🧰 Unix (Ubuntu/Debian) Troubleshooting Commands

📘 Overview

This wiki provides a detailed reference for Ubuntu/Debian system troubleshooting.
It covers system health, processes, networking, performance, logs, and common service troubleshooting (SSH, Nginx, Apache, MySQL, etc.).

🔹 1. Basic System Health

Command	Description
`uname -a`	Displays kernel version and architecture.
`lsb_release -a`	Shows distribution details.
`hostnamectl`	Displays system hostname and OS metadata.
`uptime`	Shows how long the system has been running.
`top` / `htop`	Interactive process and CPU/memory usage view.
`free -h`	Displays memory and swap usage.
`vmstat 5`	Monitors system performance at 5s intervals.
`df -h`	Displays disk space usage.
`du -sh *`	Shows directory sizes in current path.
`iostat -xz 1`	Shows CPU and I/O usage statistics.
`dmesg	tail -20`

Tips

Monitor uptime and load average for spikes.
Watch for I/O wait in iostat.
Use journalctl -p err -b to quickly see errors since last boot.

🔹 2. User & Access Management

Command	Description
`who` / `w`	Shows logged-in users and sessions.
`last`	Displays recent login history.
`id <user>`	Displays UID, GID, and groups for a user.
`sudo -l -U <user>`	Lists allowed sudo privileges.
`cat /etc/passwd`	Lists all users on the system.
`grep <user> /etc/shadow`	Checks for password hash entries.
`sudo visudo`	Safely edits sudoers configuration.
`sudo adduser <username>`	Add a new user.
`sudo passwd <username>`	Change user password.
`sudo usermod -aG sudo <username>`	Add user to sudo group.
`sudo deluser <username>`	Delete a user (add --remove-home to delete home directory).

Troubleshooting SSH Access

Check /var/log/auth.log for login failures.

Validate SSH keys and permissions:

ls -ld ~/.ssh && ls -l ~/.ssh/authorized_keys

Ensure correct file permissions: .ssh = 700, authorized_keys = 600.

🔹 3. Process & Service Management

Command	Description
`ps aux --sort=-%cpu`	Lists top CPU-consuming processes.
`ps -ef	grep `
`systemctl status <service>`	Checks service status.
`systemctl start/stop/restart <service>`	Controls service state.
`systemctl enable/disable <service>`	Enables or disables service at boot.
`journalctl -u <service>`	Displays logs for a specific service.
`kill -9 <pid>`	Terminates a process by PID.
`pkill <process>`	Kills all matching process names.
`nice/renice`	Adjusts process priority.

Tips

Use top or htop to monitor CPU/memory spikes in real time.
Use journalctl -xe for detailed service failure logs.
If systemctl fails silently, check /run/systemd/system/ for service overrides.

🔹 4. Network Troubleshooting

Command	Description
`ip a`	Displays all interfaces and assigned IPs.
`ip link`	Shows network interface state.
`ip route`	Displays routing table.
`nmcli device status`	Displays NetworkManager connection state.
`ping <ip>`	Tests reachability.
`traceroute <ip>`	Shows path to destination.
`ss -tuln`	Lists open ports and listening services.
`netstat -rn`	Displays routing table.
`dig <domain>`	DNS lookup test.
`nslookup <domain>`	DNS query.
`curl -I http://<host>`	Checks web response headers.

Troubleshooting Steps

Verify link state using ip link or ethtool <iface>.
Check routes and gateways using ip route.
Review firewall rules (sudo ufw status verbose).
Use tcpdump -i <iface> host <ip> to verify packet flow.

🔹 5. Disk & Filesystem Management

Command	Description
`lsblk`	Lists block devices and mount points.
`df -hT`	Displays filesystem types and usage.
`sudo fdisk -l`	Lists partitions.
`mount` / `umount`	Mounts or unmounts devices.
`cat /etc/fstab`	Displays persistent mount configuration.
`sudo fsck -f /dev/sdX`	Checks and repairs filesystem.
`sudo lsof +D <directory>`	Lists open files in a directory.
`sudo du -sh /*`	Checks which directory consumes most disk.
`iostat -xz 1`	Monitors disk I/O performance.
`truncate -s 0 filename`	clear (empty) the contents of a file.

