RedHat

35 Practical Examples of Linux Find Command

35 Practical Examples of Linux Find Command &-8211; this Article or News was published on this date:2019-05-28 20:00:59 kindly share it with friends if you find it helpful

The Linux Find Command is one of the most important and much used command in Linux sytems. Find command used to search and locate list of files and directories based on conditions you specify for files that match the arguments. Find can be used in variety of conditions like you can find files by permissions, users, groups, file type, date, size and other possible criteria.

Linux Find CommandLinux Find Command

35 Linux Find Commands Examples

Through this article we are sharing our day-to-day Linux find command experience and its usage in the form of examples. In this article we will show you the most used 35 Find Commands examples in Linux. We have divided the section into Five parts from basic to advance usage of find command.

  1. Part I: Basic Find Commands for Finding Files with Names
  2. Part II: Find Files Based on their Permissions
  3. Part III: Search Files Based On Owners and Groups
  4. Part IV: Find Files and Directories Based on Date and Time
  5. Part V: Find Files and Directories Based on Size
  6. Part VI: Find Multiple Filenames in Linux
Part I – Basic Find Commands for Finding Files with Names

1. Find Files Using Name in Current Directory

Find all the files whose name is sfnews.txt in a current working directory.

- find . -name sfnews.txt

./sfnews.txt

2. Find Files Under Home Directory

Find all the files under /home directory with name sfnews.txt.

- find /home -name sfnews.txt

/home/sfnews.txt

3. Find Files Using Name and Ignoring Case

Find all the files whose name is sfnews.txt and contains both capital and small letters in /home directory.

- find /home -iname sfnews.txt

./sfnews.txt
./sfnews.txt

4. Find Directories Using Name

Find all directories whose name is sfnews in / directory.

- find / -type d -name sfnews

/sfnews

5. Find PHP Files Using Name

Find all php files whose name is sfnews.php in a current working directory.

- find . -type f -name sfnews.php

./sfnews.php

6. Find all PHP Files in Directory

Find all php files in a directory.

- find . -type f -name "*.php"

./sfnews.php
./login.php
./index.php
Part II – Find Files Based on their Permissions

7. Find Files With 777 Permissions

Find all the files whose permissions are 777.

- find . -type f -perm 0777 -print

8. Find Files Without 777 Permissions

Find all the files without permission 777.

- find / -type f ! -perm 777

9. Find SGID Files with 644 Permissions

Find all the SGID bit files whose permissions set to 644.

- find / -perm 2644

10. Find Sticky Bit Files with 551 Permissions

Find all the Sticky Bit set files whose permission are 551.

- find / -perm 1551

11. Find SUID Files

Find all SUID set files.

- find / -perm /u=s

12. Find SGID Files

Find all SGID set files.

- find / -perm /g=s

13. Find Read Only Files

Find all Read Only files.

- find / -perm /u=r

14. Find Executable Files

Find all Executable files.

- find / -perm /a=x

15. Find Files with 777 Permissions and Chmod to 644

Find all 777 permission files and use chmod command to set permissions to 644.

- find / -type f -perm 0777 -print -exec chmod 644 {} ;

16. Find Directories with 777 Permissions and Chmod to 755

Find all 777 permission directories and use chmod command to set permissions to 755.

- find / -type d -perm 777 -print -exec chmod 755 {} ;

17. Find and remove single File

To find a single file called sfnews.txt and remove it.

- find . -type f -name "sfnews.txt" -exec rm -f {} ;

18. Find and remove Multiple File

To find and remove multiple files such as .mp3 or .txt, then use.

- find . -type f -name "*.txt" -exec rm -f {} ;

OR

- find . -type f -name "*.mp3" -exec rm -f {} ;

19. Find all Empty Files

To find all empty files under certain path.

- find /tmp -type f -empty

20. Find all Empty Directories

To file all empty directories under certain path.

- find /tmp -type d -empty

21. File all Hidden Files

To find all hidden files, use below command.

- find /tmp -type f -name ".*"
Part III – Search Files Based On Owners and Groups

22. Find Single File Based on User

To find all or single file called sfnews.txt under / root directory of owner root.

- find / -user root -name sfnews.txt

23. Find all Files Based on User

To find all files that belongs to user sfnews under /home directory.

- find /home -user sfnews

24. Find all Files Based on Group

To find all files that belongs to group Developer under /home directory.

- find /home -group developer

25. Find Particular Files of User

To find all .txt files of user sfnews under /home directory.

- find /home -user sfnews -iname "*.txt"
Part IV – Find Files and Directories Based on Date and Time

26. Find Last 50 Days Modified Files

To find all the files which are modified 50 days back.

- find / -mtime 50

27. Find Last 50 Days Accessed Files

To find all the files which are accessed 50 days back.

- find / -atime 50

28. Find Last 50-100 Days Modified Files

To find all the files which are modified more than 50 days back and less than 100 days.

- find / -mtime +50 –mtime -100

29. Find Changed Files in Last 1 Hour

To find all the files which are changed in last 1 hour.

- find / -cmin -60

30. Find Modified Files in Last 1 Hour

To find all the files which are modified in last 1 hour.

- find / -mmin -60

31. Find Accessed Files in Last 1 Hour

To find all the files which are accessed in last 1 hour.

- find / -amin -60
Part V – Find Files and Directories Based on Size

32. Find 50MB Files

To find all 50MB files, use.

- find / -size 50M

33. Find Size between 50MB – 100MB

To find all the files which are greater than 50MB and less than 100MB.

- find / -size +50M -size -100M

34. Find and Delete 100MB Files

To find all 100MB files and delete them using one single command.

- find / -size +100M -exec rm -rf {} ;

35. Find Specific Files and Delete

Find all .mp3 files with more than 10MB and delete them using one single command.

- find / -type f -name *.mp3 -size +10M -exec rm {} ;

That’s it, We are ending this post here, In our next article we will discuss more about other Linux commands in depth with practical examples. Let us know your opinions on this article using our comment section.

20 YUM Commands for Linux Package Mangement

20 YUM Commands for Linux Package Mangement &-8211; this Article or News was published on this date:2019-05-28 20:00:40 kindly share it with friends if you find it helpful

In this article, we will learn how to install, update, remove, find packages, manage packages and repositories on Linux systems using YUM (Yellowdog Updater Modified) tool developed by RedHat. The example commands shown in this article are practically tested on our CentOS 6.3 server, you can use these material for study purpose, certifications or just to explore ways to install new packages and keep your system up-to-date. The basic requirement of this article is, you must have a basic understanding of commands and a working Linux operating system, where you can explore and practice all the commands listed below.

20 Linux Yum Commands20 Linux Yum Commands

20 Linux Yum Commands

What is YUM?

