All Products
Search
Document Center

Elastic Compute Service:Common Linux commands

Last Updated:Feb 18, 2025

Linux operating systems, widely used on servers, typically lack a graphical user interface. Consequently, Linux server administrators must interact with the servers using a command-line interface. This topic describes the commands commonly employed in Linux operating systems.

Manage processes

ps

Command description

The ps command, short for Process Status, provides a snapshot of the current processes on your system.

Common parameter descriptions

Parameter

Description

-A

Displays all processes.

-a

Displays all processes in the current controlling terminal.

-e

Displays all processes. This option functions similarly to the -A option.

-f

Displays a full-format list of processes, including the UID, PPID, C, and STIME columns.

-u

Displays processes in a user-oriented format.

-U

Displays processes for a real user.

-x

Displays all processes without controlling terminals.

Note

For more information about parameters, run man ps.

Usage examples

  • Query all processes.

    ps -ef
  • Query a full-format list of all processes that match a specific keyword.

    ps -ef | grep <key_word>

    Replace <keyword> with the keyword you specify.

  • Query all processes for an effective user that match a specific keyword without controlling terminals.

    ps -aux | grep <key_word>

    Replace <keyword> with the keyword you specify.

  • Query a process tree.

    ps -ejH
  • Query detailed information about all processes, including thread information.

    ps -eLf
  • Query thread information based on user-defined fields.

    ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
  • Query the metrics of a specific PID. In this example, the PID is 1 and the metric information is comm=.

    ps -q 1 -o comm=

top

Command description

The top command displays a real-time dynamic view of running processes in Linux, providing an overview of system information and a list of processes currently managed by the Linux kernel.

Common parameter descriptions

Parameter options

Description

-d

Specifies the refresh frequency.

-p

Monitors the status of the process that has a specific PID.

-s

Tells top to run in secure mode to disable potentially dangerous interactive commands.

-i

Ignores idle and zombie processes.

-c

Displays the command line instead of only the command name.

Resource monitoring field descriptions

The figure below shows specific monitoring fields and their values, which vary based on the sampling period. The figure is for reference only.

image

The table below describes the main parameters.

System summary information and process metrics monitoring field descriptions

System summary information field descriptions

Parameter (line)

Description

top

The hostname, sampling date, and period of time that elapsed since data was last sampled.

  • Current time

  • up: the uptime.

  • user: the number of active users.

  • load average: the load average, which is the average run-queue length. The load averages for the previous 1 minute, the previous 5 minutes, and the previous 15 minutes are displayed.

Tasks

The statistics of processes in different states.

  • total: the total number of processes.

  • running: the number of running processes.

  • sleeping: the number of sleeping processes.

  • stopped: the number of stopped processes.

  • zombie: the number of zombie processes.

%Cpu(s)

The CPU utilization statistics.

  • us: the percentage of time that the CPU spent running user processes.

  • sy: the percentage of time that the CPU spent running kernel processes.

  • ni: the percentage of time that the CPU spent running user processes that were prioritized by using the nice command.

  • id: the percentage of time that the CPU is idle.

  • wa: the percentage of time that the CPU waits for I/O operations to complete.

  • hi: the percentage of time that the CPU spent servicing hardware interrupts.

  • si: the percentage of time that the CPU spent servicing software interrupts.

  • st: the steal time.

MiB Mem

The memory usage statistics.

  • total: the total amount of physical memory.

  • free: the amount of available memory.

  • used: the amount of used memory.

  • buff/cache: the amount of memory used for kernel cache and buffers.

MiB Swap

The swap usage statistics.

  • total: the total amount of swap space.

  • free: the amount of available swap space.

  • used: the amount of used swap space.

  • avail Mem: the total amount of cached swap space.

Process list metrics information field descriptions

Parameter (column)

Description

PID

The PID.

USER

The username of the process owner.

PR

The scheduling priority of the process. A smaller number indicates a higher priority.

NI

The priority set by the nice utility for the process.

VIRT

The amount of virtual memory used by the process.

RES

The amount of physical memory used by the process.

SHR

The amount of shared memory used by the process.

S

The process status.

  • R: running.

  • S: sleeping.

  • Z: zombie.

  • D: uninterruptible sleep.

  • T: traced or stopped.

%CPU

The percentage of CPU usage by the process.

%MEM

The percentage of physical memory usage by the process.

TIME+

The total amount of time that CPUs spent running the process.

COMMAND

The command used to initiate the process.

