8 Basic lsof Commands Every Sysadmin Needs to Know
Вставка
- Опубліковано 3 жов 2016
- lsof basics - list open files on Linux and Unix (expand for timestamps and details).
In this video I introduce the 'lsof' command, found on Linux and Unix systems. I'll show you some practical examples and teach you how to explore what's happening with the filesytem in a system or process.
1:00 Which files are open?
lsof
2:56 Which processes have this file open?
lsof /var/log/nginx-error.log
4:49 Which files does process X have open?
lsof -p 1
lsof -p `pgrep ABC`
7:08 Where is the binary for this process?
lsof -p ABC | grep bin
7:44 Which shared libraries is this program using? (manually upgrading software, i.e. openssl)
lsof -p PID | grep .so
8:03 Where is this thing logging to?
lsof -p ABC | grep log
8:40 Which processes still have this old library open?
lsof grep libname.so
9:45 Which files does user XYZ have open?
lsof -u XYZ
lsof -u XYZ -i # network only
10:25 Which process is listening on Port X (or using Protocol Y)?
lsof -i :80
lsof -i tcp
11:21 Super lsof Story Time!
14:03 Exercises
My step-by-step project-based Linux course for beginners: www.udemy.com/course/hands-on...
Free Linux Sysadmin Course Playlist: • The Linux Basics Cours...
DigitalOcean referral link: m.do.co/c/0380a1db56a6
Patreon: / tutorialinux
Official Site & e-mail list: tutorialinux.com/
Twitter: / tutorialinux
Facebook: / tutorialinux
Podcast: kernelpanicpodcast.com - Наука та технологія
I am a Doctor. I just opened this series out of curiosity and I am hooked and this is 40ish video or something
This is really so cool. I've been looking around for a "Linux guy" on youtube for a while. Love the way you do things (length of vids, speed you go at, the things you cover etc.).
Please keep going!
You rock bro. I study Linux over at Linux Academy, but when I'm not watching actual course videos, this is exactly what I need! I love your casual, humorous, but informative style. More videos please!
What's in that naughty_sites.txt file, Dave?
@@AUBCodeII lol after four years... NGL I don't even remember any details from this video, so whatever reference you're making is going a bit over my head
@@BackWoodsWisco 10:20
@@AUBCodeII lmao nice 😆
How did I not take the time to learn this sooner..... Thanks!
I've taught for a long time, i've done sys-admin stuff for a long time. I appreciate your style. Thank you for bringing this into the world, it has been very helpful for me. You are a good teacher.
Thanks Dave. I just tuned in the command line recently. I have been watching your first few basics vids as well and will continue with that. This is extremely helpful. Grtz from A'dam.!
10:20 - LOL Nice touch! Good humor on such a serious video, while still educating people. :)
Dave - Excellent piece! Keep up the good work. God bless you.
Thanks for your sharing. Not only for sysadm, this is also useful for socket and system program developer.
Thank you for taking the time to make this video. It has helped me a great bit on learning Linux
I first learned about lsof from the How Linux Works book. But the author didn't go into much detail & I didn't see much need for learning the command any further. I saw this vid on your channel and decided to give lsof another chance. Boy am I glad I watched this. Like you said, there are other ways to do some of these things, but it's nice to have knowledge of this swiss army knife tool. Thanks! You have a new subscriber.
Amazing, practical stuff. Thanks man.
Loved the way you explained , beautiful way of teaching.... Keep making such basic vdo's
This is so powerful and super useful thing to know. Thanks for what you are doing, you're the best!
I liked that “sometimes wonderful, sometimes terrible” comment about UNIX-like systems using the “file” metaphor / construct for everything. 😂
Just subbed. Amazing channel man. Keep up the great work.
In solaris I can do lsof -p and it will list all open ports. I like this video, it's short, can straight to the point.
Another great Linux vid. I know enough Linux to be dangerous, but trying to up my game a bit and your videos have been super helpful. Earned a sub for sure. Thanks
you wonderful guy , you making the things easier. and I love the way you explains, thanks a lot
Finally someone that I can understand when he speaks !
Underrated comment right here. Google's auto-transcriber does a great job of recognizing his words as well!
Very concise and insightful.
Those tips were awesome. Thank you for sharing them.
Very helpful, thanks Dave!
we are thirsty for good vids like this. keep it up.
Your videos are great.
Learning quite a lot.
Cool Video - Thank you ! A lot of cmds i know but not all for example "lsof"
Great tips, great tutorial. Thumbs up!
clear and straight to the point. thanks c:
Absolutely amazing. Thank you man 👍
Great video my dude!
Thanks a lot.Very informative to me.👍👏👏💜
For that last part, as a sysadmin I've ran into the issue numerous times where a process is holding on to a file and space isn't freed up after it's deleted. In that case you can do 'lsof | grep deleted' to see files that have been deleted from the system, but still have processes holding on to them.
Excellent vid!
Thank you so much for it!!!
very good tutorial
Great job!
You are awesome ! 👍
good guide thank you!
That lsof -i many thanks!
very nice! keep make video like this )))
thank you for this video
Thanks for the video! You should have escaped the dot symbol when grepping for used .so files like “\.so$” for dot not to be treated like “any one symbol”, anchor to the end of line with “$” thus eliminating “sockets” from grep results
I love ur Vids!