YUM (Yellowdog Updater Modified) is an open source command-line as well as graphical based package management tool for RPM (RedHat Package Manager) based Linux systems. It allows users and system administrator to easily install, update, remove or search software packages on a systems. It was developed and released by Seth Vidal under GPL (General Public License) as an open source, means anyone can allowed to download and access the code to fix bugs and develop customized packages. YUM uses numerous third party repositories to install packages automatically by resolving their dependencies issues.

1. Install a Package with YUM

To install a package called Firefox 14, just run the below command it will automatically find and install all required dependencies for Firefox.

- yum install firefox
Loaded plugins: fastestmirror
Dependencies Resolved

================================================================================================
 Package                    Arch        Version                    Repository            Size        
================================================================================================
Updating:
firefox                        i686        10.0.6-1.el6.centos     updates             20 M
Updating for dependencies:
 xulrunner                     i686        10.0.6-1.el6.centos     updates             12 M

Transaction Summary
================================================================================================
Install       0 Package(s)
Upgrade       2 Package(s)

Total download size: 32 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): firefox-10.0.6-1.el6.centos.i686.rpm                                |  20 MB   01:10
(2/2): xulrunner-10.0.6-1.el6.centos.i686.rpm                              |  12 MB   00:52
------------------------------------------------------------------------------------------------
Total                                                           63 kB/s |  32 MB   02:04

Updated:
  firefox.i686 0:10.0.6-1.el6.centos

Dependency Updated:
  xulrunner.i686 0:10.0.6-1.el6.centos

Complete!

The above command will ask confirmation before installing any package on your system. If you want to install packages automatically without asking any confirmation, use option -y as shown in below example.

- yum -y install firefox

2. Removing a Package with YUM

To remove a package completely with their all dependencies, just run the following command as shown below.

- yum remove firefox
Loaded plugins: fastestmirror
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package firefox.i686 0:10.0.6-1.el6.centos set to be erased
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package                    Arch        Version                        Repository            Size        
====================================================================================================
Removing:
 firefox                    i686        10.0.6-1.el6.centos            @updates              23 M

Transaction Summary
====================================================================================================
Remove        1 Package(s)
Reinstall     0 Package(s)
Downgrade     0 Package(s)

Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Erasing        : firefox-10.0.6-1.el6.centos.i686                                                                                                                          1/1

Removed:
  firefox.i686 0:10.0.6-1.el6.centos

Complete!

Same way the above command will ask confirmation before removing a package. To disable confirmation prompt just add option -y as shown in below.

- yum -y remove firefox

3. Updating a Package using YUM

Let’s say you have outdated version of MySQL package and you want to update it to the latest stable version. Just run the following command it will automatically resolves all dependencies issues and install them.

- yum update mysql
Loaded plugins: fastestmirror
Dependencies Resolved

============================================================================================================
 Package            Arch                Version                    Repository                    Size
============================================================================================================
Updating:
 vsftpd             i386                2.0.5-24.el5_8.1           updates                       144 k

Transaction Summary
============================================================================================================
Install       0 Package(s)
Upgrade       1 Package(s)

Total size: 144 k
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating       : vsftpd                                                                     1/2
  Cleanup        : vsftpd                                                                     2/2

Updated:
  vsftpd.i386 0:2.0.5-24.el5_8.1

Complete!

4. List a Package using YUM

Use the list function to search for the specific package with name. For example to search for a package called openssh, use the command.

- yum list openssh
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.neu.edu.cn
 * epel: mirror.neu.edu.cn
 * extras: mirror.neu.edu.cn
 * rpmforge: mirror.nl.leaseweb.net
 * updates: mirror.nus.edu.sg
Installed Packages
openssh.i386                                       4.3p2-72.el5_6.3                                                                      installed
Available Packages                                 4.3p2-82.el5                                                                          base

To make your search more accurate, define package name with their version, in case you know. For example to search for a specific version openssh-4.3p2 of the package, use the command.

- yum list openssh-4.3p2

5. Search for a Package using YUM

If you don’t remember the exact name of the package, then use search function to search all the available packages to match the name of the package you specified. For example, to search all the packages that matches the word .

- yum search vsftpd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.neu.edu.cn
 * epel: mirror.neu.edu.cn
 * extras: mirror.neu.edu.cn
 * rpmforge: mirror.nl.leaseweb.net
 * updates: ftp.iitm.ac.in
============================== Matched: vsftpd ========================
ccze.i386 : A robust log colorizer
pure-ftpd-selinux.i386 : SELinux support for Pure-FTPD
vsftpd.i386 : vsftpd - Very Secure Ftp Daemon

6. Get Information of a Package using YUM

Say you would like to know information of a package before installing it. To get information of a package just issue the below command.

- yum info firefox
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.neu.edu.cn
 * epel: mirror.neu.edu.cn
 * extras: mirror.neu.edu.cn
 * rpmforge: mirror.nl.leaseweb.net
 * updates: ftp.iitm.ac.in
Available Packages
Name       : firefox
Arch       : i386
Version    : 10.0.6
Release    : 1.el5.centos
Size       : 20 M
Repo       : updates
Summary    : Mozilla Firefox Web browser
URL        : http://www.mozilla.org/projects/firefox/
License    : MPLv1.1 or GPLv2+ or LGPLv2+
Description: Mozilla Firefox is an open-source web browser, designed for standards
           : compliance, performance and portability.

7. List all Available Packages using YUM

To list all the available packages in the Yum database, use the below command.

- yum list | less

8. List all Installed Packages using YUM

To list all the installed packages on a system, just issue below command, it will display all the installed packages.

- yum list installed | less

9. Yum Provides Function

Yum provides function is used to find which package a specific file belongs to. For example, if you would like to know the name of the package that has the /etc/httpd/conf/httpd.conf.

- yum provides /etc/httpd/conf/httpd.conf
Loaded plugins: fastestmirror
httpd-2.2.3-63.el5.centos.i386 : Apache HTTP Server
Repo        : base
Matched from:
Filename    : /etc/httpd/conf/httpd.conf

httpd-2.2.3-63.el5.centos.1.i386 : Apache HTTP Server
Repo        : updates
Matched from:
Filename    : /etc/httpd/conf/httpd.conf

httpd-2.2.3-65.el5.centos.i386 : Apache HTTP Server
Repo        : updates
Matched from:
Filename    : /etc/httpd/conf/httpd.conf

httpd-2.2.3-53.el5.centos.1.i386 : Apache HTTP Server
Repo        : installed
Matched from:
Other       : Provides-match: /etc/httpd/conf/httpd.conf

10. Check for Available Updates using Yum

To find how many of installed packages on your system have updates available, to check use the following command.

- yum check-update

11. Update System using Yum

To keep your system up-to-date with all security and binary package updates, run the following command. It will install all latest patches and security updates to your system.

