106496 5 nf_nat_masquerade_ipv4,nf_nat_ipv4,nf_nat,nf_conntrack_ipv4,xt_conntrack, Live 0x0000000000000000

ipt_REJECT 16384 2 - Live 0x0000000000000000

nf_reject_ipv4 16384 1 ipt_REJECT, Live 0x0000000000000000

xt_CHECKSUM 16384 1 - Live 0x0000000000000000

iptable_mangle 16384 1 - Live 0x0000000000000000

xt_tcpudp 16384 6 - Live 0x0000000000000000

bridge 110592 0 - Live 0x0000000000000000

stp 16384 1 bridge, Live 0x0000000000000000

llc 16384 2 bridge,stp, Live 0x0000000000000000

ip6table_filter 16384 0 - Live 0x0000000000000000

ip6_tables 28672 1 ip6table_filter, Live 0x0000000000000000

iptable_filter 16384 1 - Live 0x0000000000000000

ip_tables 28672 3 iptable_nat,iptable_mangle,iptable_filter, Live 0x0000000000000000

Getting information about files

The “ls -la” command usually provides the access informaion about files and directories. Also the “fuser” command is used for identifying processes using files or sockets.

Example :

    <div id="crayon-69432b71e7a2c693605978" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ ls -la total 40 drwxrwxrwt 9 root root 4096 Jun 20 15:10 . drwxr-xr-x 24 root root 4096 Jan 29 10:44 .. drwx—— 2 falcon falcon 4096 Jun 20 14:50 .com.google.Chrome.21YCdx drwx—— 2 falcon falcon 4096 Jun 20 14:56 .com.google.Chrome.EAhpC0 srwxr-xr-x 1 mdm mdm 0 Jun 20 14:48 filer8Gwbx drwxrwxrwt 2 root root 4096 Jun 20 14:48 .ICE-unix drwxrwxrwx 2 falcon falcon 4096 Jun 20 14:49 mintUpdate drwx—— 2 root mdm 4096 Jun 20 14:48 pulse-PKdhtXMmr18n drwx—— 2 falcon falcon 4096 Jun 20 14:48 ssh-vXSbTprUIQ3V -r–r–r– 1 root root 11 Jun 20 14:48 .X0-lock drwxrwxrwt 2 root root 4096 Jun 20 14:48 .X11-unix

$ ls -la

total 40

drwxrwxrwt 9 root root 4096 Jun 20 15:10 .

drwxr-xr-x 24 root root 4096 Jan 29 10:44 ..

drwx—— 2 falcon falcon 4096 Jun 20 14:50 .com.google.Chrome.21YCdx

drwx—— 2 falcon falcon 4096 Jun 20 14:56 .com.google.Chrome.EAhpC0

srwxr-xr-x 1 mdm mdm 0 Jun 20 14:48 filer8Gwbx

drwxrwxrwt 2 root root 4096 Jun 20 14:48 .ICE-unix

drwxrwxrwx 2 falcon falcon 4096 Jun 20 14:49 mintUpdate

drwx—— 2 root mdm 4096 Jun 20 14:48 pulse-PKdhtXMmr18n

drwx—— 2 falcon falcon 4096 Jun 20 14:48 ssh-vXSbTprUIQ3V

-r–r–r– 1 root root 11 Jun 20 14:48 .X0-lock

drwxrwxrwt 2 root root 4096 Jun 20 14:48 .X11-unix

    <div id="crayon-69432b71e7a2d837865283" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ fuser /opt/google/chrome/chrome /opt/google/chrome/chrome: 2886e 2897e 2902e 2948e 2953e 3023e 3105e

1 2	$ fuser /opt/google/chrome/chrome /opt/google/chrome/chrome: 2886e 2897e 2902e 2948e 2953e 3023e 3105e

In order to modify the file access permissions, use the command “chmod”. To change file ownership, use command “chown”.

