「システム管理者用コマンド」の版間の差分

2022年12月29日 (木) 16:53時点における版

Debian11で「/sbin -> usr/sbin」内に格納されているシステム管理者用コマンド（202個）。rootで利用可。ちなみに アプリ や 妖精/ダイモン の場合はより機能が複雑で独自のインターフェースが起動したりする。一般ユーザ用コマンドも参照。

妖精さん

arpd	ARP情報を収集して保持してくれる妖精。daemon collects gratuitous ARP information, saving it on local disk and feeding it to the kernel on demand to avoid redundant broadcasting due to limited size of the kernel ARP cache.
cron	スケジュールした仕事をやってくれる妖精。daemon to execute scheduled commands (Vixie Cron). started automatically from /etc/init.d on entering multi-user runlevels.

ハードウェア管理

コマンド	概要
biosdecode	マザボ付属BIOSに記録されているハードウェア情報を表示。parses the BIOS memory and prints information about all structures (or entry points) it knows of.
dmidecode	PCのSMBIOS情報を表示。tool for dumping a computer's DMI (some say SMBIOS) table contents in a human-readable format.
chcpu	configure CPUs. it modify the state of CPUs. It can enable or disable CPUs, scan for new CPUs, etc.
chmem	configure memory. it sets a particular size or range of memory online or offline.
discover	ハードウェア情報を表示。provides an extensible hardware detection and reporting interface. Hardware information is stored in an XML data format and can be re trieved across the network.
discover-modprobe	ブート時に自動的に実行されてカーネルモジュールをロード。loads kernel modules identified by discover. It will typically be invoked automatically at boot time.
discover-pkginstall	discoverコマンド情報を利用してハードウェア向けのパッケージをインストール。intsall packages for available hardware using discover(1).It will use the discover-data database to map for hardware to debian packages, install the packages by default.
hwclock	administration tool for the time clocks. It can: display the Hardware Clock time; set the Hardware Clock to a specified time; set the Hardware Clock from the System Clock; set the System Clock from the Hardware Clock;
ctrlaltdel	Linuxでは「ctrl」「alt」「del」同時押しでシステムを強制リブートできる。Debian11では「soft（オフ）」。set the function of the Ctrl-Alt-Del combination. hard : Immediately reboot the computer without calling sync(2) and without any other preparation.
halt poweroff reboot	to halt, power-off, or reboot the machine. All three commands take the same options.

ブートローダ管理

コマンド	概要
grub-bios-setup	You shouldn't normally run this program directly. Use grub-install instead. set up a device to boot using GRUB.
grub-install	Install GRUB on your drive.
grub-mkconfig	generate a GRUB configuration file.
grub-mkdevicemap	Generate a device map file automatically.
grub-probe	probe device information for GRUB. Probe device information for a given path (or device, if the -d option is given).
grub-reboot	Set the default boot menu entry for GRUB, for the next boot only. MENU_ENTRY is a number, a menu item title or a menu item identifier.
grub-set-default	Set the default boot menu entry for GRUB. This requires setting GRUB_DEFAULT=saved in /etc/default/grub.
grub-macbless	Mac-style bless on HFS or HFS+. MacOS 9 までの MacOSでは、起動ディスクにある「システムフォルダ」をFinderで開くと、そのCNIDをボリュームヘッダ内のFinderInfoに記録する。このディレクトリを開く行為を特に「bless」（祝福）と言っていた。

カーネル管理

コマンド	概要
installkernel	installs a new kernel image onto the system from the Linux source tree. It is called by the Linux kernel makefiles when make install is invoked there. The new kernel is installed into {directory}/vmlinuz-{version}.
insmod	insmod is a trivial program to insert a module into the kernel. Most users will want to use modprobe(8) instead, which is more clever and can handle module dependencies.
modprob	modprobe intelligently adds or removes a module from the Linux kernel: note that for convenience, there is no difference between _ and - in module names (automatic underscore conversion is performed).

システム管理

コマンド	概要
systemd init	systemd is a system and service manager for Linux operating systems. When run as first process on boot (as PID 1), it acts as init system that brings up and maintains userspace services. Separate instances are started for logged-in users to start their services. systemd is usually not invoked directly by the user, but is installed as the /sbin/init symlink and started during early boot. The user manager instances are started automatically through the user@.service(5) service.
killall5	is the SystemV killall command. It sends a signal to all processes except kernel threads and the processes in its own session, so it won't kill the shell that is running the script it was called from. Its primary (only) use is in the rc scripts found in the /etc/init.d directory.
invoke-rc.d	is a generic interface to execute System V style init script /etc/init.d/name actions, obeying runlevel constraints as well as any local policies set by the system administrator.

