Today I came across ISOF command in one interview, the interviewer of this interview is a tricky guy and a great Linux/nix guru. He asked me many questions which I can’t answer, in that lsof command is one. This command really impressed me and this is one of the most powerful command i ever come across till this point in Linux. So I did some research on this command and come across numerous examples for making network/system admin work bit more simple and meaning full.
So what is lsof command?
lsof is nothing but LiSt Open Files, which will show all the open files by
1. a process in system.
2. a user.
3. a command.
4. a network service.
5. a regular file.
6. a directory
7. a block special file
8. a character special file
9. an executing text reference
10. a library
11. a stream or
So where we will use this lsof command? In many situations such as when troubleshooting network related issues, file related issues and process related issue.
USAGE1 : To see all the open files in system with out filtering which lists all open files belonging to all active processes.
#lsof
USAGE2 : Some times we will face an issue like, some service will not bind to a port and cannot start the service, this is due to some process already using that port(though the process died). So we have to see which process is using this port and kill that process. this will eliminate restarting the server. Suppose we want to start ftp server which will not starting due to above problem.
#lsof -i TCP:ftp
here -i is used to specify Internet
USAGE3 : To see what files are opened when you execute a command
#lsof -c httpd
here -c is for specifying command.
USAGE4 : To see which file opened for a device
#lsof /dev/hdc
USAGE5 : To see which procces or user is accessing the file.
Example:
[root@v-test Script]# lsof -f passwd
[root@v-test Script]# lsof -f passwd
vim 14122 root 4u REG 253,0 12288 234655 /etc/.passwd.swp
[root@v-test Script]#
USAGE6 : To monitor network, what people are doing with what network services
#watch lsof -i
Note:watch is an excellent command to repeate a command execution on a regular interval please have a look in to my other blog post about this watch command.
USAGE7 : To see all open internet files
#lsof -i -U
USAGE8 : To see Ports either its TCP or UDP
#lsof -i TCP:22
For checking all the connection for ssh port
#lsof -i UDP: 69
This is for tftp connections to the machine.
USAGE9:To watch all the actually by a user in live..?
#watch lsof –u username
A good link for learning more about lsof command link1 some sister commands for this command are pstree, ps and netstat
NOTE : Some strange things I observed about this command is
1.Till this point I know that to use any commands options we have to use - but for this command there are both + and - options too.
2.In linux every thing is considered as files even a network socket, hardware device for some examples.
3 comments:
This is very informative...
great going buddy!
Thanks man
plz let me know what other topics you require
very useful Brother
Post a Comment