Example : To change the file permissions of the file “testfile” to have the following permissions, use “chmod 775 testfile”

Permissions	Read	Write	Execute	Final Value to use
Owner	Yes – 1	Yes – 1	Yes – 1	7
Group	Yes – 1	Yes – 1	Yes – 1	7
Other	Yes – 1	No – 0	Yes – 1	5

    <div id="crayon-69432b71e7a2f907362171" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ ls -al testfile -rw-r–r– 1 falcon falcon 0 Jun 20 16:29 testfile $ chmod 775 testfile $ ls -al testfile -rwxrwxr-x 1 falcon falcon 0 Jun 20 16:29 testfile

$ ls -al testfile

-rw-r–r– 1 falcon falcon 0 Jun 20 16:29 testfile

$ chmod 775 testfile

$ ls -al testfile

-rwxrwxr-x 1 falcon falcon 0 Jun 20 16:29 testfile

In order to change the ownership of a file, use the command “chown user:group file”.

Example :

    <div id="crayon-69432b71e7a30437926735" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ chown mdm:mdm testfile

1	$ chown mdm:mdm testfile

How to restrict user resources

There might be a situation where the resources allocated for shell and processes need to be restricted. In such cases, use the command “ulimit”. The existing limits can be displayed using “ulimit -a”.

    <div id="crayon-69432b71e7a32415124952" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 63593 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 63593 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited

$ ulimit -a

core file size (blocks, -c) 0

data seg size (kbytes, -d) unlimited

scheduling priority (-e) 0

file size (blocks, -f) unlimited

pending signals (-i) 63593

max locked memory (kbytes, -l) 64

max memory size (kbytes, -m) unlimited

open files (-n) 1024

pipe size (512 bytes, -p) 8

POSIX message queues (bytes, -q) 819200

real-time priority (-r) 0

stack size (kbytes, -s) 8192

cpu time (seconds, -t) unlimited

max user processes (-u) 63593

virtual memory (kbytes, -v) unlimited

file locks (-x) unlimited

How to display the processes attached to open files

In order to display the list of processes attached to open files, use the command “lsof”.

Example :

    <div id="crayon-69432b71e7a33597719920" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ lsof /opt/google/chrome/chrome COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME chrome 2886 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome chrome 2897 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome chrome 2902 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome chrome 2948 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome chrome 2953 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome chrome 3023 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome chrome 3105 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome chrome 4004 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

$ lsof /opt/google/chrome/chrome

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME

chrome 2886 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

chrome 2897 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

chrome 2902 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

chrome 2948 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

chrome 2953 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

chrome 3023 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

chrome 3105 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

chrome 4004 falcon txt REG 8,4 117980200 23079677 /opt/google/chrome/chrome

To see the list of all the files opened by a specific user, use the command “lsof -u uid”.

Example :

    <div id="crayon-69432b71e7a35465431846" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ lsof -u 1000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME gnome-key 2317 falcon cwd unknown /proc/2317/cwd (readlink: Permission denied) gnome-key 2317 falcon rtd unknown /proc/2317/root (readlink: Permission denied) gnome-key 2317 falcon txt unknown /proc/2317/exe (readlink: Permission denied) gnome-key 2317 falcon NOFD /proc/2317/fd (opendir: Permission denied) cinnamon- 2393 falcon cwd DIR 8,4 4096 3145730 /home/falcon cinnamon- 2393 falcon rtd DIR 8,4 4096 2 /

$ lsof -u 1000

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME

gnome-key 2317 falcon cwd unknown /proc/2317/cwd (readlink: Permission denied)

gnome-key 2317 falcon rtd unknown /proc/2317/root (readlink: Permission denied)

gnome-key 2317 falcon txt unknown /proc/2317/exe (readlink: Permission denied)

gnome-key 2317 falcon NOFD /proc/2317/fd (opendir: Permission denied)

cinnamon- 2393 falcon cwd DIR 8,4 4096 3145730 /home/falcon

cinnamon- 2393 falcon rtd DIR 8,4 4096 2 /

System Log Files

There are various system logs. These are mainly used for troubleshooting issues and problems.