- yum update

12. List all available Group Packages

In Linux, number of packages are bundled to particular group. Instead of installing individual packages with yum, you can install particular group that will install all the related packages that belongs to the group. For example to list all the available groups, just issue following command.

- yum grouplist
Installed Groups:
   Administration Tools
   DNS Name Server
   Dialup Networking Support
   Editors
   Engineering and Scientific
   FTP Server
   Graphics
   Java Development
   Legacy Network Server
Available Groups:
   Authoring and Publishing
   Base
   Beagle
   Cluster Storage
   Clustering
   Development Libraries
   Development Tools
   Eclipse
   Educational Software
   KDE (K Desktop Environment)
   KDE Software Development

13. Install a Group Packages

To install a particular package group, we use option as groupinstall. Fore example, to install “MySQL Database“, just execute the below command.

- yum groupinstall 'MySQL Database'
Dependencies Resolved

=================================================================================================
Package								Arch      Version			 Repository        Size
=================================================================================================
Updating:
 unixODBC                           i386      2.2.11-10.el5      base              290 k
Installing for dependencies:
 unixODBC-libs                      i386      2.2.11-10.el5      base              551 k

Transaction Summary
=================================================================================================
Install       1 Package(s)
Upgrade       1 Package(s)

Total size: 841 k
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : unixODBC-libs	1/3
  Updating       : unixODBC         2/3
  Cleanup        : unixODBC         3/3

Dependency Installed:
  unixODBC-libs.i386 0:2.2.11-10.el5

Updated:
  unixODBC.i386 0:2.2.11-10.el5

Complete!

14. Update a Group Packages

To update any existing installed group packages, just run the following command as shown below.

- yum groupupdate 'DNS Name Server'

Dependencies Resolved
================================================================================================================
 Package			Arch	        Version				Repository           Size
================================================================================================================
Updating:
 bind                           i386            30:9.3.6-20.P1.el5_8.2          updates              981 k
 bind-chroot                    i386            30:9.3.6-20.P1.el5_8.2          updates              47 k
Updating for dependencies:
 bind-libs                      i386            30:9.3.6-20.P1.el5_8.2          updates              864 k
 bind-utils                     i386            30:9.3.6-20.P1.el5_8.2          updates              174 k

Transaction Summary
================================================================================================================
Install       0 Package(s)
Upgrade       4 Package(s)

Total size: 2.0 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating       : bind-libs            1/8
  Updating       : bind                 2/8
  Updating       : bind-chroot          3/8
  Updating       : bind-utils           4/8
  Cleanup        : bind                 5/8
  Cleanup        : bind-chroot          6/8
  Cleanup        : bind-utils           7/8
  Cleanup        : bind-libs            8/8

Updated:
  bind.i386 30:9.3.6-20.P1.el5_8.2                  bind-chroot.i386 30:9.3.6-20.P1.el5_8.2

Dependency Updated:
  bind-libs.i386 30:9.3.6-20.P1.el5_8.2             bind-utils.i386 30:9.3.6-20.P1.el5_8.2

Complete!

15. Remove a Group Packages

To delete or remove any existing installed group from the system, just use below command.

- yum groupremove 'DNS Name Server'

Dependencies Resolved

===========================================================================================================
 Package                Arch              Version                         Repository          Size
===========================================================================================================
Removing:
 bind                   i386              30:9.3.6-20.P1.el5_8.2          installed           2.1 M
 bind-chroot            i386              30:9.3.6-20.P1.el5_8.2          installed           0.0

Transaction Summary
===========================================================================================================
Remove        2 Package(s)
Reinstall     0 Package(s)
Downgrade     0 Package(s)

Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Erasing        : bind                                                   1/2
warning: /etc/sysconfig/named saved as /etc/sysconfig/named.rpmsave
  Erasing        : bind-chroot                                            2/2

Removed:
  bind.i386 30:9.3.6-20.P1.el5_8.2                                        bind-chroot.i386 30:9.3.6-20.P1.el5_8.2

Complete!

16. List Enabled Yum Repositories

To list all enabled Yum repositories in your system, use following option.

- yum repolist

repo id                     repo name                                            status
base                        CentOS-5 - Base                                      enabled:  2,725
epel                        Extra Packages for Enterprise Linux 5 - i386         enabled:  5,783
extras                      CentOS-5 - Extras                                    enabled:    282
mod-pagespeed               mod-pagespeed                                        enabled:      1
rpmforge                    RHEL 5 - RPMforge.net - dag                          enabled: 11,290
updates                     CentOS-5 - Updates                                   enabled:    743
repolist: 20,824

16. List all Enabled and Disabled Yum Repositories

The following command will display all enabled and disabled yum repositories on the system.

- yum repolist all

repo id                     repo name                                            status
C5.0-base                   CentOS-5.0 - Base                                    disabled
C5.0-centosplus             CentOS-5.0 - Plus                                    disabled
C5.0-extras                 CentOS-5.0 - Extras                                  disabled
base                        CentOS-5 - Base                                      enabled:  2,725
epel                        Extra Packages for Enterprise Linux 5 - i386         enabled:  5,783
extras                      CentOS-5 - Extras                                    enabled:    282
repolist: 20,824

17. Install a Package from Specific Repository

To install a particular package from a specific enabled or disabled repository, you must use –enablerepo option in your yum command. For example to Install PhpMyAdmin 3.5.2 package, just execute the command.

- yum --enablerepo=epel install phpmyadmin

Dependencies Resolved
=============================================================================================
 Package                Arch           Version            Repository           Size
=============================================================================================
Installing:
 phpMyAdmin             noarch         3.5.1-1.el6        epel                 4.2 M

Transaction Summary
=============================================================================================
Install       1 Package(s)

Total download size: 4.2 M
Installed size: 17 M
Is this ok [y/N]: y
Downloading Packages:
phpMyAdmin-3.5.1-1.el6.noarch.rpm                       | 4.2 MB     00:25
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : phpMyAdmin-3.5.1-1.el6.noarch             1/1
  Verifying  : phpMyAdmin-3.5.1-1.el6.noarch             1/1

Installed:
  phpMyAdmin.noarch 0:3.5.1-1.el6

Complete!

18. Interactive Yum Shell

Yum utility provides a custom shell where you can execute multiple commands.

- yum shell
Loaded plugins: fastestmirror
Setting up Yum Shell
> update httpd
Loading mirror speeds from cached hostfile
 * base: mirrors.sin3.sg.voxel.net
 * epel: ftp.riken.jp
 * extras: mirrors.sin3.sg.voxel.net
 * updates: mirrors.sin3.sg.voxel.net
Setting up Update Process
>

19. Clean Yum Cache

By default yum keeps all the repository enabled package data in /var/cache/yum/ with each sub-directory, to clean all cached files from enabled repository, you need to run the following command regularly to clean up all the cache and make sure that there is nothing unnecessary space is using. We don’t want to give the output of the below command, because we like to keep cached data as it is.