Usage examples

  • Query system metrics with a specified sampling frequency

    Run the following command to query system metrics with a sampling frequency of 3 seconds.

    top 3
    Note

    The default sampling frequency when running the top command to query system metrics is 5 seconds.

  • Customize the top command interface

    By default, the metrics displayed by the top command are as shown in system summary information and process metrics monitoring field descriptions. To modify the displayed metrics, press the f key in the interactive top command interface to filter the metrics view.

    image

    The table below describes the keys you can use to manage the top command interface.

    Key

    Description

    ↑, ↓

    Scrolls up and down to select fields.

    Selects an entire column. You can press the UP or DOWN key to move the selected column.

    Space

    Displays or hides the field. An asterisk (*) indicates that the field is displayed.

    s

    Sets the column in which the cursor is located as the sorting column.

    q

    Closes the top command interface and returns to the command line.

  • Use the interactive mode of the top command

    After running the top command, the system enters interactive mode. In this mode, press keys to use the command interactively. The table below describes the keys.

    Key

    Description

    1

    Displays the status of each logical CPU.

    u

    Displays the processes of a specific user.

    E

    Selects the unit that you want to use for memory values in the top command. Valid units: KiB, MiB, GiB, TiB, PiB, and EiB.

    x

    Displays the sorting column.

    y

    Displays the running processes.

    ?

    Displays help information.

  • Find the process name and directory by PID

    Run the top command to dynamically display process information. For example, the PID of the aliyun-service program is 1325. image

    Run the following command to query the program's directory.

    cd /proc/1352
    ls -ail

    image

kill

Command description

The kill command terminates processes in Linux.

Common parameter descriptions

Parameter

Description

-l

Displays all available signal names.

-L

Display all signal names in a nice table.

Usage examples

  • Terminate all processes.

    sudo kill -9 -1
  • Display the name of the signal whose number is 11.

    sudo kill -l 11
  • Display all available signal names in a table.

    sudo kill -L
  • Terminate a process.

    sudo kill -9 <PID>

    Replace <PID> with the PID of the process you want to terminate.

killall

Command description

The killall command terminates processes by name in Linux.

Common parameter descriptions

Parameter

Description

-g

Terminates processes in the process group.

-i

Interactively asks for confirmation before terminating a process.

-v

Reports whether the signal is sent.

Usage example

Terminate the top process.

sudo killall top

Query system info

Use the uname command to query system information on Linux instances.

uname

Command description

The uname command displays system information.

Common parameter descriptions

Option

Description

-a

Displays all information.

-s

Displays the kernel name.

-n

Displays the network node hostname.

-r

Displays the kernel release.

-v

Displays the kernel version.

-m

Displays the machine hardware name.

-P

Displays the processor type.

-i

Displays the hardware platform.

-o

Displays the operating system.

Usage example

Query all system information.

uname -a

dmidecode

The dmidecode command extracts and displays hardware-related information from the BIOS of Linux systems. It reads the DMI table to provide detailed hardware configuration information, including the following:

  1. System information: manufacturer, product name, version, serial number, system model, and more.

  2. Processor information: model, speed, number of cores, and more.

  3. Memory information: number of memory slots, capacity, type, speed, and more.

  4. Motherboard information: manufacturer, version, serial number, and more.

  5. BIOS information: version, release date, and more.

  6. Power information: specifications and models related to the power supply.

  7. Device information: details about various hardware components such as network adapters.

  • Display the complete DMI information of the system.

    sudo dmidecode

    The expected structure is as follows:

