Linux Essentials: Commands Every Engineer Must Know - Software and Systems Engineering

Linux mastery is built on muscle memory. After 25+ years working with RHEL, CentOS, Fedora, Ubuntu, Debian, and FreeBSD systems, the commands below are the ones I reach for every single day. This page is deliberately dense — it is a reference, not a tutorial. If a flag or idiom looks unfamiliar, run man <command> to dig deeper.

ls -la               # long listing including hidden files
ls -lh               # human-readable sizes (K, M, G)
ls -lt               # sort by modification time, newest first
ls -lS               # sort by file size, largest first
ls --color=auto -F   # colorized + type indicator (/, *, @)

Use find when you need real-time results or complex filters. Use locate when you want speed and the file hasn’t changed recently. Run sudo updatedb in a cron job nightly to keep the index fresh.

File Operations

cp -av /src /dst          # archive mode + verbose (preserves permissions/timestamps)
cp -p file1 file2         # preserve mode, ownership, timestamps
cp --backup=numbered f1 f2 # keep numbered backups of the destination

mv -iv oldname newname    # interactive + verbose rename/move

rm -rf /path/to/dir       # force-remove recursively (no confirmation — be careful)
rm -i file                # prompt before each removal

rm -rf with a misplaced space or variable is catastrophic. Always double-check the path. Consider trash-cli on workstations, or at minimum alias rm='rm -i' in your .bashrc.

Text Processing

This is where Linux really shines. Master these tools and you rarely need a dedicated log-analysis GUI.

grep
awk
sed
cut / sort / uniq / wc

grep -rn "ERROR" /var/log/app/        # recursive + line numbers
grep -i "timeout" access.log          # case-insensitive
grep -v "DEBUG" app.log               # invert match (exclude)
grep -E "WARN|ERROR|CRIT" syslog      # extended regex (alternation)
grep -A3 -B3 "OOM" /var/log/messages  # 3 lines of context around match
grep -c "404" access.log              # count matching lines
grep -l "pattern" /etc/**/*.conf      # list filenames only

# Print specific columns (tab/space-delimited)
awk '{print $1, $4}' access.log

# Sum a column
awk '{sum += $5} END {print "Total:", sum}' report.txt

# Filter rows by field value
awk '$9 == "500"' access.log

# Use custom field separator
awk -F: '{print $1, $3}' /etc/passwd

# Print lines between two patterns
awk '/START/,/END/' logfile.txt

sed -i 's/oldstring/newstring/g' file.conf    # in-place replace
sed -i.bak 's/foo/bar/g' file.conf            # with .bak backup
sed -n '10,20p' bigfile.txt                   # print lines 10–20
sed '/^#/d' config.conf                       # delete comment lines
sed 's/[[:space:]]*$//' file.txt              # strip trailing whitespace

# cut — slice fields from delimited input
cut -d: -f1,3 /etc/passwd           # fields 1 and 3
cut -c1-80 wide.txt                 # first 80 characters per line

# sort
sort -k2 -n file.txt                # numeric sort on column 2
sort -t, -k3 -rn data.csv           # CSV, col 3, reverse numeric
sort -u names.txt                   # sort + deduplicate

# uniq (input must be sorted first)
sort ips.txt | uniq -c | sort -rn   # count occurrences, rank by frequency

# wc
wc -l file.txt                      # line count
wc -w file.txt                      # word count
ls /var/log/*.log | wc -l           # count log files

# head / tail
head -n 50 app.log                  # first 50 lines
tail -n 100 app.log                 # last 100 lines
tail -f /var/log/syslog             # follow in real time
tail -F /var/log/app.log            # follow + reopen if rotated

Process Management

ps aux                        # all processes, BSD style
ps -ef                        # all processes, POSIX style
ps aux | grep nginx           # filter by name
ps -o pid,ppid,cmd,%mem,%cpu --sort=-%cpu | head -20  # custom columns, sort by CPU

top                           # live view (press M to sort by memory, P by CPU)
htop                          # nicer UI; F5 for tree view, F6 to sort

Prefer kill -15 (SIGTERM) first — it gives the process a chance to flush buffers and clean up. Only escalate to kill -9 (SIGKILL) if the process doesn’t respond after a few seconds.

System Information

uname -r            # kernel version
uname -a            # full kernel info (arch, hostname, date)
hostnamectl         # systemd-based hostname + OS info
cat /etc/os-release # distribution name and version
lscpu               # CPU topology, cores, threads, cache
lsblk -f            # block devices + filesystem types + mount points
lspci               # PCI devices (NICs, GPUs, controllers)
lsusb               # USB devices
dmidecode -t system # hardware/BIOS info (requires root)

Package Management Quick Reference

APT (Debian / Ubuntu)
YUM / DNF (RHEL / CentOS / Fedora)
FreeBSD pkg

apt update                          # refresh package index
apt upgrade                         # upgrade all packages
apt install nginx                   # install a package
apt remove nginx                    # remove (keep config)
apt purge nginx                     # remove + purge config
apt autoremove                      # remove orphaned dependencies
apt search "web server"             # search by keyword
apt show nginx                      # package details
dpkg -l | grep nginx                # check if installed
dpkg -L nginx                       # list installed files
dpkg -S /usr/sbin/nginx             # which package owns a file

dnf check-update                    # list available updates
dnf upgrade                         # apply all updates
dnf install httpd                   # install a package
dnf remove httpd                    # uninstall
dnf search "web server"             # search
dnf info httpd                      # package details
dnf history                         # transaction history
dnf history undo last               # rollback last transaction

rpm -qa | grep httpd                # list installed RPMs matching name
rpm -ql httpd                       # files owned by package
rpm -qf /usr/sbin/httpd             # which RPM owns a file

pkg update                          # refresh index
pkg upgrade                         # upgrade all
pkg install nginx                   # install
pkg delete nginx                    # remove
pkg search nginx                    # search
pkg info nginx                      # details
pkg which /usr/local/sbin/nginx     # which package owns a file

User and Group Management

useradd -m -s /bin/bash -G wheel appuser    # create user with home + shell + group
usermod -aG docker appuser                  # add to additional group
usermod -L appuser                          # lock account
usermod -U appuser                          # unlock account
userdel -r appuser                          # delete user + home directory
passwd appuser                              # set/change password
chage -l appuser                            # show password expiry info
chage -M 90 appuser                         # password expires in 90 days
id appuser                                  # show UID, GID, groups

Never edit /etc/sudoers directly. Always use visudo, which validates syntax before saving. A broken sudoers file can lock you out of root access.

Bash Scripting

Turn these one-liners into reusable, robust shell scripts.

Networking

Network diagnostics, SSH, firewalls, and DNS troubleshooting.

Troubleshooting

Systematic workflows for CPU, memory, disk, and service issues.

DevOps Overview

CI/CD, containers, and orchestration context for these commands.

​Filesystem Navigation

​File Operations

​Text Processing

​Process Management

​System Information

​Package Management Quick Reference

​User and Group Management

​Related Pages

Bash Scripting

Networking

Troubleshooting

DevOps Overview

Filesystem Navigation

File Operations

Text Processing

Process Management

System Information

Package Management Quick Reference

User and Group Management

Related Pages