In this post I am sharing some useful Linux commands originally posted by Traw on Twitter. As it is almost impossible to find stuff on Twitter (even if you favorite it) I am consolidating the entire thread here as a blog post for my reference:
lsmem:
lsmem lists the ranges of available memory with their online status. The listed memory blocks correspond to the memory block representation in sysfs. The command also shows the memory block size, the device size, and the amount of memory in online and offline state. The output looks like:
suramya@StarKnight:~$ lsmem
RANGE SIZE STATE REMOVABLE BLOCK
0x0000000000000000-0x00000000cfffffff 3.3G online yes 0-25
0x0000000100000000-0x000000052fffffff 16.8G online yes 32-165
Memory block size: 128M
Total online memory: 20G
Total offline memory: 0B
lsusb
lsusb lists all the USB buses in the system and the associated devices connected to them. A good way to figure out what USB devices are connected and what the vendor ID and the product ID associated with them. The output looks like:
suramya@StarKnight:~$ lsusb
Bus 006 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 005 Device 032: ID 03f0:3b17 HP, Inc LaserJet M1005 MFP
Bus 005 Device 029: ID 8564:4000 Transcend Information, Inc. microSD/SD/CF UHS-II Card Reader [RDF8, RDF9]
Bus 005 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 002: ID 0b05:18f3 ASUSTek Computer, Inc. AURA LED Controller
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 005: ID 8087:0029 Intel Corp. AX200 Bluetooth
Bus 001 Device 004: ID 05e3:0610 Genesys Logic, Inc. Hub
Bus 001 Device 003: ID 413c:2113 Dell Computer Corp. KB216 Wired Keyboard
Bus 001 Device 002: ID 0951:16bc Kingston Technology HyperX Pulsefire FPS Gaming Mouse
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
lsb_release
The lsb_release command displays LSB (Linux Standard Base) information about your specific Linux distribution, including version number, release codename, and distributor ID. The output looks like:
suramya@StarKnight:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux bookworm/sid
Release: testing/unstable
Codename: n/a
lsfd
lsfd is a replacement for lsof and lists the file descriptors On Linux systems, it is tailored to the Linux kernel and supports Linux-specific features such as namespaces etc. The output looks like:
suramya@StarKnight:~$ lsfd |more
COMMAND PID USER ASSOC MODE TYPE SOURCE MNTID INODE NAME
syncthing 1134 suramya exe --- REG sda5 0 265927 /usr/bin/syncthing
syncthing 1134 suramya cwd --- DIR sda5 0 2 /
syncthing 1134 suramya rtd --- DIR sda5 0 2 /
syncthing 1134 suramya cgroup --- REG 0:4 0 4026531835 cgroup:[4026531835]
syncthing 1134 suramya ipc --- REG 0:4 0 4026531839 ipc:[4026531839]
syncthing 1134 suramya mnt --- REG 0:4 0 4026533012 mnt:[4026533012]
syncthing 1134 suramya net --- REG 0:4 0 4026531840 net:[4026531840]
syncthing 1134 suramya pid --- REG 0:4 0 4026531836 pid:[4026531836]
syncthing 1134 suramya pid4c --- REG 0:4 0 4026531836 pid:[4026531836]
syncthing 1134 suramya time --- REG 0:4 0 4026531834 time:[4026531834]
syncthing 1134 suramya time4c --- REG 0:4 0 4026531834 time:[4026531834]
syncthing 1134 suramya user --- REG 0:4 0 4026531837 user:[4026531837]
syncthing 1134 suramya uts --- REG 0:4 0 4026531838 uts:[4026531838]
syncthing 1134 suramya mem r-x REG sda5 0 265927 /usr/bin/syncthing
syncthing 1134 suramya mem r-- REG sda5 0 265927 /usr/bin/syncthing
syncthing 1134 suramya mem rw- REG sda5 0 265927 /usr/bin/syncthing
lsof
The command lsof stands for List Of Open Files. This command displays a list of files that have been opened. Essentially, it provides information to determine which files are opened by which process. The output looks like:
root@StarKnight:/tmp# lsof |more
COMMAND PID TID TASKCMD USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd 1 root cwd DIR 8,5 4096 2 /
systemd 1 root rtd DIR 8,5 4096 2 /
