Much to the chagrin of those who'd like to malign the Linux operating system, it's actually quite easy to use. Thanks to modern GUI desktop environments and applications, anyone could jump into the fray and know what they're doing.
But on the rare occasion in which trouble arises, you might want to know a few commands to help you out. The problem is that there are so many commands available to you within the realm of Linux, which makes it challenging to know which commands are the best options.
Sure, you could learn any of the commands that display system information (such as top, free, iostat, htop, vmstat, or iftop), but those tools will only get you so far. What is more valuable is skipping to the command that can really help you if something goes wrong.
And with that introduction out of the way, let's get to the commands.
Back when I first started using Linux, dmesg was my best friend. Essentially, dmesg is used to examine all messages that are created after the bootloader phase of the kernel. In other words, you might find a clue for anything you could possibly troubleshoot right here.
Unlike the dmesg of old, you now have to run the command with sudo privileges, so:
sudo dmesg
This will print quite a bit of output you can scroll through, making it a bit challenging to find what you're looking for, and much of what you read will most likely seem like gibberish. The good news is that errors print out in red, so you can quickly scroll to find anything that might be wrong.
There's a way to make this even easier. Let's say you're experiencing an error, and you want to see if it is logged via dmesg as it happens. To do that, issue the command:
dmesg -w
This will display the output from dmesg as it happens, so when an error occurs, you'll see it written in the terminal window and can troubleshoot from there.
The dmesg command is a great place to start troubleshooting in Linux.
Speaking of following output, the tail command allows you to follow the output written to any log file. Let's say you're having issues with your Samba share and want to see what's happening in real time. The first thing you'd want to do is find out which log file to read. In that case, you could issue the command:
ls /var/log/samba
In that folder you'll find a number of log files (for the Samba server and any/all machines connected to the share). Let's say I want to view the content of the Samba daemon log. For that, I would issue the command:
tail -f /var/log/samba/log.smbd
As the errors happen, they'll be printed in the terminal. As you can see, I have an unknown parameter in my smb.conf file, named share modes. I can open that file, remove the parameter, restart Samba, and the error is no more.
Tail is a great way to view information written to a log in real time.
Remember, to get out of the tail command, you have to use the Ctrl+c keyboard combination.
For me, ps is a gateway to other commands. The ps command displays a snapshot of any given current process. You could use ps to list every running process or feed it to grep to list only specific processes.
But what's it good for?
Let's say you have an application that has crashed and won't close. You click that little X in the upper right (or left) corner of the window, but it just won't go away. The first thing you need to do is find the PID of that process so you can then take care of the problem. That's where ps comes in handy. But ps by itself isn't very helpful. Why? If you just run ps it will only list the processes associated with the terminal you're using. Instead, you need to use some specific options, which are:
ps aux
The ps command is essential for finding information about applications that may not be behaving as they should.
This command prints out a lot of information, all of it in columns. You'll see several columns, but the ones you'll want to pay attention to are PID and COMMAND. With the information from those two columns, you can locate the process's ID causing you problems. Once you've found that process, you can then kill it.
If the output of ps aux is overwhelming, you can pipe that output to grep and list only certain processes. Let's say LibreOffice is causing you problems. You can list only those processes associated with LibreOffice like this:
ps aux | grep LibreOffice
The kill command is very powerful. When you have a stubborn application that has crashed and won't close (or hasn't crashed but is consuming too much memory), the kill command will force that application to close.
But to use the kill command, you must first have the PID of the application in question (which you locate with the ps aux command). Let's say the PID of a wayward LibreOffice application is 604187. To kill that process, the command would be:
kill 604187
The app should close, and you're good to go.
The systemctl command is not only good for starting and stoping applications, it can also help you troubleshoot. Let's say Samba isn't working as expected. Issue the command:
systemctl status smbd
The above command will list whether the service is running, its PID, the number of associated tasks, how much memory and CPU it's using, and the CGroups to which it belongs. Even better, if there are any issues with the process, systemctl will give you the information you need to troubleshoot the problem further(usually with the help of journalctl).
There you have it. These five commands will serve as a great place to start with your Linux troubleshooting. Yes, there are quite a few more tools that are available, but for those just starting with Linux, you might want to know these commands first.