My 5 go-to Linux commands for troubleshooting – and how I use them

Much to the chagrin of those who would like to malign the Linux operating system, it’s actually quite easy to use. Thanks to modern GUI desktop environments and applications, anyone can jump into the fray and know what they’re doing.

On the rare occasions when trouble arises, you might want to know a few commands to help you out. The problem is that there are so many commands available within the realm of Linux, which makes it challenging to know which commands are the best options.

Also: The first 5 Linux commands every new user should learn

Sure, you can learn any of the commands that display system information (such as top, free, iostat, htop, vmstat, and iftop), but those tools will only get you so far. What is more valuable is skipping to the command that can really help you if something goes wrong. With that introduction out of the way, let’s get to the commands.

1. dmesg

Back when I first started using Linux, dmesg was my best friend. Essentially, dmesg is used to examine all messages that are created after the bootloader phase of the kernel. In other words, you might find a clue for anything you could possibly troubleshoot right here.

Also: I’m a command-line pro and this is the best terminal app I’ve ever used, thanks to AI

Unlike the dmesg of old, you now have to run the command with sudo privileges, so:

sudo dmesg

This will print quite a bit of output you can scroll through, making it a bit challenging to find what you’re looking for, and much of what you read will most likely seem like gibberish. The good news is that errors print out in red, so you can quickly scroll to find anything that might be wrong.

Also: 5 things to do with the Linux terminal on your Android phone – including my favorite

There’s a way to make this even easier. Let’s say you’re experiencing an error, and you want to see if it is logged via dmesg as it happens. To do that, issue the command:

dmesg -w

This will display the output from dmesg as it happens, so when an error occurs, you’ll see it written in the terminal window and can troubleshoot from there.

2. tail

Speaking of following output, the tail command allows you to follow the output written to any log file. Let’s say you’re having issues with your Samba share and want to see what’s happening in real time. The first thing you would want to do is find out which log file to read. In that case, you could issue the command:

ls /var/log/samba

In that folder you’ll find a number of log files (for the Samba server and any/all machines connected to the share). Let’s say I want to view the content of the Samba daemon log. For that, I would issue the command:

tail -f /var/log/samba/log.smbd

Also: 5 Linux commands for quickly finding the system information you need to know

As the errors happen, they’ll be printed in the terminal. As you can see, I have an unknown parameter in my smb.conf file, named share modes. I can open that file, remove the parameter, restart Samba, and the error is no more.

Remember, to get out of the tail command, you have to use the Ctrl+c keyboard combination.

3. ps

For me, ps is a gateway to other commands. The ps command displays a snapshot of any given current process. You could use ps to list every running process or feed it to grep to list only specific processes.

But what’s it good for?

Also: Two tricks that make using the Linux command line a lot easier

Let’s say you have an application that has crashed and won’t close. You click that little X in the upper-right (or upper-left) corner of the window, but it just won’t go away. The first thing you need to do is find the PID of that process so you can then take care of the problem. That’s where ps comes in handy. But ps by itself isn’t very helpful. Why? If you just run ps, it will only list the processes associated with the terminal you’re using. Instead, you need to use some specific options, which are:

ps aux

• a – all processes
• u – processes owned by the user running ps
• x – prints applications that have not been started from the terminal

Also: How to schedule Linux commands – and when you should

This command prints out a lot of information, all of it in columns. You’ll see several columns, but the ones you’ll want to pay attention to are PID and COMMAND. With the information from those two columns, you can locate the process’s ID causing you problems. Once you’ve found that process, you can then kill it.

Also: 5 Linux commands for managing users

If the output of ps aux is overwhelming, you can pipe that output to grep and list only certain processes. Let’s say LibreOffice is causing you problems. You can list only those processes associated with LibreOffice like this:

ps aux | grep LibreOffice

4. kill

The kill command is very powerful. When you have a stubborn application that has crashed and won’t close (or hasn’t crashed but is consuming too much memory), the kill command will force that application to close.

Also: How I automate basic tasks on Linux with bash scripts – and why you should try it

But to use the kill command, you must first have the PID of the application in question (which you locate with the ps aux command). Let’s say the PID of a wayward LibreOffice application is 604187. To kill that process, the command would be:

kill 604187

The app should close, and you’re good to go.

Also: 5 Linux commands for quickly finding the system information you need to know

5. systemctl

The systemctl command is not only good for starting and stopping applications; it can also help you troubleshoot. Let’s say Samba isn’t working as expected. Issue the command:

systemctl status smbd

The above command will list whether the service is running, its PID, the number of associated tasks, how much memory and CPU it’s using, and the CGroups to which it belongs. Even better, if there are any issues with the process, systemctl will give you the information you need to troubleshoot the problem further (usually with the help of journalctl).

Also: Why I use the Linux tree command daily — and what it can do for you

There you have it. These five commands will serve as a great place to start with your Linux troubleshooting. Yes, there are quite a few more tools that are available, but for those just starting with Linux, you might want to know these commands first.

What is the difference between cd and pwd?

cd stands for “change directory” and allows you to navigate through directories. pwd stands for “print working directory” and displays the current working directory.

How do I list all files in a directory?

Use the command ls.

How do I create a new directory?

Use the command mkdir.

What is the difference between the -d option in mkdir and creating a parent directory separately?

The -d option creates only the top-level directory, whereas creating a parent directory separately ensures that all necessary subdirectories are created as well. If you use the -p option, it will create parent directories as well as the subdirectory.

How do I navigate to a specific file or directory from within another directory?

Use the command cd [directory_name].

What is the purpose of using ../ in navigation?

../ refers to going up one level in the directory hierarchy, whereas ./ (dot/period) refers to staying in the same directory.

How do I create a new file or edit an existing one?

Use the command touch [filename].

What is the purpose of using the -e option with touch?

The -e option allows you to specify an editor to open in place of creating a blank text file.

How do I delete a file or directory?

Use the command rm [filename] to delete a file and rm -rf [directory] to remove both the top-level directory and any child directory or file within.

What is the purpose of using pipes (|) with commands?

Pipes allow you to pass output from one command as input for another command, enabling complex data processing pipelines.

How do I use redirection operators (> and >>)?

Use > to redirect standard output and >> to append new output. Also, use << to read the contents of a file into a variable or pipe.