Disk Full Troubleshooting

sudo du -h /var | sort -h | tail -20
sudo find /var/log -type f -size +100M
find /path/to/dir -type f -exec du -h {} + | sort -rh | head -20

🔹 6. Memory & Performance Analysis

Command	Description
`free -m`	Shows memory and swap summary.
`vmstat 5`	Monitors CPU and memory statistics.
`top` / `htop`	Real-time performance view.
`sar -r 5 5`	Collects memory utilization history.
`ps aux --sort=-%mem	head`

Tips

Check swap usage under heavy load (swapon --show).
Reduce memory leaks by restarting misbehaving services.
Persistent high wa (I/O wait) in vmstat indicates disk bottleneck.

🔹 7. Logs & Monitoring

Log File	Path	Description
System Log	`/var/log/syslog`	General system messages.
Kernel Log	`/var/log/kern.log`	Kernel messages and driver logs.
Authentication	`/var/log/auth.log`	Login, SSH, and sudo activity.
Daemon Logs	`/var/log/daemon.log`	Background service logs.
Boot Log	`/var/log/boot.log`	Boot-time messages.
Journalctl	`journalctl -xe`	Systemd journal with details.

Useful Commands

journalctl -p err -b
journalctl --since "1 hour ago"
journalctl -u ssh
tail -f /var/log/syslog

Tip: Configure logrotate for /var/log/ to prevent disk overuse.

🔹 8. Security & Firewall

Command	Description
`sudo ufw status verbose`	Checks UFW firewall state.
`sudo ufw enable/disable`	Turns firewall on or off.
`sudo ufw allow <port>`	Opens port for specific service.
`sudo iptables -L -v -n`	Lists raw firewall rules.
`sudo fail2ban-client status`	Shows Fail2Ban jail status.

Security Checks

Verify SSH access in /etc/ssh/sshd_config.
Review /etc/sudoers for privilege escalation risks.
Inspect /var/log/auth.log for failed attempts.

🔹 9. Package & Patch Management

Command	Description
`sudo apt update`	Refreshes package lists.
`sudo apt upgrade`	Installs available updates.
`sudo apt install <pkg>`	Installs a package.
`sudo apt remove <pkg>`	Removes a package.
`sudo dpkg -l	grep `
`apt-cache show <pkg>`	Displays package details.

Troubleshooting Broken Packages

sudo apt --fix-broken install
sudo dpkg --configure -a

🔹 10. Common Service Troubleshooting

🟦 SSH

Command	Description
`systemctl status ssh`	Checks SSH service status.
`sudo tail -f /var/log/auth.log`	Monitors SSH login attempts.
`sudo netstat -tuln	grep 22`
`sudo sshd -t`	Tests SSH config syntax.

Issues

Permission denied → Check ownership of ~/.ssh/authorized_keys.
Connection refused → Ensure sshd running and port 22 open.

🟩 Nginx

Command	Description
`sudo systemctl status nginx`	Verifies Nginx service status.
`sudo nginx -t`	Tests Nginx configuration syntax.
`sudo tail -f /var/log/nginx/error.log`	Checks runtime errors.
`sudo lsof -i :80`	Verifies if port 80 is in use.

Troubleshooting

502/504 → Check upstream service health.
Port conflict → Verify Apache not bound to port 80.

🟨 Apache2

Command	Description
`sudo systemctl status apache2`	Checks Apache service status.
`sudo apachectl configtest`	Tests Apache configuration syntax.
`sudo tail -f /var/log/apache2/error.log`	Monitors errors.
`sudo lsof -i :80`	Checks if Apache is listening on port 80.

Common Fixes

Permissions errors → Check /var/www ownership.
403 Forbidden → Review site config and .htaccess.

🟥 MySQL / MariaDB

Command	Description
`sudo systemctl status mysql`	Checks database service status.
`mysql -u root -p`	Opens MySQL shell.
`sudo tail -f /var/log/mysql/error.log`	Monitors database errors.
`sudo netstat -tuln	grep 3306`
`sudo mysqladmin -u root -p processlist`	Checks active DB connections.

