8 Basic lsof Commands Every Sysadmin Needs to Know
ฝัง
- เผยแพร่เมื่อ 3 ต.ค. 2016
- lsof basics - list open files on Linux and Unix (expand for timestamps and details).
In this video I introduce the 'lsof' command, found on Linux and Unix systems. I'll show you some practical examples and teach you how to explore what's happening with the filesytem in a system or process.
1:00 Which files are open?
lsof
2:56 Which processes have this file open?
lsof /var/log/nginx-error.log
4:49 Which files does process X have open?
lsof -p 1
lsof -p `pgrep ABC`
7:08 Where is the binary for this process?
lsof -p ABC | grep bin
7:44 Which shared libraries is this program using? (manually upgrading software, i.e. openssl)
lsof -p PID | grep .so
8:03 Where is this thing logging to?
lsof -p ABC | grep log
8:40 Which processes still have this old library open?
lsof grep libname.so
9:45 Which files does user XYZ have open?
lsof -u XYZ
lsof -u XYZ -i # network only
10:25 Which process is listening on Port X (or using Protocol Y)?
lsof -i :80
lsof -i tcp
11:21 Super lsof Story Time!
14:03 Exercises
My step-by-step project-based Linux course for beginners: www.udemy.com/course/hands-on...
Free Linux Sysadmin Course Playlist: • The Linux Basics Cours...
DigitalOcean referral link: m.do.co/c/0380a1db56a6
Patreon: / tutorialinux
Official Site & e-mail list: tutorialinux.com/
Twitter: / tutorialinux
Facebook: / tutorialinux
Podcast: kernelpanicpodcast.com - วิทยาศาสตร์และเทคโนโลยี
I am a Doctor. I just opened this series out of curiosity and I am hooked and this is 40ish video or something
This is really so cool. I've been looking around for a "Linux guy" on youtube for a while. Love the way you do things (length of vids, speed you go at, the things you cover etc.).
Please keep going!
How did I not take the time to learn this sooner..... Thanks!
You rock bro. I study Linux over at Linux Academy, but when I'm not watching actual course videos, this is exactly what I need! I love your casual, humorous, but informative style. More videos please!
What's in that naughty_sites.txt file, Dave?
@@AUBCodeII lol after four years... NGL I don't even remember any details from this video, so whatever reference you're making is going a bit over my head
@@BackWoodsWisco 10:20
@@AUBCodeII lmao nice 😆
10:20 - LOL Nice touch! Good humor on such a serious video, while still educating people. :)
Thanks Dave. I just tuned in the command line recently. I have been watching your first few basics vids as well and will continue with that. This is extremely helpful. Grtz from A'dam.!
I've taught for a long time, i've done sys-admin stuff for a long time. I appreciate your style. Thank you for bringing this into the world, it has been very helpful for me. You are a good teacher.
Dave - Excellent piece! Keep up the good work. God bless you.
Thanks for your sharing. Not only for sysadm, this is also useful for socket and system program developer.
Amazing, practical stuff. Thanks man.
Thank you for taking the time to make this video. It has helped me a great bit on learning Linux
I first learned about lsof from the How Linux Works book. But the author didn't go into much detail & I didn't see much need for learning the command any further. I saw this vid on your channel and decided to give lsof another chance. Boy am I glad I watched this. Like you said, there are other ways to do some of these things, but it's nice to have knowledge of this swiss army knife tool. Thanks! You have a new subscriber.
Just subbed. Amazing channel man. Keep up the great work.
This is so powerful and super useful thing to know. Thanks for what you are doing, you're the best!
we are thirsty for good vids like this. keep it up.
Those tips were awesome. Thank you for sharing them.
Very concise and insightful.
Very helpful, thanks Dave!
Great tips, great tutorial. Thumbs up!
Absolutely amazing. Thank you man 👍
I liked that “sometimes wonderful, sometimes terrible” comment about UNIX-like systems using the “file” metaphor / construct for everything. 😂
you wonderful guy , you making the things easier. and I love the way you explains, thanks a lot
clear and straight to the point. thanks c:
Your videos are great.
Learning quite a lot.
Loved the way you explained , beautiful way of teaching.... Keep making such basic vdo's
Great video my dude!
Another great Linux vid. I know enough Linux to be dangerous, but trying to up my game a bit and your videos have been super helpful. Earned a sub for sure. Thanks
Cool Video - Thank you ! A lot of cmds i know but not all for example "lsof"
In solaris I can do lsof -p and it will list all open ports. I like this video, it's short, can straight to the point.
Finally someone that I can understand when he speaks !
Underrated comment right here. Google's auto-transcriber does a great job of recognizing his words as well!
Thanks a lot.Very informative to me.👍👏👏💜
Great job!
Thank you so much for it!!!
Excellent vid!
You are awesome ! 👍
very good tutorial
That lsof -i many thanks!
For that last part, as a sysadmin I've ran into the issue numerous times where a process is holding on to a file and space isn't freed up after it's deleted. In that case you can do 'lsof | grep deleted' to see files that have been deleted from the system, but still have processes holding on to them.
very nice! keep make video like this )))
thank you for this video
good guide thank you!
great tool!
Very cool. Also very funny )
Nice job =)
I love ur Vids!
Greetings from germany
I was just in Hamburg for CCC last year! Had an amazing time. Cheers!
thanks mate!
thank you sir!