    # dmidecode 3.5
    Getting SMBIOS data from sysfs.
    SMBIOS 2.8 present.
    9 structures occupying 451 bytes.
    Table at 0x7BBCB000.
    Handle 0x0100, DMI type 1, 27 bytes
    System Information
            Manufacturer: Alibaba Cloud
            Product Name: Alibaba Cloud ECS
            Version: pc-i440fx-2.1
            Serial Number: a430fe54-aef6-4eae-a1ef-63******beb
            UUID: a430fe54-aef6-4eae-a1ef-63******beb
            Wake-up Type: Power Switch
            SKU Number: Not Specified
            Family: Not Specified
    Handle 0x0300, DMI type 3, 21 bytes
    Chassis Information
            Manufacturer: Alibaba Cloud
            Type: Other
            Lock: Not Present
            Version: pc-i440fx-2.1
            Serial Number: Not Specified
            Asset Tag: Not Specified
            Boot-up State: Safe
            Power Supply State: Safe
            Thermal State: Safe
            Security Status: Unknown
            OEM Information: 0x00000000
            Height: Unspecified
            Number Of Power Cords: Unspecified
            Contained Elements: 0
    Handle 0x0400, DMI type 4, 42 bytes
    Processor Information
            Socket Designation: CPU 0
            Type: Central Processor
            Family: Other
            Manufacturer: Alibaba Cloud
            ID: 54 06 05 00 FF FB 8B 1F
            Version: pc-i440fx-2.1
            Voltage: Unknown
            External Clock: Unknown
            Max Speed: Unknown
            Current Speed: Unknown
            Status: Populated, Enabled
            Upgrade: Other
            L1 Cache Handle: Not Provided
            L2 Cache Handle: Not Provided
            L3 Cache Handle: Not Provided
            Serial Number: Not Specified
            Asset Tag: Not Specified
            Part Number: Not Specified
            Core Count: 1
            Core Enabled: 1
            Thread Count: 2
            Characteristics: None
    Handle 0x1000, DMI type 16, 23 bytes
    Physical Memory Array
            Location: Other
            Use: System Memory
            Error Correction Type: Multi-bit ECC
            Maximum Capacity: 2 GB
            Error Information Handle: Not Provided
            Number Of Devices: 1
    Handle 0x1100, DMI type 17, 40 bytes
    Memory Device
            Array Handle: 0x1000
            Error Information Handle: Not Provided
            Total Width: Unknown
            Data Width: Unknown
            Size: 2 GB
            Form Factor: DIMM
            Set: None
            Locator: DIMM 0
            Bank Locator: Not Specified
            Type: RAM
            Type Detail: Other
            Speed: Unknown
            Manufacturer: Alibaba Cloud
            Serial Number: Not Specified
            Asset Tag: Not Specified
            Part Number: Not Specified
            Rank: Unknown
            Configured Memory Speed: Unknown
            Minimum Voltage: Unknown
            Maximum Voltage: Unknown
            Configured Voltage: Unknown
    Handle 0x1300, DMI type 19, 31 bytes
    Memory Array Mapped Address
            Starting Address: 0x00000000000
            Ending Address: 0x0007FFFFFFF
            Range Size: 2 GB
            Physical Array Handle: 0x1000
            Partition Width: 1
    Handle 0x2000, DMI type 32, 11 bytes
    System Boot Information
            Status: No errors detected
    Handle 0x0000, DMI type 0, 26 bytes
    BIOS Information
            Vendor: EFI Development Kit II / OVMF
            Version: 0.0.0
            Release Date: 02/06/2015
            Address: 0xE8000
            Runtime Size: 96 kB
            ROM Size: 64 kB
            Characteristics:
                    BIOS characteristics not supported
                    Targeted content distribution is supported
                    UEFI is supported
                    System is a virtual machine
            BIOS Revision: 0.0
    Handle 0xFEFF, DMI type 127, 4 bytes
    End Of Table
  • To view specific DMI information, use the -t parameter. For example, to display only memory-related information:

    sudo dmidecode -t memory

    The expected result is as follows:

    # dmidecode 3.5
    Getting SMBIOS data from sysfs.
    SMBIOS 2.8 present.
    Handle 0x1000, DMI type 16, 23 bytes
    Physical Memory Array
            Location: Other
            Use: System Memory
            Error Correction Type: Multi-bit ECC
            Maximum Capacity: 2 GB
            Error Information Handle: Not Provided
            Number Of Devices: 1
    Handle 0x1100, DMI type 17, 40 bytes
    Memory Device
            Array Handle: 0x1000
            Error Information Handle: Not Provided
            Total Width: Unknown
            Data Width: Unknown
            Size: 2 GB
            Form Factor: DIMM
            Set: None
            Locator: DIMM 0
            Bank Locator: Not Specified
            Type: RAM
            Type Detail: Other
            Speed: Unknown
            Manufacturer: Alibaba Cloud
            Serial Number: Not Specified
            Asset Tag: Not Specified
            Part Number: Not Specified
            Rank: Unknown
            Configured Memory Speed: Unknown
            Minimum Voltage: Unknown
            Maximum Voltage: Unknown
            Configured Voltage: Unknown

Query physical CPU and memory information

Note
  • Total number of cores = Number of physical CPUs × Number of cores per physical CPU

  • Total number of logical CPUs = Number of physical CPUs × Number of cores per physical CPU × Number of hyperthreads

Run the following commands to query physical CPU and memory information:

  • Query the number of physical CPUs.

    cat /proc/cpuinfo| grep "physical id"| sort| uniq| wc -l
  • Query the number of cores in each physical CPU.

    cat /proc/cpuinfo| grep "cpu cores"| uniq
  • Query the number of logical CPUs.

    cat /proc/cpuinfo| grep "processor"| wc -l
  • Query the CPU model.

    cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c
  • Query memory information.

    cat /proc/meminfo

Query and manage disks

df

Command description

The df command reports file system disk space usage.

