Linux FAQ

Is there a cheat sheet for shell commands?

The following is a breakdown of the most commonly used commands and the most commonly used arguments for them.

  • ls — Lists files and directories in a directory. This command is comparable to dir in Windows®/DOS.
    • ls -al — Shows all files (which includes those with filenames that start with a period), directories, and details for each file.
  • cd — Changes your current directory.
    • cd /usr/local/apache — Go to the /usr/local/apache/ directory.
    • cd ~ — Goes to your home directory.
    • cd - — Goes to the last directory you were in.
    • cd .. — Goes "up" a directory (to the directory which contains the current one).
  • cat — Prints file contents to the screen.
    • cat filename.txt — prints the contents of filename.txt to your screen.
  • tail — Like cat, but only reads the end of the file. You can see the contents, but you cannot edit them.
    • tail /var/log/messages — Sees the last 20 lines by default of /var/log/messages
    • tail -f /var/log/messages — Watches the file continuously, while it is updated.
    • tail -200 /var/log/messages — Prints the last 200 lines of the file to the screen.
  • more — Like cat, but this command opens the file one screen at a time, rather than all at once,
    • more /etc/userdomains — Browse through the userdomains file. Press the Spacebar to go to the next page. Type q to quit.
  • pico — Friendly, easy-to-use text editor used to edit files. A clone of it is nano.
    • pico /home/user1/public_html/index.html — Opens the index page of the user's website to edit.
  • vi — Another text editor, harder to use than pico, but much more powerful.
    • vi /home/user1/public_html/index.html — Open the index page of the user's website to edit.
  • grep — Looks for patterns in files.
    • grep root /etc/passwd — Shows all matches of root in the file /etc/passwd.
    • grep -v root /etc/passwd — Shows all lines that do not match root in the file /etc/passwd.
  • touch — Creates an empty file.
    • touch /home/user1/public_html/404.html — Creates an empty file called 404.html in the directory /home/user1/public_html/.
  • ln — Creates links between files and directories.
    • ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf — This lets you edit /etc/httpd.conf rather than the original. /usr/local/apache/conf/httpd.conf. Changes will affect the orginal; however, you can delete the link and not the original.
  • rm — Deletes a file.
    • rm filename.txt — Deletes the file filename.txt, and will more than likely ask if you really want to delete it.
    • rm -f filename.txt — Deletes the file filename.txt, and will not ask for confirmation before it is deleted.
    • rm -rf tmp/ — Recursively deletes the directory tmp, all files and subdirectories.
    • ALERT! Warning: The directory cannot be recovered after you run this command.
  • last — Shows which users have logged in and when.
    • last -20 — Shows only the previous 20 logins.
    • last -20 -a — Shows the previous 20 logins, with the hostname in the last field.
  • w — Shows who is currently logged in and where they are logged in from.
  • netstat — Shows all current network connections.
    • netstat -an — Shows all connections to the server. This includes the source and destination IPs and ports.
    • netstat -rn — Shows a routing table for all IPs bound to the server.
  • file — Attempts to guess the file type by its content.
    • file * : prints out a list of all files and directories within a directory.
  • du — Shows disk usage.
    • du -sh — Shows a summary, in human-readable form, of total disk space used in the current directory and its subdirectories.
    • du -sh * — Same as above, but for each file and directory. This is helpful when you need to find large files which take up space.
  • wc — Displays word count for a file.
    • wc -l filename.txt — Tells how many lines are in filename.txt.
  • cp — Copies a file.
    • cp filename filename.backup — Copies the file filename to filename.backup.
    • cp -a /home/user1/new_design/* home/burst/public_html/ — Copies all files and retains permissions from one directory to another.
  • chmod — Changes a file's permissions. Permissions determine who (from among the user, group, and world) can do what (read, write, and/or execute) to a file. For more information, read the Wikipedia article on chmod. This article contains a list of examples and links to additional resources.
    • chmod 755 myfile.txt — Allows the user to read, write, and execute myfile.txt. Allows the group and world to read and execute myfile.txt.
  • chown — Changes the owner of a file.
    • chown joe:joe myfile.txt — Sets both user and group ownership for myfile.txt to joe.

How to put the shell commands together

Often, you will find that you need to use different commands on the same line. Here are some examples.

note Note: The | character is called a pipe, and it takes data from one program and "pipes" it to another.

> means create a new file and overwrite any content which is already there.
>> means to append data to a file and create a new one if it does not already exist.
< sends input from a file back into a command.