- yum clean all

20. View History of Yum

To view all the past transactions of yum command, just use the following command.

- yum history

Loaded plugins: fastestmirror
ID     | Login user               | Date and time    | Action(s)      | Altered
-------------------------------------------------------------------------------
    10 | root               | 2012-08-11 15:19 | Install        |    3
     9 | root               | 2012-08-11 15:11 | Install        |    1
     8 | root               | 2012-08-11 15:10 | Erase          |    1 EE
     7 | root               | 2012-08-10 17:44 | Install        |    1
     6 | root               | 2012-08-10 12:19 | Install        |    2
     5 | root               | 2012-08-10 12:14 | Install        |    3
     4 | root               | 2012-08-10 12:12 | I, U           |   13 E
     3 | root               | 2012-08-09 13:01 | Install        |    1 >
     2 | root               | 2012-08-08 20:13 | I, U           |  292 EE
     1 | System            | 2012-08-08 17:15 | Install        |  560
history list

We have tried to cover all the basic to advance yum commands with their examples. If anything related to yum commands may have missed out. Please update us through our comment box. So, we keep updating the same based on feedback’s received.

8 Linux Dig (Domain Information Groper) Command to Query DNS

8 Linux Dig (Domain Information Groper) Command to Query DNS &-8211; this Article or News was published on this date:2019-05-28 20:00:31 kindly share it with friends if you find it helpful

In our last article we have showed you the most used 8 Nslookup commands with their examples, now here we come with another command line tool called Dig, which is much similar to Linux Nslookup tool. We will see the usage of dig command closely with their examples as shown below.

Linux Dig Command ExamplesLinux Dig Command Examples

Linux Dig Command Examples

Dig stands for (Domain Information Groper) is a network administration command-line tool for querying Domain Name System (DNS) name servers. It is useful for verifying and troubleshooting DNS problems and also to perform DNS lookups and displays the answers that are returned from the name server that were queried. dig is part of the BIND domain name server software suite. dig command replaces older tool such as nslookup and the host. dig tool is available in major Linux distributions.

1. Query Domain “A” Record

- dig yahoo.com; >> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 >> yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER

Above command causes dig to look up the “A” record for the domain name yahoo.com. Dig command reads the /etc/resolv.conf file and querying the DNS servers listed there. The response from the DNS server is what dig displays.

Let us understand the output of the commands:
  1. Lines beginning with ; are comments not part of the information.
  2. The first line tell us the version of dig (9.8.2) command.
  3. Next, dig shows the header of the response it received from the DNS server
  4. Next comes the question section, which simply tells us the query, which in this case is a query for the “A” record of yahoo.com. The IN means this is an Internet lookup (in the Internet class).
  5. The answer section tells us that yahoo.com has the IP address 72.30.38.140
  6. Lastly there are some stats about the query. You can turn off these stats using the +nostats option.

2. Query Domain “A” Record with +short

By default dig is quite verbose. One way to cut down the output is to use the +short option. which will drastically cut the output as shown below.

- dig yahoo.com +short

98.139.183.24
72.30.38.140
98.138.253.109

Note: By default dig looks for the “A” record of the domain specified, but you can specify other records also. The MX or Mail eXchange record tells mail servers how to route the email for the domain. Likewise TTL, SOA etc.

3. Querying MX Record for Domain

Querying different types of DNS resource records only.

- dig yahoo.com MX

; > DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 > yahoo.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 31450
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 24

;; QUESTION SECTION:
;yahoo.com.                     IN      MX

;; ANSWER SECTION:
yahoo.com.              33      IN      MX      1 mta6.am0.yahoodns.net.
yahoo.com.              33      IN      MX      1 mta7.am0.yahoodns.net.
yahoo.com.              33      IN      MX      1 mta5.am0.yahoodns.net.

4. Querying SOA Record for Domain

- dig yahoo.com SOA

; > DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 > yahoo.com SOA
;; global options: +cmd
;; Got answer:
;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 2197
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 7, ADDITIONAL: 7

;; QUESTION SECTION:
;yahoo.com.                     IN      SOA

;; ANSWER SECTION:
yahoo.com.              1800    IN      SOA     ns1.yahoo.com. hostmaster.yahoo-inc.com. 2012081409 3600 300 1814400 600

5. Querying TTL Record for Domain

- dig yahoo.com TTL

; > DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 > yahoo.com TTL
;; global options: +cmd
;; Got answer:
;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 56156
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;yahoo.com.                     IN      A

;; ANSWER SECTION:
yahoo.com.              3589    IN      A       98.138.253.109
yahoo.com.              3589    IN      A       98.139.183.24
yahoo.com.              3589    IN      A       72.30.38.140

6. Querying only answer section

- dig yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats

; >> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 >> yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats
;; global options: +cmd
yahoo.com.              3442    IN      A       72.30.38.140
yahoo.com.              3442    IN      A       98.138.253.109
yahoo.com.              3442    IN      A       98.139.183.24

7. Querying ALL DNS Records Types

- dig yahoo.com ANY +noall +answer

; >> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 >> yahoo.com ANY +noall +answer
;; global options: +cmd
yahoo.com.              3509    IN      A       72.30.38.140
yahoo.com.              3509    IN      A       98.138.253.109
yahoo.com.              3509    IN      A       98.139.183.24
yahoo.com.              1709    IN      MX      1 mta5.am0.yahoodns.net.
yahoo.com.              1709    IN      MX      1 mta6.am0.yahoodns.net.
yahoo.com.              1709    IN      MX      1 mta7.am0.yahoodns.net.
yahoo.com.              43109   IN      NS      ns2.yahoo.com.
yahoo.com.              43109   IN      NS      ns8.yahoo.com.
yahoo.com.              43109   IN      NS      ns3.yahoo.com.
yahoo.com.              43109   IN      NS      ns1.yahoo.com.
yahoo.com.              43109   IN      NS      ns4.yahoo.com.
yahoo.com.              43109   IN      NS      ns5.yahoo.com.
yahoo.com.              43109   IN      NS      ns6.yahoo.com.

8. DNS Reverse Look-up

Querying DNS Reverse Look-up. Only display answer section with using +short.

- dig -x 72.30.38.140 +short

ir1.fp.vip.sp2.yahoo.com.

9. Querying Multiple DNS Records

Query multiple website’s DNS specific query viz. MX, NS etc. records.