Common parameter descriptions

Option

Description

-a

Includes pseudo, duplicate, and inaccessible file systems.

-B

Scales block sizes by the specified size for output.

-h

Displays sizes in a human-readable format by using a scale factor of 1,024. Example: 1023M.

-H

Displays sizes in a human-readable format by using a scale factor of 1,000. Example: 1.1G.

-k

Equivalent to --block-size=1K.

-l

Displays a list of on-premises file systems.

-t

Displays information about file systems of the specified type.

Usage example

Query disk space usage and display block sizes in MB.

df -BM

The following command output is returned.

Filesystem     1M-blocks  Used Available Use% Mounted on
tmpfs               742M   22M      721M   3% /run
/dev/vda3         39943M 2542M    35556M   7% /
tmpfs              3708M    0M     3708M   0% /dev/shm
tmpfs                 5M    0M        5M   0% /run/lock
tmpfs               742M    1M      742M   1% /run/user/0

lsblk

Command description

The lsblk command displays information about block devices.

Common parameter descriptions

Parameter

Description

-a

Displays all devices, including empty and memory disk devices.

-b

Displays sizes in bytes.

-f

Displays information, including information about file systems.

Usage examples

  • Query information about block devices, including file system details.

    lsblk -f

    The following command output is returned.

    NAME   FSTYPE FSVER LABEL UUID                                 FSAVAIL FSUSE% MOUNTPOINTS
    vda                                                                           
    |-vda1                                                                        
    |-vda2 vfat   FAT32       6175-F96E                                           
    `-vda3 ext4   1.0         df02e0a1-d28d-41b1-99c2-58f2b684cc79   34.7G     6% /
  • Retrieve the disk serial number (SN).

    The method to obtain the SN may vary based on the Linux distribution. The following method applies to Alibaba Cloud Linux 3, CentOS 7, and Ubuntu 18:

    1. Query the block storage devices mounted on the system.

      lsblk
    2. Run the following command to retrieve the SN of the block storage device. In this example, the device is vda.

      udevadm info --query=all --name=/dev/vda | grep ID_SERIAL

blkid

Command description

The blkid command queries information about block device properties.

Usage example

Query block device properties

blkid  /dev/vda

The following command output is returned.

/dev/vda: PTUUID="bdee1c7f-46fc-4838-9a74-9exxxxxxxxaf" PTTYPE="gpt"

fdisk

Command description

The fdisk command is a tool for operating Linux partition tables.

Common parameter descriptions

Parameter

Description

-l

Displays the partition tables of the specified devices.

-u

Displays the partition information of partition tables in numbers of sectors instead of number of cylinders.

Usage example

Query partition tables on all disks and partition information in sector numbers.

sudo fdisk -lu

The following command output is returned.

Disk /dev/vda: 40 GiB, 42949672960 bytes, 83886080 sectors
Units: sectors of 1 × 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: BDEE1C7F-46FC-4838-9A74-9E57F8FD63AF

Device      Start      End  Sectors  Size Type
/dev/vda1    2048     4095     2048    1M BIOS boot
/dev/vda2    4096   413695   409600  200M EFI System
/dev/vda3  413696 83886046 83472351 39.8G Linux filesystem

mount

Command description

The ```html mount command mounts file systems.

Common parameter descriptions

Parameter

Description

-a

Mounts all file systems that are configured in the /etc/fstab file.

-L

Mounts the partition that has the specified label.

-r

Mounts the file system in read-only mode.

-w

Mounts the file system in read/write mode.

-U

Mounts the partition that has the specified uuid.

Usage examples

  • Mount all file systems configured in the /etc/fstab file.

    sudo mount -a
  • Mount a specific file system with read/write access.

    sudo mount -w /dev/vdb1 /mnt

umount

Command description

The umount command unmounts file systems.

Common parameter descriptions

Parameter

Description

-r

If the unmount operation fails, remounts the file system in read-only mode.

-a

Unmounts all file systems that are configured in the /etc/mtab file.

-t

Specifies the type of file system to unmount. If you specify multiple file system types, separate the types with commas (,).

-f

Force unmounts the file system.