  • # grep User /usr/local/apache/conf/httpd.conf |more
    • This command finds all lines that match User from the httpd.conf, then print the results to your screen one page at a time.
  • last -a > /root/lastlogins.tmp
    • This command prints all the current login history to a file called lastlogins.tmp in /root/.
  • tail -10000 /var/log/exim_mainlog |grep domain\.com |more
    • This command grabs the last 10,000 lines from the /var/log/exim_mainlog file, finds all occurrences of, then sends it to your screen page by page.
      note Note: A period (.) in a command normally represents 'anything.' You should comment out a period with a \ so it will be interpreted literally. For example, grep domain\.com
  • netstat -an |grep :80 |wc -l
    • This command shows how many active connections there are to Apache (httpd runs on port 80).
  • mysql --skip-column-names --batch -e 'show processlist' | wc -l
    • This command shows the number of MySQL threads. If subselects start new threads, they will be included in the output of 'show processlist'.

For more information on Linux and the command line, visit the following links. cPanel, Inc. is not responsible for content on other sites.

Where do I find programs?

You have three options to find a program. Log in to the shell:

  • Type whereis program (where program is the program you wish to find) to show one or more matches for what you wish to find.
  • If you have more than one copy of a program, say one in /usr/bin and another in /usr/local/bin/, type which program to show you which one will be called first.
  • If you can't find it at all, type locate program to show every file that matches "program."
  • Some of the most common programs are:
    • /usr/sbin/sendmail
    • /usr/bin/perl
    • /bin/mail
    • /usr/bin/php

Default locations for commonly used configuration files and directories


  • /etc/exim.conf
  • /var/log/exim_mainlog
  • /var/log/exim_rejectlog
  • /etc/valiases/
  • /etc/vfilters/
  • home/username/.forward


  • /root/.my.cnf
  • /etc/my.cnf
  • /var/lib/mysql/


  • /usr/local/apache/conf/httpd.conf
  • /usr/local/apache/domlogs/


  • /var/log/messages
  • /var/log/dmesg


  • /etc/proftpd.conf
  • /var/log/xferlog
  • /etc/proftpd/


  • /etc/ssh/sshd_config

Which ports should be open if my cPanel server is behind a firewall?

You must open the following ports to run cPanel behind a firewall:


Port Service Details
20 FTP TCP inbound/outbound
21 FTP TCP/UDP inbound/outbound

Server administration and maintenance

Port Service Details
22 SSH TCP inbound
37 rdate TCP outbound


Port Service Details
25 SMTP TCP inbound/outbound
26 SMTP TCP inbound/outbound
110 POP3 TCP inbound
143 IMAP4 TCP inbound
465 SMTP TLS/SSL TCP/UDP inbound/outbound
783 SpamAssassin TCP/UDP inbound
993 IMAP4 SSL TCP inbound
995 POP3 SSL TCP inbound
2095 Webmail TCP inbound
2096 Webmail SSL TCP inbound

Essential services

Port Service Details
53 DNS TCP/UDP inbound/outbound (inbound is needed only if you run your own public DNS server)
80 HTTP TCP inbound/outbound
443 HTTPS TCP inbound
3306 MySQL TCP (only if you need to connect remotely)


Port Service Details
2077 WebDAV TCP/UDP inbound/outbound
2078 WebDAV SSL TCP/UDP inbound/outbound


Port Service Details
2082 cPanel TCP inbound
2083 cPanel SSL TCP inbound
2086 WHM TCP inbound
2087 WHM SSL TCP inbound
2089 cPanel license TCP outbound

Optional services

Port Service Details
43 whois TCP outbound
113 ident TCP outbound
873 rsync TCP/UDP outbound
6666 IRC TCP inbound

How do I find all SETUID root files on my server?

The following command will show all SETUID and SETGID files on the server:

  • find / -type f \( -perm -04000 -o -perm -02000 \) \-exec ls -lg {} \;

Can I use Linux on any computer?

While Linux is a general term for many operating systems, most hardware is supported by most distributions/operating systems. You can find more information at your specific operating system's website.

How do I keep a single job in my crontab from sending an email every time it runs?

Locate 0 * * * * /home/uesr/ in the crontab and add:

/dev/null 2>&1

The command will resemble the following: 0 * * * * /home/uesr/ > /dev/null 2>&1

How do I prevent cron from sending emails at all?

Remove the contact email address from the crontab.

How do I see what is on the console screen of my Linux server?

Run the following command: cat /dev/vcs1

I use Windows. How can I log in to my server?

You will need to download an SSH client.

How do I see all running processes from the shell?

Run either the ps -auxww or ps -cef command.

For more information use about the ps command, run the man ps command.

What is a quick way to see all users with the UID of 0 on the shell?

Run the following command: grep :x:0: /etc/passwd

How can I see which environment variables a process is running?

Run the following command: ps auxwwe |grep processname

How do I see a list of who has logged in to the server?

Use the last command. For example: last -30 — This will displaly the last 30 people who have logged in.

Can I change root’s default shell?

cPanel requires the root user to use the bash shell by default. Non root users can use shells other than bash if the systems administrator wishes to make this an option.

Topic revision: r24 - 20 Aug 2013 - 18:35:17 - Main.ColinShannon