systemd 1 root txt REG 8,5 1841792 277271 /usr/lib/systemd/systemd
systemd 1 root mem REG 8,5 161864 280226 /usr/lib/x86_64-linux-gnu/libgpg-error.so.0.33.0
systemd 1 root mem REG 8,5 3081088 264360 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
systemd 1 root mem REG 8,5 26984 273912 /usr/lib/x86_64-linux-gnu/libcap-ng.so.0.0.0
systemd 1 root mem REG 8,5 633512 270536 /usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.11.0
systemd 1 root mem REG 8,5 1321424 264366 /usr/lib/x86_64-linux-gnu/libm-2.33.so
systemd 1 root mem REG 8,5 158400 279628 /usr/lib/x86_64-linux-gnu/liblzma.so.5.2.5
systemd 1 root mem REG 8,5 751840 263041 /usr/lib/x86_64-linux-gnu/libzstd.so.1.5.2
systemd 1 root mem REG 8,5 137568 269425 /usr/lib/x86_64-linux-gnu/liblz4.so.1.9.3
systemd 1 root mem REG 8,5 35280 262500 /usr/lib/x86_64-linux-gnu/libip4tc.so.2.0.0
systemd 1 root mem REG 8,5 1332480 262198 /usr/lib/x86_64-linux-gnu/libgcrypt.so.20.4.1
systemd 1 root mem REG 8,5 18768 264301 /usr/lib/x86_64-linux-gnu/libdl-2.33.so
systemd 1 root mem REG 8,5 202680 264320 /usr/lib/x86_64-linux-gnu/libcrypt.so.1.1.0
systemd 1 root mem REG 8,5 38864 267169 /usr/lib/x86_64-linux-gnu/libcap.so.2.44
lscpu
lscpu gathers CPU architecture information from sysfs, /proc/cpuinfo, and any architecture-specific libraries that are applicable (e.g. librtas on Powerpc). The command output can be optimized for parsing or human readability. This can include the number of CPU’s, threads, cores, etc. The output looks like:
suramya@StarKnight:~$ lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Address sizes: 43 bits physical, 48 bits virtual
Byte Order: Little Endian
CPU(s): 16
On-line CPU(s) list: 0-15
Vendor ID: AuthenticAMD
Model name: AMD Ryzen 7 3800X 8-Core Processor
CPU family: 23
Model: 113
Thread(s) per core: 2
Core(s) per socket: 8
Socket(s): 1
Stepping: 0
Frequency boost: enabled
CPU(s) scaling MHz: 52%
CPU max MHz: 4558.8862
CPU min MHz: 2200.0000
BogoMIPS: 7786.11
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse
3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_p
state ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbr
v svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sme sev sev_es
Virtualization features:
Virtualization: AMD-V
Caches (sum of all):
L1d: 256 KiB (8 instances)
L1i: 256 KiB (8 instances)
L2: 4 MiB (8 instances)
L3: 32 MiB (2 instances)
NUMA:
NUMA node(s): 1
NUMA node0 CPU(s): 0-15
Vulnerabilities:
Itlb multihit: Not affected
L1tf: Not affected
Mds: Not affected
Meltdown: Not affected
Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl
Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Spectre v2: Mitigation; Retpolines, IBPB conditional, STIBP conditional, RSB filling
Srbds: Not affected
Tsx async abort: Not affected
lslogins
lslogins displays information about known users in the system. It examines the wtmp and btmp logs, /etc/shadow (if necessary) along with /etc/passwd to get the desired data.
suramya@StarKnight:~$ lslogins
UID USER PROC PWD-LOCK PWD-DENY LAST-LOGIN GECOS
0 root 306 Apr06/15:36 root
lspci
lspci is a command on Unix-like operating systems that prints detailed information about all PCI buses and devices in the system. It is based on a common portable library libpci which offers access to the PCI configuration space on a variety of operating systems. The output looks like:
suramya@StarKnight:~$ lspci
00:00.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Root Complex
00:00.2 IOMMU: Advanced Micro Devices, Inc. [AMD] Starship/Matisse IOMMU
00:01.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:01.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge
00:02.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:03.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:03.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge
00:04.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
...