デバイス管理

コマンド	概要
fdisk	dialog-driven program for creation and manipulation of partition tables. It understands GPT, MBR, Sun, SGI and BSD partition tables. Block devices can be divided into one or more logical disks called partitions. This division is recorded in the partition table, usually found in sector 0 of the disk. (In the BSD world one talks about `disk slices' and a `disklabel'.). All partitioning is driven by device I/O limits (the topology) by default. fdisk is able to optimize the disk layout for a 4K-sector size and use an alignment offset on modern devices for MBR and GPT. It is always a good idea to follow fdisk's defaults as the default values.
cfdisk	Curses版パーティショニング管理アプリ。display or manipulate a disk partition table. Curses-based program for partitioning any block device. The default device is /dev/sda.
blkid	ブロックデバイスのID情報を表示。locate/print block device attributes.
badblocks	パーティション内のブロックの欠陥を探す。used to search for bad blocks on a device (usually a disk partition).
blkdeactivate	ブロックデバイスをオフにする。deactivates block devices. For mounted block devices, it attempts to unmount it automatically before trying to deactivate.
blkdiscard	デバイスのセクターを直接破棄。discard device sectors. This is useful for solid-state drivers (SSDs) and thinly-provisioned storage. Unlike fstrim(8), this command is used directly on the block device.
blkzone	run zone command on device that support the Zoned Block Commands (ZBC) or Zoned-device ATA Commands (ZAC).
blockdev	The utility blockdev allows one to call block device ioctls from the command line.
dmsetup	manages logical devices that use the device-mapper driver. Devices are created by loading a table that specifies a target for each sector (512 bytes) in the logical device.
dmstats	manages IO statistics regions for devices that use the device-mapper driver. Statistics regions may be created, deleted, listed and reported on using the tool.
fdformat	does a low-level format on a floppy disk. device is usually one of the following./dev/fd0d360 (minor = 4),/dev/fd0h1200 (minor = 8),etc.
ldattach	The ldattach daemon opens the specified device file (which should refer to a serial device) and attaches the line discipline ldisc to it for processing of the sent and/or received data. It then goes into the background keeping the device open so that the line discipline stays loaded.

ファイルシステム管理

コマンド	概要
fsck	check and optionally repair one or more Linux filesystems. filesys can be a device name (e.g., /dev/hdc1, /dev/sdb2), a mount point (e.g., /, /usr, /home), or an filesystem label or UUID specifier (e.g., UUID=8868abf6-88c5-4a83-98b8-bfc24057f7bd or LABEL=root). Normally, the fsck program will try to handle filesystems on different physical disk drives in parallel to reduce the total amount of time needed to check all of them.
fsck.ext2[34] e2fsck	check the ext2/ext3/ext4 family of file systems. For ext3 and ext4 filesystems that use a journal, if the system has been shut down uncleanly without any errors, normally, after replaying the committed transactions in the journal, the file system should be marked as clean. Hence, for filesystems that use journalling, e2fsck will normally replay the journal and exit, unless its superblock indicates that further checking is required. Note that in general it is not safe to run e2fsck on mounted filesystems.
fsck.cramfs	used to check the cramfs file system.
fsck.minix	check consistency of Minix filesystem.
fsfreeze	suspends or resumes access to a filesystem. fsfreeze halts any new access to the filesystem and creates a stable image on disk. fsfreeze is intended to be used with hardware RAID devices that support the creation of snapshots.
fstrim	used on a mounted filesystem to discard (or "trim") blocks which are not in use by the filesystem. This is useful for solid-state drives (SSDs) and thinly-provisioned storage. By default, fstrim will discard all unused blocks in the filesystem. Options may be used to modify this behavior based on range or size.
debugfs	対話的にファイルシステムをデバッグする。ext2/ext3/ext4 file system debugger.It can be used to examine and change the state of an ext2, ext3, or ext4 file system.
dpkg-fsys-usrunmess	tool to fix up filesystems that have been installed anew with recent installers with unfortunate defaults or migrated to the broken merged /usr
dumpe2fs	prints the super block and blocks group information for the filesystem present on device. When used with a mounted filesystem, the printed information may be old or inconsistent.
e2freefrag	report free space fragmentation on ext2/3/4 file systems.
e2image	Save critical ext2/ext3/ext4 filesystem metadata to a file.
e2label	display or change the volume label on the ext2, ext3, or ext4 filesystem located on device.
e2mmpstatus	Check MMP status of an ext4 filesystem. used to check Multiple-Mount Protection (MMP) status of an ext4 filesystem with the mmp feature enabled.
e2scrub	check (but not repair) all metadata in a mounted ext[234] filesystem if the filesystem resides on an LVM logical volume.This program snapshots the volume and runs a file system check on the snapshot to look for corruption errors.
e2scrub_all	Searches the system for all LVM logical volumes containing an ext2, ext3, or ext4 file system, and checks them for problems. The checking is performed by invoking the e2scrub tool, which will look for corruptions.
e2undo	replay the undo log undo_log for an ext2/ext3/ext4 filesystem found on device. This can be used to undo a failed operation by an e2fsprogs program.
e4crypt	performs encryption management for ext4 file systems.
e4defrag	reduces fragmentation of extent based file. The file targeted by e4defrag is created on ext4 filesystem made with "-O extent" option (see mke2fs(8)). The targeted file gets more contiguous blocks and improves the file access speed.
filefrag	reports on how badly fragmented a particular file might be. It makes allowances for indirect blocks for ext2 and ext3 filesystems, but can be used on files for any filesystem.
findfs	find a filesystem by label or UUID. search the block devices in the system looking for a filesystem or partition with specified tag. The currently supported tags are: LAVEL, UUID, etc.
isosize	This command outputs the length of an iso9660 filesystem that is contained in the specified file. This file may be a normal file or a block device (e.g. /dev/hdd or /dev/sr0). In the absence of any options (and errors), it will output the size of the iso9660 filesystem in bytes. This can now be a large number (>> 4 GB).