- dig yahoo.com mx +noall +answer redhat.com ns +noall +answer

; >> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 >> yahoo.com mx +noall +answer redhat.com ns +noall +answer
;; global options: +cmd
yahoo.com.              1740    IN      MX      1 mta6.am0.yahoodns.net.
yahoo.com.              1740    IN      MX      1 mta7.am0.yahoodns.net.
yahoo.com.              1740    IN      MX      1 mta5.am0.yahoodns.net.
redhat.com.             132     IN      NS      ns1.redhat.com.
redhat.com.             132     IN      NS      ns4.redhat.com.
redhat.com.             132     IN      NS      ns3.redhat.com.
redhat.com.             132     IN      NS      ns2.redhat.com.

10. Create .digrc file

Create .digrc file under $HOME/.digrc to store default dig options.

- dig yahoo.com
yahoo.com.              3427    IN      A       72.30.38.140
yahoo.com.              3427    IN      A       98.138.253.109
yahoo.com.              3427    IN      A       98.139.183.24

We have store +noall +answer options permanently in .digrc file under user’s home directory. Now, whenever dig command execute it will show only answer section of dig output. No Need to type every-time options like +noall +answer.

In this article, we tried to find out dig command which may help you to search (DNS) Domain Name Service related information. Share your thoughts through comment box.

12 Tcpdump Commands – A Network Sniffer Tool

12 Tcpdump Commands &-8211; A Network Sniffer Tool &-8211; this Article or News was published on this date:2019-05-28 19:58:56 kindly share it with friends if you find it helpful

In our previous article, we have seen 20 Netstat Commands to monitor or mange Linux network. This is our another ongoing series of packet sniffer tool called tcpdump. Here, we are going to show you how to install tcpdump and then we discuss and cover some useful commands with their practical examples.

Linux tcpdump command examplesLinux tcpdump command examples

Linux tcpdump command examples

tcpdump is a most powerful and widely used command-line packets sniffer or package analyzer tool which is used to capture or filter TCP/IP packets that received or transferred over a network on a specific interface. It is available under most of the Linux/Unix based operating systems. tcpdump also gives us a option to save captured packets in a file for future analysis. It saves the file in a pcap format, that can be viewed by tcpdump command or a open source GUI based tool called Wireshark (Network Protocol Analyzier) that reads tcpdump pcap format files.

How to Install tcpdump in Linux

Many of Linux distributions already shipped with tcpdump tool, if in case you don’t have it on systems, you can install it using following Yum command.

- yum install tcpdump

Once tcpdump tool is installed on systems, you can continue to browse following commands with their examples.

1. Capture Packets from Specific Interface

The command screen will scroll up until you interrupt and when we execute tcpdump command it will captures from all the interfaces, however with -i switch only capture from desire interface.

- tcpdump -i eth0

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
11:33:31.976358 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 3500440357:3500440553, ack 3652628334, win 18760, length 196
11:33:31.976603 IP 172.16.25.125.apwi-rxspooler > 172.16.25.126.ssh: Flags [.], ack 196, win 64487, length 0
11:33:31.977243 ARP, Request who-has sfnews.com tell 172.16.25.126, length 28
11:33:31.977359 ARP, Reply sfnews.com is-at 00:14:5e:67:26:1d (oui Unknown), length 46
11:33:31.977367 IP 172.16.25.126.54807 > sfnews.com: 4240+ PTR? 125.25.16.172.in-addr.arpa. (44)
11:33:31.977599 IP sfnews.com > 172.16.25.126.54807: 4240 NXDomain 0/1/0 (121)
11:33:31.977742 IP 172.16.25.126.44519 > sfnews.com: 40988+ PTR? 126.25.16.172.in-addr.arpa. (44)
11:33:32.028747 IP 172.16.20.33.netbios-ns > 172.16.31.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:33:32.112045 IP 172.16.21.153.netbios-ns > 172.16.31.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:33:32.115606 IP 172.16.21.144.netbios-ns > 172.16.31.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:33:32.156576 ARP, Request who-has 172.16.16.37 tell old-oraclehp1.midcorp.mid-day.com, length 46
11:33:32.348738 IP sfnews.com > 172.16.25.126.44519: 40988 NXDomain 0/1/0 (121)

2. Capture Only N Number of Packets

When you run tcpdump command it will capture all the packets for specified interface, until you Hit cancel button. But using -c option, you can capture specified number of packets. The below example will only capture 6 packets.

- tcpdump -c 5 -i eth0

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
11:40:20.281355 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 3500447285:3500447481, ack 3652629474, win 18760, length 196
11:40:20.281586 IP 172.16.25.125.apwi-rxspooler > 172.16.25.126.ssh: Flags [.], ack 196, win 65235, length 0
11:40:20.282244 ARP, Request who-has sfnews.com tell 172.16.25.126, length 28
11:40:20.282360 ARP, Reply sfnews.com is-at 00:14:5e:67:26:1d (oui Unknown), length 46
11:40:20.282369 IP 172.16.25.126.53216 > sfnews.com.domain: 49504+ PTR? 125.25.16.172.in-addr.arpa. (44)
11:40:20.332494 IP sfnews.com.netbios-ssn > 172.16.26.17.nimaux: Flags [P.], seq 3058424861:3058424914, ack 693912021, win 64190, length 53 NBT Session Packet: Session Message
6 packets captured
23 packets received by filter
0 packets dropped by kernel

3. Print Captured Packets in ASCII

The below tcpdump command with option -A displays the package in ASCII format. It is a character-encoding scheme format.

- tcpdump -A -i eth0

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
09:31:31.347508 IP 192.168.0.2.ssh > 192.168.0.1.nokia-ann-ch1: Flags [P.], seq 3329372346:3329372542, ack 4193416789, win 17688, length 196
M.r0...vUP.E.X.......~.%..>N..oFk.........KQ..)Eq.d.,....r^l......m[email protected]_..J....i.*.....2f.mQH...Q.c...6....9.v.gb........;..4.).UiCY]..9..x.)..Z.XF....'|..E......M..u.5.......ul
09:31:31.347760 IP 192.168.0.1.nokia-ann-ch1 > 192.168.0.2.ssh: Flags [.], ack 196, win 64351, length 0
M....vU.r1~P.._..........
^C09:31:31.349560 IP 192.168.0.2.46393 > b.resolvers.Level3.net.domain: 11148+ PTR? 1.0.168.192.in-addr.arpa. (42)
[email protected]@............9.5.2.f+............1.0.168.192.in-addr.arpa.....

3 packets captured
11 packets received by filter
0 packets dropped by kernel

4. Display Available Interfaces

To list number of available interfaces on the system, run the following command with -D option.

