What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Universal configuration monitoring and system of record for IT.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:



May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!

Top Tags





Commands using sudo from sorted by
Terminal - Commands using sudo - 435 results
sudo chattr -i <file that cannot be modified>
2010-03-25 03:14:34
User: leovailati
Functions: chattr sudo
Tags: Ubuntu chattr

I had problems in Ubuntu while trying to edit /etc/resolv.conf, even with sudo I couldn't make any change. After a 2 minutes search on google I found this command.

Hope someone finds it useful.

It works like chmod, with + and - to denote which attributes are being added and which are being removed.

See other attributes on man pages or on wikipedia http://en.wikipedia.org/wiki/Chattr

sudo apt-get -o Acquire::http::Dl-Limit=30 upgrade
2010-03-22 01:29:44
User: alemani
Functions: sudo

Limits the usage of bandwidth by apt-get, in the example the command will use 30Kb/s ;)

It should work for most apt-get actions (install, update, upgrade, dist-upgrade, etc.)

awk '/d[a-z]+$/{print $4}' /proc/partitions | xargs -i sudo hdparm -I /dev/{} | grep 'device size with M'
for I in $(awk '/d[a-z]+$/{print $4}' /proc/partitions); do sudo hdparm -I '/dev/'$I; done | grep 'device size with M'
2010-03-02 18:56:32
User: ElAlecs
Functions: awk grep hdparm size sudo
Tags: hdparm

I know this sucks in some way but if someone can improve it please be my guest

sudo truecrypt <truecrypt-file> <mount-point>
2010-02-27 16:25:19
User: kbrill
Functions: sudo

It seems to completely void the benefit of having an encrypted folder if you then have a script on your unencrypted hard drive with your password in it. This command will mount a truecrypt file at a given mount point after asking you for the password.

sudo aptitude update; sudo apt-get -y --print-uris upgrade | egrep -o -e "http://[^\']+" | sudo aria2c -c -d /var/cache/apt/archives -i -; sudo aptitude -y safe-upgrade
2010-02-18 16:02:29
User: freethinker
Functions: egrep sudo

Please install aria2c before you try the above command. On ubuntu the command to install aria2c would be:

sudo aptitude install aria2
sudo sed -iorig '/\(up\|down\)/s/^/#/' /etc/zsh/zshrc
2010-02-02 23:17:08
User: cbrinker
Functions: sed sudo
Tags: Ubuntu vi zsh

Use sed to comment out any up/down bindings in zsh

sudo arp-scan --interface=eth0 -l
2010-01-27 05:36:48
User: alamati
Functions: sudo

replace eth0 with your ethernet or wireless network interface.

sudo netselect -v -s3 $(curl -s http://dns.comcast.net/dns-ip-addresses2.php | egrep -o '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | sort | uniq)
2010-01-27 00:03:44
User: hackerb9
Functions: egrep sort sudo

Comcast is an ISP in the United States that has started hijacking DNS requests as a "service" for its customers. For example, in Firefox, one used to be able to do a quick "I'm Feeling Lucky" Google search by typing a single word into the URL field, assuming the word is not an existing domain when surrounded by www.*.com. Comcast customers never receive the correct NX (non-existent domain) error from DNS. Instead, they are shown a page full of advertising. There is a way to "opt out" from their service, but that requires having the account password and the MAC address of your modem handy. For me, it was easier just to set static DNS servers. But the problem is, which ones to choose? That's what this command answers. It'll show you the three _non-hijacked_ Comcast DNS servers that are the shortest distance away.

Perhaps you don't have Comcast (lucky you!), but hopefully this command can serve as an example of using netselect to find the fastest server from a list. Note that, although this example doesn't show it, netselect will actually perform the uniq and DNS resolution for you.

Requires: netselect, curl, sort, uniq, grep

dpkg -l | grep ^rc | awk '{print $2}' | sudo xargs dpkg -P
sudo nmap -F -O | grep "Running: " > /tmp/os; echo "$(cat /tmp/os | grep Linux | wc -l) Linux device(s)"; echo "$(cat /tmp/os | grep Windows | wc -l) Window(s) devices"
2010-01-10 03:09:56
User: matthewbauer
Functions: echo grep sudo

Shows how many Windows and Linux devices are on your network.

