Black Lives Matter

Neon Law

Basic Linux Commands

As part of DevOps interviews, it is common to be asked about common Linux commands and how you would use diagnose certain issues including "What happens if my process hangs?" or "what happens if I don't have permissions to a given file?" With any of these commands, you can type in man, which is short for manual, to learn more about what each command entails.

What happens when you run a command in the terminal?

The Shell process kickstarts a child process to run a new command, such as ls, or listing files. The terminal process will wait until the child process is finished and will return the output to the shell, which unless otherwise configured, will print that to the screen.


A way to compress files that result in a newly compressed file with the same modification date, permissions, and ownership as the original file.

cat A way to read files and write them to standard output. It is useful in situations where you want to pipe the contents of a file to another process. For example cat package.json | pbcopy, which copies the contents of package.json to the system clipboard on Mac OSX devices.

chmod Changes the ACL, or access control list, of a given file. Common permissions are 777 for everyone or 600 for admins (users with sudo permissions) only.

chown Change ownership of a file, similar to chmod except this changes who owns the file, not who has permissions to the file.

chroot Changes the root directory, e.g. ~ which on unix systems is often /users/${user_name}/.

comm This is a utility to find out what lines are in common between two files. The output will tell you the lines unique to file 1, then the lines unique to file 2, then the lines found in both files.

cp Copies files from one destination to another. To copy a full directory and all of its subdirectories, it's common to use the -vr flags which means verbose and recursive.

cron Cron refers to a daemon, or background processes, that runs every minutes to see if anything is scheduled with this bash command. If you set up a scheduled task to run and it's time to run that task, the daemon will execute the task, which is usually a bash script.

curl Curl is a way of transferring data to or from a server via a certain protocol (e.g. HTTP, FTP, SFTP, SMPT, LDAP, etc.) It is usually used with HTTP and HTTPS for web traffic in today's web-centric world.

dd This command can be used for backing up a filesystem from one folder to another. For instance, dd if = /dev/sda of = /dev/sdb backs up /dev/sda to /dev/sdb. The of part of the dd command, which specifies the output of a given partition, can also be a *.img file which refers to a system image.

df Shows the size, used space, and available space of filesystems on your computer. It is most often used with the -h flag for human-readable.

dmesg This command is used to display kernel messages and is not often used unless you're doing some pretty deep programming. You can also pass the output of dmesg to grep to search for things like memory:

dmesg | grep -i memory dpkg This is a package manager for Debian, a flavor of Linux.


Prints what is passed to it to the terminal. It is usually used to print the value of environment variables e.g. echo $PATH to print every folder that contains executables that can be run for the command line.


This command sent san environment variable, then executes a command with those environment variables set. This can be helpful in running an application in a production or staging environment.

exit A way to close a terminal window. On Mac, it ends the process but does not close the window. In Tmux or Linux, it does both.

fdisk This command provides command-line disk partitioning functions.

find A way to search for the name of a given file. It can be used in conjunction with grep, e.g. find . | grep resume to find the files in a given folder and its subfolders with the name resume in it.

free A less robust version of top that shows you how much free memory you have on Linux systems (it is not shipped by default on Mac).

fsck This checks the filesystem to see if anything is wrong with it. It is often used in booting a machine up to check if the files are in order, starting with the root directory.

grep This command functions as a text search and can be used by piping a previous command. For instance,

find . | grep ".pdf" will find all the PDFs in a given folder and its subfolders.

groups This assigns various users to groups, though it is gone out fashion with containerization and the general guideline of running one process per container.

gzip This command creates an archive like tar and also compresses the file size in a way that minimizes the overall storage used in creating the tar.

head This command is the opposite of tail and displays the first few lines of a file.

history This command tells you the previous commands you have used. It is a good practice for workstations you use frequently to ensure you're saving a lot of commands (e.g. 10,000) so you can search them.

ifconfig It helps you read and defend network interfaces on your machine. It stands for interface configuration.

You can read all current networks by ifconfig -a and spin up and down configs by executing up or down after seeing which interface you want to swap its state. You can use it to sign IP addresses, netmasks, and broadcast a network interface.

A netmask divides an IP address into 32 bits, with two of them always being reserved. (0 for the Internet and 255 for the broadcast).