0b:00.4 Audio device: Advanced Micro Devices, Inc. [AMD] Starship/Matisse HD Audio Controller
lsipc
lsipc shows information on the System V inter-process communication facilities for which the calling process has read access. The output looks like:
suramya@StarKnight:~$ lsipc
RESOURCE DESCRIPTION LIMIT USED USE%
MSGMNI Number of message queues 32000 0 0.00%
MSGMAX Max size of message (bytes) 8K - -
MSGMNB Default max size of queue (bytes) 16K - -
SHMMNI Shared memory segments 4096 4 0.10%
SHMALL Shared memory pages 18446744073692774399 1728 0.00%
SHMMAX Max size of shared memory segment (bytes) 16E - -
SHMMIN Min size of shared memory segment (bytes) 1B - -
SEMMNI Number of semaphore identifiers 32000 0 0.00%
SEMMNS Total number of semaphores 1024000000 0 0.00%
SEMMSL Max semaphores per semaphore set. 32000 - -
SEMOPM Max number of operations per semop(2) 500 - -
SEMVMX Semaphore max value 32767 - -
lslocks
lslocks lists information about all the currently held file locks in a Linux system. It also lists OFD (Open File Description) locks which are not associated with any process (PID is -1). OFD locks are associated with the open file description on which they are acquired. The output looks like:
suramya@StarKnight:~$ lslocks |more
COMMAND PID TYPE SIZE MODE M START END PATH
pipewire 1483 FLOCK WRITE 0 0 0 /run/user/1000/pipewire-0.lock
firefox-bin 18608 POSIX WRITE 0 0 0 /mnt/data/Configs/.mozilla/firefox/6hzbxva3.default/.parentlock
firefox-bin 18608 POSIX READ 0 0 0 /tmp/MozillaUpdateLock-CBDE0CC28E6567B7
plasmashell 1742 POSIX 88K READ 0 1073741826 1073742335 /home/suramya/.local/share/kactivitymanagerd/resources/database
plasmashell 1742 POSIX 32K READ 0 128 128 /home/suramya/.local/share/kactivitymanagerd/resources/database-shm
systemsettings 2116 POSIX 88K READ 0 1073741826 1073742335 /home/suramya/.local/share/kactivitymanagerd/resources/database
systemsettings 2116 POSIX 32K READ 0 128 128 /home/suramya/.local/share/kactivitymanagerd/resources/database-shm
cron 900 FLOCK WRITE 0 0 0 /run...
kactivitymanage 1754 POSIX 88K READ 0 1073741826 1073742335 /home/suramya/.local/share/kactivitymanagerd/resources/database
kactivitymanage 1754 POSIX 32K READ 0 128 128 /home/suramya/.local/share/kactivitymanagerd/resources/database-shm
firefox-bin 18608 POSIX 75M WRITE 0 1073741826 1073742335 /mnt/data/Configs/.mozilla/firefox/6hzbxva3.default/places.sqlite
firefox-bin 18608 POSIX 74.3M WRITE 0 1073741826 1073742335 /mnt/data/Configs/.mozilla/firefox/6hzbxva3.default/favicons.sqlite
kactivitymanage 1754 POSIX 32K READ 0 124 124 /home/suramya/.local/share/kactivitymanagerd/resources/database-shm
lsmod
lsmod shows the current status of loaded modules in the Linux Kernel. It nicely formats the contents of the /proc/modules , showing what kernel modules are currently loaded. The output looks like:
suramya@StarKnight:~$ lsmod
Module Size Used by
loop 32768 0
dm_crypt 61440 0
dm_mod 172032 1 dm_crypt
mptcp_diag 16384 0
tcp_diag 16384 0
udp_diag 16384 0
raw_diag 16384 0
inet_diag 24576 4 tcp_diag,mptcp_diag,raw_diag,udp_diag
unix_diag 16384 0
af_packet_diag 16384 0
netlink_diag 16384 0
uinput 20480 0
xfrm_user 49152 2
xfrm_algo 16384 1 xfrm_user
...