- tcpdump -D

 1.eth0
2.eth1
3.usbmon1 (USB bus number 1)
4.usbmon2 (USB bus number 2)
5.usbmon3 (USB bus number 3)
6.usbmon4 (USB bus number 4)
7.usbmon5 (USB bus number 5)
8.any (Pseudo-device that captures on all interfaces)
9.lo

5. Display Captured Packets in HEX and ASCII

The following command with option -XX capture the data of each packet, including its link level header in HEX and ASCII format.

- tcpdump -XX -i eth0

11:51:18.974360 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 3509235537:3509235733, ack 3652638190, win 18760, length 196
        0x0000:  b8ac 6f2e 57b3 0001 6c99 1468 0800 4510  ..o.W...l..h..E.
        0x0010:  00ec 8783 4000 4006 275d ac10 197e ac10  [email protected]@.']...~..
        0x0020:  197d 0016 1129 d12a af51 d9b6 d5ee 5018  .}...).*.Q....P.
        0x0030:  4948 8bfa 0000 0e12 ea4d 22d1 67c0 f123  IH.......M".g..-
        0x0040:  9013 8f68 aa70 29f3 2efc c512 5660 4fe8  ...h.p).....V`O.
        0x0050:  590a d631 f939 dd06 e36a 69ed cac2 95b6  Y..1.9...ji.....
        0x0060:  f8ba b42a 344b 8e56 a5c4 b3a2 ed82 c3a1  ...*4K.V........
        0x0070:  80c8 7980 11ac 9bd7 5b01 18d5 8180 4536  ..y.....[.....E6
        0x0080:  30fd 4f6d 4190 f66f 2e24 e877 ed23 8eb0  0.OmA..o.$.w.-..
        0x0090:  5a1d f3ec 4be4 e0fb 8553 7c85 17d9 866f  Z...K....S|....o
        0x00a0:  c279 0d9c 8f9d 445b 7b01 81eb 1b63 7f12  .y....D[{....c..
        0x00b0:  71b3 1357 52c7 cf00 95c6 c9f6 63b1 ca51  q..WR.......c..Q
        0x00c0:  0ac6 456e 0620 38e6 10cb 6139 fb2a a756  ..En..8...a9.*.V
        0x00d0:  37d6 c5f3 f5f3 d8e8 3316 d14f d7ab fd93  7.......3..O....
        0x00e0:  1137 61c1 6a5c b4d1 ddda 380a f782 d983  .7a.j....8.....
        0x00f0:  62ff a5a9 bb39 4f80 668a                 b....9O.f.
11:51:18.974759 IP 172.16.25.126.60952 > mddc-01.midcorp.mid-day.com.domain: 14620+ PTR? 125.25.16.172.in-addr.arpa. (44)
        0x0000:  0014 5e67 261d 0001 6c99 1468 0800 4500  ..^g&...l..h..E.
        0x0010:  0048 5a83 4000 4011 5e25 ac10 197e ac10  [email protected]@.^%...~..
        0x0020:  105e ee18 0035 0034 8242 391c 0100 0001  .^...5.4.B9.....
        0x0030:  0000 0000 0000 0331 3235 0232 3502 3136  .......125.25.16
        0x0040:  0331 3732 0769 6e2d 6164 6472 0461 7270  .172.in-addr.arp
        0x0050:  6100 000c 0001                           a.....

6. Capture and Save Packets in a File

As we said, that tcpdump has a feature to capture and save the file in a .pcap format, to do this just execute command with -w option.

- tcpdump -w 0001.pcap -i eth0

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
4 packets captured
4 packets received by filter
0 packets dropped by kernel

7. Read Captured Packets File

To read and analyze captured packet 0001.pcap file use the command with -r option, as shown below.

- tcpdump -r 0001.pcap

reading from file 0001.pcap, link-type EN10MB (Ethernet)
09:59:34.839117 IP 192.168.0.2.ssh > 192.168.0.1.nokia-ann-ch1: Flags [P.], seq 3353041614:3353041746, ack 4193563273, win 18760, length 132
09:59:34.963022 IP 192.168.0.1.nokia-ann-ch1 > 192.168.0.2.ssh: Flags [.], ack 132, win 65351, length 0
09:59:36.935309 IP 192.168.0.1.netbios-dgm > 192.168.0.255.netbios-dgm: NBT UDP PACKET(138)
09:59:37.528731 IP 192.168.0.1.nokia-ann-ch1 > 192.168.0.2.ssh: Flags [P.], seq 1:53, ack 132, win 65351, length 5

8. Capture IP address Packets

To capture packets for a specific interface, run the following command with option -n.

- tcpdump -n -i eth0

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:07:03.952358 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 3509512873:3509513069, ack 3652639034, win 18760, length 196
12:07:03.952602 IP 172.16.25.125.apwi-rxspooler > 172.16.25.126.ssh: Flags [.], ack 196, win 64171, length 0
12:07:03.953311 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 196:504, ack 1, win 18760, length 308
12:07:03.954288 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 504:668, ack 1, win 18760, length 164
12:07:03.954502 IP 172.16.25.125.apwi-rxspooler > 172.16.25.126.ssh: Flags [.], ack 668, win 65535, length 0
12:07:03.955298 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 668:944, ack 1, win 18760, length 276
12:07:03.955425 IP 172.16.23.16.netbios-ns > 172.16.31.255.netbios-ns: NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
12:07:03.956299 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 944:1236, ack 1, win 18760, length 292
12:07:03.956535 IP 172.16.25.125.apwi-rxspooler > 172.16.25.126.ssh: Flags [.], ack 1236, win 64967, length 0

9. Capture only TCP Packets.

To capture packets based on TCP port, run the following command with option tcp.

- tcpdump -i eth0 tcp

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:10:36.216358 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 3509646029:3509646225, ack 3652640142, win 18760, length 196
12:10:36.216592 IP 172.16.25.125.apwi-rxspooler > 172.16.25.126.ssh: Flags [.], ack 196, win 64687, length 0
12:10:36.219069 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 196:504, ack 1, win 18760, length 308
12:10:36.220039 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 504:668, ack 1, win 18760, length 164
12:10:36.220260 IP 172.16.25.125.apwi-rxspooler > 172.16.25.126.ssh: Flags [.], ack 668, win 64215, length 0
12:10:36.222045 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 668:944, ack 1, win 18760, length 276
12:10:36.223036 IP 172.16.25.126.ssh > 172.16.25.125.apwi-rxspooler: Flags [P.], seq 944:1108, ack 1, win 18760, length 164
12:10:36.223252 IP 172.16.25.125.apwi-rxspooler > 172.16.25.126.ssh: Flags [.], ack 1108, win 65535, length 0
^C12:10:36.223461 IP mid-pay.midcorp.mid-day.com.netbios-ssn > 172.16.22.183.recipe: Flags [.], seq 283256512:283256513, ack 550465221, win 65531, length 1[|SMB]

10. Capture Packet from Specific Port

Let’s say you want to capture packets for specific port 22, execute the below command by specifying port number 22 as shown below.

