lsof survival guide [closed] - unix
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
lsof is an increadibly powerful command-line utility for unix systems. It lists open files, displaying information about them. And since most everything is a file on unix systems, lsof can give sysadmins a ton of useful diagnostic data.
What are some of the most common and useful ways of using lsof, and which command-line switches are used for that?
To show all networking related to a given port:
lsof -iTCP -i :port
lsof -i :22
To show connections to a specific host, use #host
lsof -i#192.168.1.5
Show connections based on the host and the port using #host:port
lsof -i#192.168.1.5:22
grepping for LISTEN shows what ports your system is waiting for connections on:
lsof -i| grep LISTEN
Show what a given user has open using -u:
lsof -u daniel
See what files and network connections a command is using with -c
lsof -c syslog-ng
The -p switch lets you see what a given process ID has open, which is good for learning more about unknown processes:
lsof -p 10075
The -t option returns just a PID
lsof -t -c Mail
Using the -t and -c options together you can HUP processes
kill -HUP $(lsof -t -c sshd)
You can also use the -t with -u to kill everything a user has open
kill -9 $(lsof -t -u daniel)
lsof -i :port
will tell you what programs are listening on a specific port.
lsof -i will provide a list of open network sockets. The -n option will prevent DNS lookups, which is useful when your network connection is slow or unreliable.
lsof +D /some/directory
Will display recursively all the files opened in a directory. +d for just the top-level.
This is useful when you have high wait% for IO, correlated to use on a particular FS and want to see which processes are chewing up your io.
See what files a running application or daemon has open:
lsof -p pid
Where pid is the process ID of the application or daemon.
lsof +f -- /mountpoint
lists the processes using files on the mount mounted at /mountpoint. Particularly useful for finding which process(es) are using a mounted USB stick or CD/DVD.
Related
How to transfer file Fast over the internet?
I need to transfer files over the internet whith a backup script that transfer my oracle database archive logs on-premisse to my other oracle server (an azure vm). Today this script runs: '''rsync -avz archivelogs root#oracledb2:/dst/bkp/''' I enabled simpler encryptions in my ssh to make it lighter but I don't think it's safe. Does anyone have any tips for me to be able to transfer safely over the network and with speed. '''rsync -aHAXxv --numeric-ids --delete --progress -e "ssh -T -c arcfour -o Compression=no -x" [source_dir] [dest_host:/dest_dir]''' this is fast but arfour cipher isn't safe ... soo ... what should i do ?
Why "lsof -wni tcp:3000"
When I encounter "a server is already running" I use below command to solve this issue lsof -wni tcp:3000" kill -9 pid I undertand lsof, but don't understand why "-wni", does anybody know what "-wni" stands for? Also I could use lsof -i tcp:3000, but what is the difference between lsof -i tcp:3000 and lsof -wni tcp:3000? Thanks.
You can run man lsof to find out those flags. -w Enables (+) or disables (-) the suppression of warning messages. -n inhibits the conversion of network numbers to host names for network files. Inhibiting conversion may make lsof run faster. It is also useful when host name lookup is not working properly. -i [i] selects the listing of files any of whose Internet address matches the address specified in i. If no address is specified, this option selects the listing of all Internet and x.25 (HP-UX) network files.
Checking how many connections are established on specified port
How can I check, how many connections are established for example on port 80 and then write it to the file using bash console? I've read that netstat can do this, but I can not find , what exactly should I do with that, as I'm newbie on "Unix" systems.
You probably want sockstat if you're on FreeBSD: sockstat -c -L -P tcp -p 80
LSF bsub: job always in PENDING state, not going to RUN state
I stuck on a small problem. I'm launching many bsub commands at the same time each one on a specified host: bsub -sp 20 -W 0:5 -m $myhostname -q "myQueue" -J "mkdir_script" -o $log_file "script_to_launch param1 param2 param3" all this inside a for, for each hostName. The problem is that everything is OK for all hosts except one (always the same one). The job is always in PENDING state, and is not moving to RUN state. The script to execute is a script that will check for a folder and creating it if is not there (so a very small task to do). Is there a way to see what happens on that host and why my job is not going to RUN state ? PS: I just found the bjobs -p command and I have the following message: Not specified in job submission: 81 hosts; Closed by LSF administrator: 3 hosts; What does this message mean?
The -m option limits you to a particular host, which excludes 81 hosts. The other three have been closed by your system administrator. You would have to contact them to find out why.
A standard Unix command-line tool for piping to a socket
I have some applications, and standard Unix tools sending their output to named-pipes in Solaris, however named pipes can only be read from the local storage (on Solaris), so I can't access them from over the network or place the pipes on an NFS storage for networked access to their output. Which got me wondering if there was an analogous way to forward the output of command-line tools directly to sockets, say something like: mksocket mysocket:12345 vmstat 1 > mysocket 2>&1
Netcat is great for this. Here's a page with some common examples. Usage for your case might look something like this: Server listens for a connection, then sends output to it: server$ my_script | nc -l 7777 Remote client connects to server on port 7777, receives data, saves to a log file: client$ nc server 7777 >> /var/log/archive
netcat (also known as nc) is exactly what you're looking for. It's getting to be reasonably standard, but not available on all systems. socat seems to be a beefed-up version of netcat, with lots more features, but less commonly available. On Linux, you can also use /dev/tcp/<host>/<port>. See the Advanced Bash-Scripting Guide for more information.
netcat will help establish a pipe over the network.
You may want to use one of: ssh: secure (encrypted), already installed out-of-the-box on Solaris - but you have to set up a keypair for non-interactive sessions e.g. vmstat 2>&1 | ssh -i private.key oss#remote.node "cat >vmstat.out" netcat: simple to set up - but insecure and open to attacks see http://www.debian-administration.org/articles/58 etc.
Everyone is on the right track with netcat. But I want to add that if you are piping into nc and expecting a response, you will need to use the -q <seconds> option. From the manual: -q seconds after EOF on stdin, wait the specified number of seconds and then quit. If seconds is negative, wait forever. For instance, if you want to interact with your SSH Agent you can do something like this: echo -en '\x00\x00\x00\x01\x0b' | nc -q 1 -U $SSH_AUTH_SOCK | strings A more complete example is at https://gist.github.com/RichardBronosky/514dbbcd20a9ed77661fc3db9d1f93e4 * I stole this from https://ptspts.blogspot.com/2010/06/how-to-use-ssh-agent-programmatically.html