May add support for others, but that's all that are on my network right now.

mkfifo /tmp/fifo; ssh-keygen; ssh-copyid root@remotehostaddress; sudo ssh root@remotehost "tshark -i eth1 -f 'not tcp port 22' -w -" > /tmp/fifo &; sudo wireshark -k -i /tmp/fifo;
sudo ssh -Y remoteuser@remotehost sudo wireshark
2010-01-05 14:35:20
User: Code_Bleu
Functions: ssh sudo

This allows you to display the wireshark program running on remote pc to your local pc.

sudo find /etc/rc{1..5}.d -name S99myservice -type l -exec sh -c 'NEWFN=`echo {} | sed 's/S99/K99/'` ; mv -v {} $NEWFN' \;
2010-01-03 00:56:57
User: zoomgarden
Functions: find mv sed sh sudo

Change run control links from start "S" to stop "K" (kill) for whatever run levels in curly braces for a service called "myservice". NEWFN variable is for the new filename stored in the in-line shell. Use different list of run levels (rc*.d, rc{1,3,5}.d, etc.) and/or swap S with K in the command to change function of run control links.

sudo tcpdump -nnvvXSs 1514 -i lo0 dst port 5432
2009-12-18 17:12:44
User: ethanmiller
Functions: sudo tcpdump

It's certainly not nicely formatted SQL, but you can see the SQL in there...

watch -d 'sudo smartctl -a /dev/sda | grep Load_Cycle_Count ; sudo smartctl -a /dev/sda | grep Temp'
2009-12-15 00:15:24
User: vxbinaca
Functions: grep sudo watch

This command is a great way to check to see if acpi is doing damage to your disks by agressivly parking the read arm and wearing down it's life. As you can see, mine has lost half its life. I'm sure this could be shortened though somehow. It will use smartctl to dump the stats and then grep out just the temperature and load cycles for the disk (a load cycle is when a the read arm comes out of park and wears on the drive).

sudo ls -RFal / | gzip > all_files_list.txt.gz
2009-12-14 21:40:56
User: roryokane
Functions: gzip ls sudo

This command is meant to be used to make a lightweight backup, for when you want to know which files might be missing or changed, but you don't care about their contents (because you have some way to recover them).

Explanation of parts:

"ls -RFal /" lists all files in and below the root directory, along with their permissions and some other metadata.

I think sudo is necessary to allow ls to read the metadata of certain files.

"| gzip" compresses the result, from 177 MB to 16 MB in my case.

"> all_files_list.txt.gz" saves the result to a file in the current directory called all_files_list.txt.gz. This name can be changed, of course.

sudo lsof -P -i -n -sTCP:LISTEN
sudo arp-scan -interface eth0
sudo strace -pXXXX -e trace=file
sudo echo 0 > /sys/block/sdb/queue/rotational
2009-11-27 12:16:17
User: nickleus
Functions: echo sudo

if you still get a permissions error using sudo, then nano the file:

sudo nano -w /sys/block/sdb/queue/rotational

and change 1 to 0

this thread:


says that this will "help the block layer to optimize a few decisions"

sudo mount -t cifs -o credentials=/path/to/credenials //hostname/sharename /mount/point
2009-11-23 23:55:20
User: magma_camel
Functions: mount sudo

mounts a samba share on a remote machine using a credentials file that can be in a file tht is not accessable by other users the file will look like:



best option i belive

sudo mount -t cifs -o user,username="samba username" //$ip_or_host/$sharename /mnt
sudo mount -t cifs //$ip_or_host/$sharename /mnt
2009-11-23 14:24:02
User: sb
Functions: mount sudo

Mount a Windows share. Usually the IP is needed for the $ip_or_host option. Getting hostnames working on a local network never seems to work.

mount | awk '/:/ { print $3 } ' | xargs sudo umount