...
twofish_generic 20480 0
twofish_avx_x86_64 53248 0
twofish_x86_64_3way 32768 1 twofish_avx_x86_64
lsirq
lsirq is a utility to display kernel interrupt information. The output looks like:
IRQ TOTAL NAME
LOC 438495596 Local timer interrupts
RES 395250211 Rescheduling interrupts
CAL 244198954 Function call interrupts
TLB 50704087 TLB shootdowns
43 36669756 IR-PCI-MSI 2621443-edge enp5s0-tx-0
44 33219249 IR-PCI-MSI 2621444-edge enp5s0-tx-1
42 29631348 IR-PCI-MSI 2621442-edge enp5s0-rx-1
41 24214613 IR-PCI-MSI 2621441-edge enp5s0-rx-0
63 5830480 IR-PCI-MSI 3670016-edge ahci[0000:07:00.0]
45 4564010 IR-PCI-MSI 3147776-edge xhci_hcd
105 4129317 IR-PCI-MSI 4718592-edge nvidia
64 3354988 IR-PCI-MSI 4194304-edge ahci0
69 1788338 IR-PCI-MSI 4194309-edge ahci5
65 157846 IR-PCI-MSI 4194305-edge ahci1
104 27444 IR-PCI-MSI 5775360-edge snd_hda_intel:card1
..
..
lsns
The lsns command lists information about all currently accessible namespaces or a given namespace. The namespace identifier is an inode number. The output looks like:
suramya@StarKnight:~$ lsns
NS TYPE NPROCS PID USER COMMAND
4026531834 time 87 1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531835 cgroup 87 1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531836 pid 87 1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531837 user 75 1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531838 uts 87 1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531839 ipc 76 1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531840 net 76 1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531841 mnt 85 1454 suramya /lib/systemd/systemd --user
4026532954 user 1 267290 suramya /usr/local/firefox/firefox-bin -contentproc -parentBuildID 20220705093820 -prefsLen 44808 -prefMapSize 237085 -appDir /usr/local/firefox/browser 267229 true socket
4026532955 ipc 1 267290 suramya /usr/local/firefox/firefox-bin -contentproc -parentBuildID 20220705093820 -prefsLen 44808 -prefMapSize 237085 -appDir /usr/local/firefox/browser 267229 true socket
...
...
lsattr
lsattr lists the file attributes on a second extended file system. The chattr command modifies the attributes of files, and lsattr lists (displays) them. File attributes are flags which affect how the file is stored and accessed by the filesystem. They are metadata stored in the file’s associated inode. The output looks like:
suramya@StarKnight:~$ lsattr
--------------e------- ./node_modules
--------------e------- ./Temp
--------------e------- ./Screenshot_20220704_122444.png
--------------e------- ./go
--------------e------- ./LinkedIn
lsblk
lsblk is used to display details about block devices and these block devices(Except ram disk) are basically those files that represent devices connected to the pc. It queries /sys virtual file system and udev db to obtain information that it displays. And it basically displays output in a tree-like structure. This command comes pre-installed with the util-Linux package. The output looks like:
suramya@StarKnight:~$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 111.8G 0 disk
├─sda1 8:1 0 3.7G 0 part [SWAP]
├─sda2 8:2 0 1K 0 part
├─sda5 8:5 0 18.6G 0 part /
└─sda6 8:6 0 89.4G 0 part /mnt/data
sdb 8:16 0 2.7T 0 disk
└─sdb1 8:17 0 2.7T 0 part /mnt/Backup
sdc 8:32 0 223.6G 0 disk
└─sdc1 8:33 0 223.6G 0 part /mnt/storage
sdd 8:48 0 12.7T 0 disk
└─sdd1 8:49 0 12.7T 0 part /mnt/repository
There are a lot more useful Linux commands and no blog post can possibily list all of them. But some of these were new to me so I thought I should share.
– Suramya