Greetings from germany
I was just in Hamburg for CCC last year! Had an amazing time. Cheers!
great tool!
Thank you for sharing this!!! I hope this will finally help me why my MacOS Catalina blocks my external disks from ejecting. With Catalina, this has become a nightmare. Lot’s of greetings, Dennis 🇳🇱
thank you sir!
Thanks 👍
Nice job =)
thanks mate!
Very cool. Also very funny )
I've used this only a few times, but when you need it you really need it. (Of course, in Windows, you have a download a tool for this, from SysInternals I think.)
Cool !
nice video
Do you have any plans to make a video about system logs? I absolutely love your channel btw :D
Yes! A video about system logging is definitely on my to-do list, thanks for reminding me.
Thank you! I bought the Linux Administration book you recommended me, have an interview tomorrow for a junior sys admin type of job. Your channel has been extremely helpful :)
Hey Dave! You're make awesome videos, thank you!
Can I get your terminal colors? like it very much :3
In the environment I film on, it's just a standard Gnome terminal running zsh with oh-my-zsh installed. Enjoy!
tutoriaLinux Excellent! thanks c:
I know this video is old but I need an explanation; I'm playing around testing these commands on a CentOS machine and when I run lsof /var/log/gitlab/production.log (which is a log file Gitlab writes to) I can see that the COMMAND writting to this file is called "bundle", and the PID is for example 3210. When I run "ps 3210" to take a closer look at the PID, I see that the COMMAND in this output is instead "puma", which makes sense because that's the web server that runs on Gitlab.
Why am I getting two different values on the "COMMAND" column of these two commands with the same PID? Are they referring to different things?
Can you explain how to troubleshoot and fix the linux server load(both php fpm and mysql)?
I don't get the "where's the binary" part, grepping for "bin" seems to only work in the example because the string is part of the path to nginx (in sbin). So for the purpose of tracking a running proces to some binary somewhere on the filesystem this seems like a weak approach. Am I missing something?
I must have mis-spoken, sorry about that. I think I was just grepping for a likely binary location to cut down on visual clutter. To reliably find the binary, just look at the 'txt' file descriptor at the beginning of the lsof output for a process. E.g.:
chromium 1099 dave txt REG 254,1 145133272 2105736 /usr/lib/chromium/chromium
The 'txt' line refers to 'program code' i.e. the started executable. Shared objects and data files that are memory-mapped by your process show up under the 'mem' heading on Linux, so checking the path opened by the 'txt' file handle is reliable.
yes, makes a lot more sense that way, good job on the video otherwise!
If I lsof by a PID, is there a way to know which of the open files is creating a memory drain?
is this an application i have to download? I'm completely new to this so forgive me. I'm trying figure out why finder on my mac is generating random folders in my documents tabs.
To show first, second, and ninth column from lsof. ie, Command, PID, Name
lsof |tr -s '[:blank:]' ';'|cut -d ';' -f 1,2,9|sed 's/;/ /g'
I won't remember that but I can put an alias in bash_aliases.
I used this command to find processes connecting to a port. This is the reverse of the usual query of finding what process is listening on a port.
Hey buddy, I'm just wondering if finding ghost files using | grep -i deleted , is the best option?
Dope dog
how long have you been working as a linux sysadmin/engineer ?
Hi , what do you mean by open file here ???
Somehow our system was in bad shape (maybe because we allocated huge pages without a restart?) and lsof was hanging along with ps -e, w etc. It might be Oracle bug 26763484. Do you have any clue about it? This is a Oracle Linux box
what colour scheme and font is that?
Question : you are a Linux Rockstar! But why run in vbox? Does Windows capture the video / audio for UA-cam creation?
Yep, a few years back I surveyed the existing video capture/editing solutions on Linux and was horrified. I've stuck with Windows --> VBox --> Linux since then. Smooth sailing (unfortunately).
The COMMAND I see when my PID = 1 is not init, it's systemd ... :-(
That user 'Dave'... he's always up to some rather unsavory shit!
Gotta keep an eye on him, he's a devious one.
you might want to update this video. netstat is not in Arch repos or AUR. a little frustrating.
my bad. i didn't have net-tools installed. i'm going to go to the back of the class now.
No, you're right. Netstat is slowly being replaced by ss. I should make an updated video at some point!
You have a realy nice tutorials for linux but I can't understand peaple who work's a lot at terminal and used windows as main system. In any case I don't have any confrontation about windows ( that's really useful OS at that cases where it needed). Just can't understand it.
what is lsof -a doing?
You can find it in the man page! The -a option "causes list selection options to be ANDed, as described above." This essentially means that your selection options constrain the result set, as opposed to widening it. If you have a list that contains "foo" and "bar," this means it will match only when "foo" AND "bar" are present, as opposed to when either one is present.
DE: i3wm
Install it with:
'pkexec apt-get install i3 -y'
Why I feel that you are showing this tutorial on edx installation. Ignore it if it is not relevant.
What? I'm not sure I understand what you're saying.
You told wrong brother....standard output file descriptor value is 1, standard error file descriptor value is 2 and standard input file descriptor value is 0. You told value of output wrong bro..thanks
Woah! Nice catch. Stdin is 0, stdout is 1, stderr is 2. Whew!
thanks im trying to build a talking robot friend im goint to name him george :)
Wow your comment is not old