ユーザ管理

コマンド	概要
adduser addgroup	システムにユーザやグループを追加。add a user or group to the system. They are friendlier front ends to the low level tools like useradd, groupadd and usermod programs.
useradd groupadd	low level utility for adding users. On Debian, administrators should usually use adduser(8) instead.
deluser delgroup	システムからユーザやグループを削除。remove a user or group from the system.
userdel groupdel	low level utility for removing users. On Debian, administrators should usually use deluser(8) instead.
chpasswd	ユーザのパスワードを変更。update passwords in batch mode. reads a list of user name and password pairs from standard input and uses this information to update a group of existing users.
chgpasswd	グループのパスワードを変更。update group passwords in batch mode. it reads a list of group name and password pairs from standard input and uses this information to update a set of existing groups.
faillock	application which can be used to examine and modify the contents of the tally files. It can display the recent failed authentication attempts of the username or clear the tally files of all or individual usernames.
groupmems	allows a user to administer their own group membership list without the requirement of superuser privileges. The groupmems utility is for systems that configure its users to be in their own name sake primary group (i.e., guest / guest). Only the superuser, as administrator, can use groupmems to alter the memberships of other groups.
groupmod	modifies the definition of the specified GROUP by modifying the appropriate entry in the group database.
grpck	verifies the integrity of the groups information. It checks that all entries in /etc/group and /etc/gshadow have the proper format and contain valid data. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors.
pwconv pwunconv	creates shadow from passwd. pwunconv command creates passwd from passwd and shadow and then removes shadow.
grpconv grpunconv	creates gshadow from group. grpunconv command creates group from group and gshadow and then removes gshadow.

環境管理

コマンド	概要
getty agetty	マシンを制御するためにテレタイプを起動。alternative Linux getty. Opens a tty port, prompts for a login name and invokes the /bin/login command. It is normally invoked by init(8).
add-shell	システムに利用可能なシェルを追加。add shells to the list of valid login shells
capsh	capability shell wrapper. This tool provides a handy wrapper for certain types of capability testing and environment creation. It also provides some debugging features useful for summarizing capability state.
chroot	「/（ルート）」の場所を隠蔽してコマンドを実行。run command or interactive shell with special root directory.
locale-gen	By default, the locale package which provides the base support for localisation of libc-based programs does not contain usable localisation files for every supported language. This limitation has became necessary because of the substantial size of such files and the large number of languages supported by libc. As a result, Debian uses a special mechanism where we prepare the actual localisation files on the target host and distribute only the templates for them. locale-gen is a program that reads the file /etc/locale.gen and invokes localedef for the chosen localisation profiles. Run locale-gen after you have modified the /etc/locale.gen file.

パッケージ管理

コマンド	概要
dpkg-preconfigure	インストールされる前に新しいパッケージが質問してくる。lets packages ask questions before they are installed. It operates on a set of debian packages, and all packages that use debconf will have their config script run so they can examine the system and ask questions.
dpkg-reconfigure	名前を指定してインストール済みパッケージの設定を組み直す。reconfigures packages after they have already been installed. Pass it the names of a package or packages to reconfigure. It will ask configuration questions, much like when the package was first installed. If you just want to see the current configuration of a package, see debconf-show(1) instead.

プロセス管理

コマンド	概要
getcap	プロセスの特権状況（ケーパビリティ）を確認。displays the name and capabilities of each specified file.
getpcaps	displays the capabilities on the processes indicated by the pid value(s) given on the command line. A pid of 0 displays the capabilities of the process that is running getpcaps itself.