Tips

“Can't connect to MySQL” → Check socket and bind-address.
“Too many connections” → Increase max_connections in my.cnf.

🔹 11. File, Folder, and Permission Management

Command	Description
`pwd`	Prints the current working directory.
`ls -l`	Lists files with permissions, owner, and size.
`ls -lh`	Lists files with human-readable sizes.
`cd <directory>`	Changes to a specific directory.
`mkdir <folder>`	Creates a new folder.
`mkdir -p /path/to/folder`	Creates nested folders if not existing.
`touch <file>`	Creates an empty file.
`cp <source> <destination>`	Copies files or directories (`-r` for recursive).
`mv <old> <new>`	Moves or renames files.
`rm <file>`	Deletes a file.
`rm -rf <directory>`	Force deletes directory recursively (use with caution).
`cat <file>`	Displays file content.
`less <file>`	Opens file for scrollable view.
`head -n 20 <file>`	Displays first 20 lines of a file.
`tail -f <file>`	Follows file updates in real-time (useful for logs).
`nano <file>`	Opens file in Nano text editor.
`vim <file>`	Opens file in Vim editor.
`chmod 755 <file>`	Changes file permission (owner can read/write/execute).
`chmod -R 644 <folder>`	Applies permission recursively.
`chown user:group <file>`	Changes file ownership.
`chown -R user:group <folder>`	Changes ownership recursively.
`stat <file>`	Displays file details (permissions, owner, timestamps).

Quick Permission Reference

Numeric	Meaning	Permission Breakdown
700	Owner full control	rwx------
755	Owner full + others read/execute	rwxr-xr-x
644	Owner read/write, others read	rw-r--r--
600	Owner read/write only	rw-------

Tips

Use sudo when editing or creating system files.
Use chmod +x <file> to make scripts executable.
Backup critical configuration files before editing.
Prefer nano for simple edits; vim for advanced usage.

🔹 12. Backup & Restore

Command	Description
`rsync -avz /source /backup`	Syncs directories.
`scp file user@host:/path`	Secure file transfer.
`tar -czvf backup.tar.gz /dir`	Creates compressed archive.
`tar -xzvf backup.tar.gz -C /restore`	Extracts backup.

⚙️ 12. Common Troubleshooting Scenarios

🟩 Scenario 1 – High CPU Usage

top → Identify culprit process.
pidstat -p <pid> 1 → Check CPU usage by PID.
Restart or renice if needed.

🟨 Scenario 2 – Disk Full

df -h → Identify partition.
du -sh /var/* | sort -h → Find largest folders.
Truncate large logs or move archives.

🟦 Scenario 3 – Service Fails to Start

systemctl status <service>
journalctl -u <service>
sudo systemctl daemon-reexec and retry.

🟧 Scenario 4 – Network Unreachable

ip a / ping <gateway>
sudo ufw status
sudo systemctl restart NetworkManager

🟥 Scenario 5 – SSH Denied

Review /var/log/auth.log.
Check permissions on ~/.ssh.
Confirm user shell and access rights.

📘 UNIX

🧰 Unix (Ubuntu/Debian) Troubleshooting Commands

📘 Overview

🔹 1. Basic System Health

🔹 2. User & Access Management

🔹 3. Process & Service Management

🔹 4. Network Troubleshooting

🔹 5. Disk & Filesystem Management

🔹 6. Memory & Performance Analysis

🔹 7. Logs & Monitoring

🔹 8. Security & Firewall

🔹 9. Package & Patch Management

🔹 10. Common Service Troubleshooting

🟦 SSH

🟩 Nginx

🟨 Apache2

🟥 MySQL / MariaDB

🔹 11. File, Folder, and Permission Management

🔹 12. Backup & Restore

⚙️ 12. Common Troubleshooting Scenarios

🟩 Scenario 1 – High CPU Usage

🟨 Scenario 2 – Disk Full

🟦 Scenario 3 – Service Fails to Start

🟧 Scenario 4 – Network Unreachable

🟥 Scenario 5 – SSH Denied

📦 13. References