Broadcasting means a DHCP server can allocate an IP to that IP address. DHCP stands for dynamic host configuration protocol.

kill This kills or terminates a process, which you can look up by its PID, which you can find by using a tool like top. If you pass in just kill, it sends a SIGTERM, which is received by the application code. Otherwise, you can pass -9 via kill -9, to kill the process via the init daemon.

less A way to read the file in your terminal, without editing it. The keyboard commands to move up and down a page are similar to vim.

ls This command lists the current files in the directory. It is commonly used with the -la flags which lists all of the files including "private" files or files that start with ".".

man This command lists documentation about a given command. It was used as the basis for writing the documentation you are reading now.

mkdir This command creates a directory. If you pass the -p flag it will create the necessary folders to arrive at the child folder as well.

mount This command mounts a filesystem to a given endpoint - it is similar to how it's used in Docker/containers.

mv Used to move a file or folder from one place to another. It's similar to cp except the original copy is no longer at the original location.

netstat This displays all incoming and outcoming network connections, routing tables, and network interfaces.

nohup This command can be used to run commands in the background, independent of the current shell you are in. For instance the following bash:

nohup ./bin/rails server & exit would not actually stop the rails server running.

nslookup A way to look up the whois information about a given website, e.g. the domain name.

ping A way to ping an IP address to see if it is available to answer requests. You can also use this with DNS, e.g.

ps This stands for process status and tells you the current status of a given process. You can pass the -p flag and a given process's "PID" (which you can get from top) to get details about a particular process.

pwd This command lists the current directory.

rm This commands deletes a file from your filesystem for good. There is no "remove from trash" feature, once you call rm it's gone unless you have a backup of your whole filesystem elsewhere. This command is also commonly used with the -rf flags (recursive and force) which deletes a folder and all of its subfolders.

rmdir This command removes directories and functions similar to rm -rf

route This command is used to manually manipulate network routing tables and is not used often because most processes can function fine with default routing tables.

ssh This command allows for inter-computer communication over port 22 and usually needs some sort of pre-signed certificates to accomplish this.

shutdown A way to shutdown your computer shutdown -h now shuts down the computer immediately, killing all open processes.

tail This is used to display the last part of a file, and if you're always writing to a file, it can be used to stream various logs with the -f flag.

tar Tar is a form of compression that creates archive files that can be used in a similar way as zipping. However, tar does not apply compression.

tee Tee takes a stream or something that is piped and can write it to a file. For example,

ls -l | tee file.txt | less will write all the files in the current directory to disk

top This command is a helpful way to display all the processes running on your computer and how much memory and GPU they are consuming.

traceroute This command follows the IPs from one destination to another, for instance traceroute will start with the IP you are using to connect to the Internet (e.g. from your ISP) and eventually lead to the final destination of where the servers are.

tty This displays information about the current shell you're in - and can also be used by issuing the ps command with no arguments.

uname This will tell you about the current OS you are using. For Mac OSX it is darwin.

useradd This adds a new user to your system. It is usually a command only run by the root user.

vi Vim, an editor that is better than EMacs because it's like playing Mozart (good for people with small hands). Emacs, on the other hand, is like paying Brahms (not good for people with small hands). Also, vim has little to no startup time and is commonly found on most machines.

vmstat This command tells you information about memory, processes, paging, block IO, traps, and CPU activity.

w A more verbose version of whoami which displays not only who is logged in, but what they are doing and how long their session has been active for.

wget Like curl except that it supports fewer protocols but can download files recursively. For websites, it accomplishes this by looking at URLs embedded in an HTML document such as anchor tags, or css url statements.

whoami A way of telling who you are, or what user you are logged into on a *nix machine. For instance, my name is Nick, and when I'm logged into my mac, the output of whoami is nick.

xargs This command takes the output of a previous command, usually piped, and passes it to another command as arguments.

For instance:

find . -name "*.png" -type f -print0 | xargs -0 tar -cvzf images.tar.gz This command creates a tar of all the .png files found in the current folder or its subfolders.

Neon Law

All content presented herein is for informational purposes only. Nothing should be construed as legal advice. Transmission and receipt of this information is not intended to create and does not constitute, an attorney-client relationship with lawyers on this platform. There is no expectation of attorney-client privilege or confidentiality of anything you may communicate to us in this forum. Do not act upon any information presented without seeking professional counsel.

Currently viewing this site in English

SupportPro BonoUpward Mobility
Join our e-mail list.
Sign up for our e-mail list, the Neon Law Monthly.

Copyright © 2021 Shook Law PLLC

this website was crafted by Nisar