ネットワーク

コマンド	概要
dhclient	provides a means for configuring one or more network interfaces using the Dynamic Host Configuration Protocol, BOOTP protocol, or if these protocols fail, by statically assigning an address.
dhclient-script	The DHCP client network configuration script is invoked from time to time by dhclient(8).
ifup ifdown ifquery	The ifup and ifdown commands may be used to configure (or, respectively, deconfigure) network interfaces based on interface definitions in the file /etc/network/interfaces. ifquery command may be used to parse interfaces configuration.
ip	show / manipulate routing, network devices, interfaces and tunnels.
bridge	show / manipulate bridge addresses and devices.
devlink	Devlink tool
ethtool	used to query and control network device driver and hardware settings, particularly for wired Ethernet devices.
genl	provides a simple frontend to the generic netlink library. Although it's designed to support multiple OBJECTs, for now only the ctrl object is available, which is used to query the generic netlink controller.

ログ管理

コマンド	概要
logrotate	is designed to ease administration of systems that generate large numbers of log files. It allows automatic rotation, compression, removal, and mailing of log files. Each log file may be handled daily, weekly, monthly, or when it grows too large. Normally, logrotate is run as a daily cron job.

情報探索

コマンド	概要
accessdb	「man」関連のデータベース内情報を表示。dumps the content of a man-db database in a human readable format.
aspell-autobuildhash	「dictionaries-common」から呼ばれる。script that will manage aspell hash files autobuild, intended to be called from the dictionaries-common tools.
iconvconfig	文字コード変換の設定ファイルをキャッシュ。iconv(3) function internally uses gconv modules to convert to and from a character set. A configuration file is used to determine the needed modules for a conversion. Loading and parsing such a configuration file would slow down programs that use iconv(3), so a caching mechanism is employed.

港開発ツール

コマンド	概要
depmod	Linuxシステムでは複数のモジュールを使い回しながらサービスを提供している。ゆえにモジュール間の依存関係は複雑になりがち。depmodは各モジュールの依存状況を /lib/modules/version から読み取って依存関係リスト modules.dep を作成する。
ldconfig	ldconfig creates the necessary links and cache to the most recent shared libraries found in the directories specified on the command line, in the file /etc/ld.so.conf, and in the trusted directories, /lib and /usr/lib.

その他

コマンド	概要
cppw cpgr	will copy, with locking, the given file to /etc/passwd and /etc/group, respectively.
fstab-decode	decodes escapes (such as newline characters and other whitespace) in the specified ARGUMENTs and uses them to run COMMAND. In essence fstab-decode can be used anytime we want to pass multiple parameters to a command as a list of command line arguments.
ispell-autobuildhash	is a script that will manage ispell hash files autobuild, intended to be called from the dictionaries-common tools.

installkernel invoke-rc.d ip isosize ispell-autobuildhash killall5 ldattach ldconfig locale-gen logrotate logsave losetup lsmod mke2fs mkfs mkfs.bfs mkfs.cramfs mkfs.ext2 mkfs.ext3 mkfs.ext4 mkfs.minix mkhomedir_helper mkinitramfs mklost+found mkswap modinfo newusers nft nologin ownership pam-auth-update pam_getenv pam_timestamp_check pivot_root poweroff pwck pwconv pwunconv qemu-ga raw readprofile reboot remove-default-ispell remove-default-wordlist remove-shell resize2fs rmmod rmt rmt-tar rsyslogd rtacct rtcwake rtmon runlevel runuser select-default-ispell select-default-wordlist service setcap sfdisk shadowconfig shutdown sshd start-stop-daemon sulogin swaplabel swapoff swapon switch_root sysctl tarcat tc tcptraceroute tcptraceroute.db telinit tipc traceroute tune2fs tzconfig unix_chkpwd unix_update update-ca-certificates update-default-aspell update-default-ispell update-default-wordlist update-dictcommon-aspell update-dictcommon-hunspell update-grub update-grub2 update-initramfs update-locale update-mime update-passwd update-pciids update-rc.d upgrade-from-grub-legacy useradd userdel usermod validlocale vigr vipw vpddecode wipefs zic zramctl

@@ 332行目: / 332行目: @@
 !genl
 |provides  a simple frontend to the <u>generic netlink library</u>. Although it's designed to support multiple OBJECTs, for now only the ctrl object is available, which is used to query the generic netlink controller.
+|}
+==ログ管理==
+{| class="wikitable" summary="=ログ管理コマンド"
+!コマンド
+!概要
+|-
+!logrotate
+|is  designed  to ease administration of systems that generate large numbers of log files.  It allows automatic rotation, compression, removal, and mailing of log files.  Each log file may be handled daily, weekly, monthly, or when it grows too large. Normally, logrotate is run as a daily cron job.
 |}