Usage example

Force unmount a file system from a specific partition.

sudo umount -f /dev/vdb1

Manage services

systemctl

Command description

The systemctl command manages services.

Common parameter descriptions

Parameter

Description

-a

Displays all loaded units or attributes.

Common unit commands

Command

Description

start

Starts specified loaded units.

stop

Stops specified loaded units.

restart

Restarts specified loaded units.

reload

Reloads the configurations of specified units.

status

Displays the runtime status information of specified units. Common runtime status of a service:

  • active (running): The service is running in the background.

  • active (exited): The service ran and exited.

  • active (waiting): The service is running and waiting to be triggered by a specific condition or event.

  • inactive: The service is not running.

Common unit file commands

Command

Description

enable

Enables specified units or unit instances.

disable

Disables specified units or unit instances.

Usage examples

  • Restart the nginx service.

    sudo systemctl restart nginx
  • Check the status of the nginx service.

    sudo systemctl status nginx
  • Enable the nginx service to start on boot.

    sudo systemctl enable nginx

Manage resource usage

lsof

Command description

The lsof command lists open files.

Note

If the lsof tool is not pre-installed on your Linux distribution, install it using a package management tool.

  • For Alibaba Cloud Linux, CentOS, RHEL: sudo yum install lsof.

  • For Ubuntu, Debian: sudo apt install lsof.

Common parameter descriptions

Parameter

Description

-p

Displays files opened by a specific process.

-l

Replaces a user ID with a username in the output.

-u

Displays files opened by a specific user.

-c

Displays items in the COMMAND column that include the specified keyword.

-d

Displays open files that include specific file descriptors.

-i

Displays open files that match the specified condition. Optional parameters:

  • 46: the IP version, which can be IPv4 or IPv6.

  • protocol: a protocol name, which can be TCP or UDP.

  • hostname: a network hostname.

  • hostaddr: an IP address.

  • service: a service name that is included in the /etc/services file.

  • port: one or more port numbers.

Command output descriptions

The figure below shows an example of lsof command output.

image

The table below describes the parameters.

Parameter

Description

COMMAND

The name of the command.

PID

The process ID (PID).

TID

The thread ID (TID). A blank TID indicates a process.

TASKCMD

The task name, which is the same as the COMMAND value in most cases.

USER

The user ID or logon username.

FD

The file descriptor.

TYPE

The type of node associated with the file.

DEVICE

The device number.

SIZE/OFF

The size of the file or the file offset in bytes.

NODE

The node of the file.

NAME

The name of the mount point and file system on which the file resides.

Usage examples

  • Query files opened by a specific process.

    sudo  lsof -p 1

    Replace the process ID 1 with the process ID you specify.

  • Query files opened by a specific user.

    sudo lsof -u <user-name>

    Replace <username> with the Linux system username you specify.

  • Query information about the process that opens a specific file.

    sudo lsof <file-name>

    Replace <filename> with the name of the file you specify.

  • Query open files associated with IPv4 network connections.

    sudo lsof -i 4

netstat

Command description

The netstat command displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

Common parameter descriptions

Parameter

Description

-t

Displays only TCP-related options.

-u

Displays only UDP-related options.

-i

Displays a list of network interfaces.

-n

Displays numerical addresses instead of resolving them to hostnames.

-l

Displays only listening sockets.

-p

Displays the processes associated with network connections.

-s

Displays network statistics.

Usage examples

  • Query network statistics for port 8000.

    netstat -tunlp | grep 8000

    Replace the port number 8000 with the port number you specify.

  • Query all TCP ports in the listening state and the processes using them.

    netstat -ntlp

Obtain user logon information

User logon information is typically recorded in the following files:

  • User logon information is typically stored in the /var/run/utmp, /var/log/wtmp, /var/log/btmp, and /var/log/lastlog files.

  • The commands who, w, and users retrieve information on active users from the /var/run/utmp file.

  • The last command retrieves the login history of all users up to the present moment from the /var/log/wtmp file.

  • The lastb command retrieves information on all unsuccessful logon attempts from the /var/log/btmp file.