- tcpdump -i eth0 port 22

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
10:37:49.056927 IP 192.168.0.2.ssh > 192.168.0.1.nokia-ann-ch1: Flags [P.], seq 3364204694:3364204890, ack 4193655445, win 20904, length 196
10:37:49.196436 IP 192.168.0.2.ssh > 192.168.0.1.nokia-ann-ch1: Flags [P.], seq 4294967244:196, ack 1, win 20904, length 248
10:37:49.196615 IP 192.168.0.1.nokia-ann-ch1 > 192.168.0.2.ssh: Flags [.], ack 196, win 64491, length 0
10:37:49.379298 IP 192.168.0.2.ssh > 192.168.0.1.nokia-ann-ch1: Flags [P.], seq 196:616, ack 1, win 20904, length 420
10:37:49.381080 IP 192.168.0.2.ssh > 192.168.0.1.nokia-ann-ch1: Flags [P.], seq 616:780, ack 1, win 20904, length 164
10:37:49.381322 IP 192.168.0.1.nokia-ann-ch1 > 192.168.0.2.ssh: Flags [.], ack 780, win 65535, length 0

11. Capture Packets from source IP

To capture packets from source IP, say you want to capture packets for 192.168.0.2, use the command as follows.

- tcpdump -i eth0 src 192.168.0.2

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
10:49:15.746474 IP 192.168.0.2.ssh > 192.168.0.1.nokia-ann-ch1: Flags [P.], seq 3364578842:3364579038, ack 4193668445, win 20904, length 196
10:49:15.748554 IP 192.168.0.2.56200 > b.resolvers.Level3.net.domain: 11289+ PTR? 1.0.168.192.in-addr.arpa. (42)
10:49:15.912165 IP 192.168.0.2.56234 > b.resolvers.Level3.net.domain: 53106+ PTR? 2.0.168.192.in-addr.arpa. (42)
10:49:16.074720 IP 192.168.0.2.33961 > b.resolvers.Level3.net.domain: 38447+ PTR? 2.2.2.4.in-addr.arpa. (38)

12. Capture Packets from destination IP

To capture packets from destination IP, say you want to capture packets for 50.116.66.139, use the command as follows.

- tcpdump -i eth0 dst 50.116.66.139

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
10:55:01.798591 IP 192.168.0.2.59896 > 50.116.66.139.http: Flags [.], ack 2480401451, win 318, options [nop,nop,TS val 7955710 ecr 804759402], length 0
10:55:05.527476 IP 192.168.0.2.59894 > 50.116.66.139.http: Flags [F.], seq 2521556029, ack 2164168606, win 245, options [nop,nop,TS val 7959439 ecr 804759284], length 0
10:55:05.626027 IP 192.168.0.2.59894 > 50.116.66.139.http: Flags [.], ack 2, win 245, options [nop,nop,TS val 7959537 ecr 804759787], length 0

This article may help you to explore tcpdump command in depth and also to capture and analysis packets in future. There are number of options available, you can use the options as per your requirement. Please share if you find this article useful through our comment box.

15 Basic ‘ls’ Command Examples in Linux

15 Basic &-8216;ls&-8217; Command Examples in Linux &-8211; this Article or News was published on this date:2019-05-28 19:58:47 kindly share it with friends if you find it helpful

ls command is one of the most frequently used command in Linux. I believe ls command is the first command you may use when you get into the command prompt of Linux Box.

We use ls command daily basis and frequently even though we may not aware and never use all the ls option available. In this article, we’ll be discussing basic ls command where we have tried to cover as much parameters as possible.

Linux ls CommandLinux ls Command

Linux ls Command

1. List Files using ls with no option

ls with no option list files and directories in bare format where we won’t be able to view details like file types, size, modified date and time, permission and links etc.

- ls

0001.pcap        Desktop    Downloads         index.html   install.log.syslog  Pictures  Templates
anaconda-ks.cfg  Documents  fbcmd_update.php  install.log  Music               Public    Videos

2 List Files With option –l

Here, ls -l (-l is character not one) shows file or directory, size, modified date and time, file or folder name and owner of file and its permission.

- ls -l

total 176
-rw-r--r--. 1 root root   683 Aug 19 09:59 0001.pcap
-rw-------. 1 root root  1586 Jul 31 02:17 anaconda-ks.cfg
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Desktop
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Documents
drwxr-xr-x. 4 root root  4096 Aug 16 02:55 Downloads
-rw-r--r--. 1 root root 21262 Aug 12 12:42 fbcmd_update.php
-rw-r--r--. 1 root root 46701 Jul 31 09:58 index.html
-rw-r--r--. 1 root root 48867 Jul 31 02:17 install.log
-rw-r--r--. 1 root root 11439 Jul 31 02:13 install.log.syslog
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Music
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Pictures
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Public
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Templates
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Videos

3. View Hidden Files

List all files including hidden file starting with ‘.‘.

- ls -a

.                .bashrc  Documents         .gconfd          install.log         .nautilus     .pulse-cookie
..               .cache   Downloads         .gnome2          install.log.syslog  .netstat.swp  .recently-used.xbel
0001.pcap        .config  .elinks           .gnome2_private  .kde                .opera        .spice-vdagent
anaconda-ks.cfg  .cshrc   .esd_auth         .gtk-bookmarks   .libreoffice        Pictures      .tcshrc
.bash_history    .dbus    .fbcmd            .gvfs            .local              .pki          Templates
.bash_logout     Desktop  fbcmd_update.php  .ICEauthority    .mozilla            Public        Videos
.bash_profile    .digrc   .gconf            index.html       Music               .pulse        .wireshark

4. List Files with Human Readable Format with option -lh

With combination of -lh option, shows sizes in human readable format.

- ls -lh

total 176K
-rw-r--r--. 1 root root  683 Aug 19 09:59 0001.pcap
-rw-------. 1 root root 1.6K Jul 31 02:17 anaconda-ks.cfg
drwxr-xr-x. 2 root root 4.0K Jul 31 02:48 Desktop
drwxr-xr-x. 2 root root 4.0K Jul 31 02:48 Documents
drwxr-xr-x. 4 root root 4.0K Aug 16 02:55 Downloads
-rw-r--r--. 1 root root  21K Aug 12 12:42 fbcmd_update.php
-rw-r--r--. 1 root root  46K Jul 31 09:58 index.html
-rw-r--r--. 1 root root  48K Jul 31 02:17 install.log
-rw-r--r--. 1 root root  12K Jul 31 02:13 install.log.syslog
drwxr-xr-x. 2 root root 4.0K Jul 31 02:48 Music
drwxr-xr-x. 2 root root 4.0K Jul 31 02:48 Pictures
drwxr-xr-x. 2 root root 4.0K Jul 31 02:48 Public
drwxr-xr-x. 2 root root 4.0K Jul 31 02:48 Templates
drwxr-xr-x. 2 root root 4.0K Jul 31 02:48 Videos

5. List Files and Directories with ‘/’ Character at the end

Using -F option with ls command, will add the ‘/’ Character at the end each directory.