Some of the important logs are :

/var/log/syslog

/var/log/secure

/var/log/maillog

To view the timestamp of the last login of system users, use “lastlog” command.

Example :

To get the latest system messages to roll on the screen as they occur –

    <div id="crayon-69432b71e7a36015472474" class="crayon-syntax crayon-theme-powershell crayon-font-monaco crayon-os-pc print-yes notranslate" data-settings=" minimize scroll-mouseover" style=" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;">
	
        <div class="crayon-toolbar" data-settings=" mouseover overlay hide delay" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><span class="crayon-title"></span>
        <div class="crayon-tools" style="font-size: 12px !important;height: 18px !important; line-height: 18px !important;"><div class="crayon-button crayon-nums-button" title="Toggle Line Numbers"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-plain-button" title="Toggle Plain Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-wrap-button" title="Toggle Line Wrap"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-expand-button" title="Expand Code"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-copy-button" title="Copy"><div class="crayon-button-icon"></div></div><div class="crayon-button crayon-popup-button" title="Open Code In New Window"><div class="crayon-button-icon"></div></div></div></div>
        <div class="crayon-info" style="min-height: 18px !important; line-height: 18px !important;"></div>
        <div class="crayon-plain-wrap"><textarea wrap="soft" class="crayon-plain print-no" data-settings="dblclick" readonly style="-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;">

$ tail -f /var/log/syslog Jun 20 17:05:01 alban-ThinkPad-T420 CRON[4517]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1) Jun 20 17:06:13 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: CTRL-EVENT-SCAN-STARTED Jun 20 17:06:19 alban-ThinkPad-T420 wpa_supplicant[1667]: nl80211: send_and_recv->nl_recvmsgs failed: -33 Jun 20 17:08:13 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: CTRL-EVENT-SCAN-STARTED Jun 20 17:09:01 alban-ThinkPad-T420 CRON[4528]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -x /usr/lib/php5/sessionclean ] && [ -d /var/lib/php5 ] && /usr/lib/php5/sessionclean /var/lib/php5 $(/usr/lib/php5/maxlifetime)) Jun 20 17:10:13 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: CTRL-EVENT-SCAN-STARTED Jun 20 17:11:05 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: WPA: Group rekeying completed with 10:be:f5:d3:a4:68 [GTK=TKIP] Jun 20 17:12:13 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: CTRL-EVENT-SCAN-STARTED Jun 20 17:15:01 alban-ThinkPad-T420 CRON[4554]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1) Jun 20 17:17:01 alban-ThinkPad-T420 CRON[4634]: (root) CMD ( cd / && run-parts –report /etc/cron.hourly)

$ tail -f /var/log/syslog

Jun 20 17:05:01 alban-ThinkPad-T420 CRON[4517]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)

Jun 20 17:06:13 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: CTRL-EVENT-SCAN-STARTED

Jun 20 17:06:19 alban-ThinkPad-T420 wpa_supplicant[1667]: nl80211: send_and_recv->nl_recvmsgs failed: -33

Jun 20 17:08:13 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: CTRL-EVENT-SCAN-STARTED

Jun 20 17:09:01 alban-ThinkPad-T420 CRON[4528]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -x /usr/lib/php5/sessionclean ] && [ -d /var/lib/php5 ] && /usr/lib/php5/sessionclean /var/lib/php5 $(/usr/lib/php5/maxlifetime))

Jun 20 17:10:13 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: CTRL-EVENT-SCAN-STARTED

Jun 20 17:11:05 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: WPA: Group rekeying completed with 10:be:f5:d3:a4:68 [GTK=TKIP]

Jun 20 17:12:13 alban-ThinkPad-T420 wpa_supplicant[1667]: wlan0: CTRL-EVENT-SCAN-STARTED

Jun 20 17:15:01 alban-ThinkPad-T420 CRON[4554]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)

Jun 20 17:17:01 alban-ThinkPad-T420 CRON[4634]: (root) CMD ( cd / && run-parts –report /etc/cron.hourly)