  • The lastlog command retrieves information on users' most recent logins from the /var/log/lastlog file.

who

The who command retrieves information about currently active users. It produces an output similar to the example shown below.

image

w

The w command shows the usernames of currently active users along with the tasks they are engaged in. You can expect to see an output resembling the example below.

image

users

The users command displays the usernames of currently active users. The output of the command will resemble the following:

image

last

The 'last' command retrieves the login history of all users up to the present moment. It produces an output similar to the example shown below.

image

lastb

The lastb command provides a list of all users who have failed to log on. The output of the command will resemble the following example.

image

lastlog

The lastlog command retrieves information regarding users' most recent logins. It produces an output akin to the example shown below.

image

cat /var/log/secure

Use the cat /var/log/secure command to retrieve all logon records. You will receive output similar to the example below.

image

Manage users

Linux operating systems offer commands like useradd, wheel, passwd, and userdel for effective management of system users and permissions.

useradd

Command description

The useradd command adds new users, similar to the adduser command. After creating a user, verify the user's details with the cat /etc/passwd | grep username command.

  • Root permissions or the appropriate sudo permissions are required to create a user.

  • It is advisable to set a password for the user immediately after creation with the useradd command.

  • Ensure that the primary group and any additional groups exist before creating a user; otherwise, the user cannot be created.

Common parameter descriptions

Parameter

Description

-d

Specifies the home directory of the user. If you do not specify a home directory, the default home directory /home/username is used.

-m

Creates the home directory of the user. If you specify the -d option and this option, the home directory is created.

-s

Specifies the login shell of the user. The default login shell is /bin/bash.

-g

Specifies the primary group of the user. If the group does not exist, you must create the group first.

-G

Specifies the additional groups to which the user belongs. Separate multiple additional groups with commas (,).

-p

Sets a password for the user. The password must be encrypted. Do not use a plaintext password in the command line. The following sample code provides an example:

sudo useradd -p $(openssl passwd -6 'plaintext password') newusername

-u

Specifies the user ID of the user.

-e

Sets the expiration date of the account. The date format is YYYY-MM-DD.

Usage examples

  • Create a new user named jack, specifying the home directory and login shell:

    useradd -m -d /home/jack -s /bin/bash jack

    After creating the user, verify the details with the cat /etc/passwd | grep jack command:

    jack:x:1000:1000::/home/jack:/bin/bash

    Set a password for the user with the passwd command:

    passwd jack
  • Create a new user named alice and add her to the developers group:

    useradd -m -G developers alice
  • Create a new user named bob with the user ID set to 1001:

    useradd -m -u 1001 bob
  • Add a user with root permissions by following these steps:

    Important

    Grant root permission to users only when necessary, following security best practices.

    1. Create a new user john using the useradd command.

      useradd john
    2. Set a password for the new user.

      passwd john
    3. Add the new user to the wheel group to grant root permissions. The wheel group is typically used for granting sudo permissions. Check the members of the wheel group with grep '^wheel:' /etc/group.

      sudo usermod -aG wheel john
    4. Test the new user's sudo permissions. Switch to the new user and attempt to use the sudo command:

      su - john
      sudo ls /root

      Enter the correct password when prompted. If successful, the system will list the contents of the /root directory, confirming that the new user has sudo permissions and can use john for remote logon.

    5. (Optional) Modify the sudoers file to add specific permissions for the user.

      sudo visudo

userdel

Command description

The userdel command deletes user accounts.

Common parameter descriptions

Parameter

Description

-r

Deletes the user's home directory and the files in the directory.

-f

Force deletes the user even if the user is currently logged in.

Usage examples

  • Delete a user named john:

    Switch to the root user and run cat /etc/passwd | grep john to find the user's directory. The following information is returned:

    john:x:1001:1001::/home/john:/bin/bash

    Delete the user named john, but retain the user's directory and files.

    userdel john
  • Delete a user named john and all related files, including the user's directory.

    userdel -r username
  • Force delete a user even if the user is currently logged in.

    userdel -f username

wheel

Command description

The wheel group controls who can use the su command to switch to the superuser account, typically the root user.

  • The wheel group is usually present by default. If not, create it with sudo groupadd wheel.

  • By default, regular users can switch to the root user to manage and configure the system by using the su command and entering the correct root password.

  • To enhance security, restrict regular users from switching to the root administrator user with the special wheel group in Linux. Only members of the wheel group can use the su command to switch to the root administrator user.

Usage examples

  • Verify if a user is in the wheel group.

    ```html
    groups username
  • Add a user to the wheel group.

    sudo usermod -aG wheel username

    You can safely edit the /etc/sudoers file using the visudo command. The entry %wheel ALL=(ALL) ALL signifies that all members of the wheel group have the ability to execute any command using sudo.

    To permit members of the wheel group to execute the sudo command without entering a password, you can alter the line as follows:

    %wheel ALL=(ALL) NOPASSWD: ALL