- ls -F

0001.pcap        Desktop/    Downloads/        index.html   install.log.syslog  Pictures/  Templates/
anaconda-ks.cfg  Documents/  fbcmd_update.php  install.log  Music/              Public/    Videos/

6. List Files in Reverse Order

The following command with ls -r option display files and directories in reverse order.

- ls -r

Videos     Public    Music               install.log  fbcmd_update.php  Documents  anaconda-ks.cfg
Templates  Pictures  install.log.syslog  index.html   Downloads         Desktop    0001.pcap

7. Recursively list Sub-Directories

ls -R option will list very long listing directory trees. See an example of output of the command.

- ls -R

total 1384
-rw-------. 1 root     root      33408 Aug  8 17:25 anaconda.log
-rw-------. 1 root     root      30508 Aug  8 17:25 anaconda.program.log

./httpd:
total 132
-rw-r--r--  1 root root     0 Aug 19 03:14 access_log
-rw-r--r--. 1 root root 61916 Aug 10 17:55 access_log-20120812

./lighttpd:
total 68
-rw-r--r--  1 lighttpd lighttpd  7858 Aug 21 15:26 access.log
-rw-r--r--. 1 lighttpd lighttpd 37531 Aug 17 18:21 access.log-20120819

./nginx:
total 12
-rw-r--r--. 1 root root    0 Aug 12 03:17 access.log
-rw-r--r--. 1 root root  390 Aug 12 03:17 access.log-20120812.gz

8. Reverse Output Order

With combination of -ltr will shows latest modification file or directory date as last.

- ls -ltr

total 176
-rw-r--r--. 1 root root 11439 Jul 31 02:13 install.log.syslog
-rw-r--r--. 1 root root 48867 Jul 31 02:17 install.log
-rw-------. 1 root root  1586 Jul 31 02:17 anaconda-ks.cfg
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Desktop
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Videos
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Templates
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Public
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Pictures
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Music
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Documents
-rw-r--r--. 1 root root 46701 Jul 31 09:58 index.html
-rw-r--r--. 1 root root 21262 Aug 12 12:42 fbcmd_update.php
drwxr-xr-x. 4 root root  4096 Aug 16 02:55 Downloads
-rw-r--r--. 1 root root   683 Aug 19 09:59 0001.pcap

9. Sort Files by File Size

With combination of -lS displays file size in order, will display big in size first.

- ls -lS

total 176
-rw-r--r--. 1 root root 48867 Jul 31 02:17 install.log
-rw-r--r--. 1 root root 46701 Jul 31 09:58 index.html
-rw-r--r--. 1 root root 21262 Aug 12 12:42 fbcmd_update.php
-rw-r--r--. 1 root root 11439 Jul 31 02:13 install.log.syslog
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Desktop
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Documents
drwxr-xr-x. 4 root root  4096 Aug 16 02:55 Downloads
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Music
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Pictures
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Public
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Templates
drwxr-xr-x. 2 root root  4096 Jul 31 02:48 Videos
-rw-------. 1 root root  1586 Jul 31 02:17 anaconda-ks.cfg
-rw-r--r--. 1 root root   683 Aug 19 09:59 0001.pcap

10. Display Inode number of File or Directory

We can see some number printed before file / directory name. With -i options list file / directory with inode number.

- ls -i

20112 0001.pcap        23610 Documents         23793 index.html          23611 Music     23597 Templates
23564 anaconda-ks.cfg  23595 Downloads            22 install.log         23612 Pictures  23613 Videos
23594 Desktop          23585 fbcmd_update.php     35 install.log.syslog  23601 Public

11. Shows version of ls command

Check version of ls command.

- ls --version

ls (GNU coreutils) 8.4
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Written by Richard M. Stallman and David MacKenzie.

12. Show Help Page

List help page of ls command with their option.

- ls --help

Usage: ls [OPTION]... [FILE]...

13. List Directory Information

With ls -l command list files under directory /tmp. Wherein with -ld parameters displays information of /tmp directory.

- ls -l /tmp
total 408
drwx------. 2 narad narad   4096 Aug  2 02:00 CRX_75DAF8CB7768
-r--------. 1 root  root  384683 Aug  4 12:28 htop-1.0.1.tar.gz
drwx------. 2 root  root    4096 Aug  4 11:20 keyring-6Mfjnk
drwx------. 2 root  root    4096 Aug 16 01:33 keyring-pioZJr
drwx------. 2 gdm   gdm     4096 Aug 21 11:26 orbit-gdm
drwx------. 2 root  root    4096 Aug 19 08:41 pulse-gl6o4ZdxQVrX
drwx------. 2 narad narad   4096 Aug  4 08:16 pulse-UDH76ExwUVoU
drwx------. 2 gdm   gdm     4096 Aug 21 11:26 pulse-wJtcweUCtvhn
-rw-------. 1 root  root     300 Aug 16 03:34 yum_save_tx-2012-08-16-03-34LJTAa1.yumtx
- ls -ld /tmp/

drwxrwxrwt. 13 root root 4096 Aug 21 12:48 /tmp/

14. Display UID and GID of Files

To display UID and GID of files and directories. use option -n with ls command.

- ls -n

total 36
drwxr-xr-x. 2 500 500 4096 Aug  2 01:52 Downloads
drwxr-xr-x. 2 500 500 4096 Aug  2 01:52 Music
drwxr-xr-x. 2 500 500 4096 Aug  2 01:52 Pictures
-rw-rw-r--. 1 500 500   12 Aug 21 13:06 tmp.txt
drwxr-xr-x. 2 500 500 4096 Aug  2 01:52 Videos

15. ls command and its Aliases

We have made alias for ls command, when we execute ls command it’ll take -l option by default and display long listing as mentioned earlier.

- alias ls="ls -l"

Note: We can see number of alias available in your system with below alias command and same can be unalias as shown below example.

- alias

alias cp='cp -i'
alias l.='ls -d .* --color=auto'
alias ll='ls -l --color=auto'
alias ls='ls --color=auto'
alias mv='mv -i'
alias rm='rm -i'
alias which='alias | /usr/bin/which --tty-only --read-alias --show-dot --show-tilde'

To remove an alias previously defined, just use the unalias command.

- unalias ls

In our next article we’ll cover up more or advanced ls command with their examples. Also I suggest you to go through some interview questions on ls command and also if we’ve missed anything in the list, please update us via comment section.