Thanks for the video! You should have escaped the dot symbol when grepping for used .so files like “\.so$” for dot not to be treated like “any one symbol”, anchor to the end of line with “$” thus eliminating “sockets” from grep results
Thank you for sharing this!!! I hope this will finally help me why my MacOS Catalina blocks my external disks from ejecting. With Catalina, this has become a nightmare. Lot’s of greetings, Dennis 🇳🇱
Cool !
Thanks 👍
nice video
I've used this only a few times, but when you need it you really need it. (Of course, in Windows, you have a download a tool for this, from SysInternals I think.)
Do you have any plans to make a video about system logs? I absolutely love your channel btw :D
Yes! A video about system logging is definitely on my to-do list, thanks for reminding me.
Thank you! I bought the Linux Administration book you recommended me, have an interview tomorrow for a junior sys admin type of job. Your channel has been extremely helpful :)
I don't get the "where's the binary" part, grepping for "bin" seems to only work in the example because the string is part of the path to nginx (in sbin). So for the purpose of tracking a running proces to some binary somewhere on the filesystem this seems like a weak approach. Am I missing something?
I must have mis-spoken, sorry about that. I think I was just grepping for a likely binary location to cut down on visual clutter. To reliably find the binary, just look at the 'txt' file descriptor at the beginning of the lsof output for a process. E.g.:
chromium 1099 dave txt REG 254,1 145133272 2105736 /usr/lib/chromium/chromium
The 'txt' line refers to 'program code' i.e. the started executable. Shared objects and data files that are memory-mapped by your process show up under the 'mem' heading on Linux, so checking the path opened by the 'txt' file handle is reliable.
yes, makes a lot more sense that way, good job on the video otherwise!
Dope dog
I know this video is old but I need an explanation; I'm playing around testing these commands on a CentOS machine and when I run lsof /var/log/gitlab/production.log (which is a log file Gitlab writes to) I can see that the COMMAND writting to this file is called "bundle", and the PID is for example 3210. When I run "ps 3210" to take a closer look at the PID, I see that the COMMAND in this output is instead "puma", which makes sense because that's the web server that runs on Gitlab.
Why am I getting two different values on the "COMMAND" column of these two commands with the same PID? Are they referring to different things?
Hey Dave! You're make awesome videos, thank you!
Can I get your terminal colors? like it very much :3
In the environment I film on, it's just a standard Gnome terminal running zsh with oh-my-zsh installed. Enjoy!
tutoriaLinux Excellent! thanks c:
Can you explain how to troubleshoot and fix the linux server load(both php fpm and mysql)?
I used this command to find processes connecting to a port. This is the reverse of the usual query of finding what process is listening on a port.
If I lsof by a PID, is there a way to know which of the open files is creating a memory drain?
how long have you been working as a linux sysadmin/engineer ?
Hi , what do you mean by open file here ???
Hey buddy, I'm just wondering if finding ghost files using | grep -i deleted , is the best option?
To show first, second, and ninth column from lsof. ie, Command, PID, Name
lsof |tr -s '[:blank:]' ';'|cut -d ';' -f 1,2,9|sed 's/;/ /g'
I won't remember that but I can put an alias in bash_aliases.
is this an application i have to download? I'm completely new to this so forgive me. I'm trying figure out why finder on my mac is generating random folders in my documents tabs.
Somehow our system was in bad shape (maybe because we allocated huge pages without a restart?) and lsof was hanging along with ps -e, w etc. It might be Oracle bug 26763484. Do you have any clue about it? This is a Oracle Linux box
what colour scheme and font is that?
Question : you are a Linux Rockstar! But why run in vbox? Does Windows capture the video / audio for TH-cam creation?
Yep, a few years back I surveyed the existing video capture/editing solutions on Linux and was horrified. I've stuck with Windows --> VBox --> Linux since then. Smooth sailing (unfortunately).
That user 'Dave'... he's always up to some rather unsavory shit!
Gotta keep an eye on him, he's a devious one.
The COMMAND I see when my PID = 1 is not init, it's systemd ... :-(
you might want to update this video. netstat is not in Arch repos or AUR. a little frustrating.
my bad. i didn't have net-tools installed. i'm going to go to the back of the class now.
No, you're right. Netstat is slowly being replaced by ss. I should make an updated video at some point!
You have a realy nice tutorials for linux but I can't understand peaple who work's a lot at terminal and used windows as main system. In any case I don't have any confrontation about windows ( that's really useful OS at that cases where it needed). Just can't understand it.
what is lsof -a doing?
You can find it in the man page! The -a option "causes list selection options to be ANDed, as described above." This essentially means that your selection options constrain the result set, as opposed to widening it. If you have a list that contains "foo" and "bar," this means it will match only when "foo" AND "bar" are present, as opposed to when either one is present.
DE: i3wm
Install it with:
'pkexec apt-get install i3 -y'
thanks im trying to build a talking robot friend im goint to name him george :)
Wow your comment is not old
Why I feel that you are showing this tutorial on edx installation. Ignore it if it is not relevant.
What? I'm not sure I understand what you're saying.
You told wrong brother....standard output file descriptor value is 1, standard error file descriptor value is 2 and standard input file descriptor value is 0. You told value of output wrong bro..thanks
Woah! Nice catch. Stdin is 0, stdout is 1, stderr is 2. Whew!