User Management

Memory Management

Disk and Filesystem Management

  • procfs (proc filesystem)
    • a special filesystem in Unix-like operating systems that presents information about processes and other system information in a hierarchical file-like structure, providing a more convenient and standardized method for dynamically accessing process data held in the kernel than traditional tracing methods or direct access to kernel memory
    • CentOS / /proc/sys/ : provides information about the system and allows the system administrator to immediately enable and disable kernel features.
file/directory description remarks
  • tmpfs
    • a common name for a temporary file storage facility on many Unix-like operating systems


command description remarks
mount mount a filesystem
tune2fs adjust tunable filesystem parameters on ext2/ext3/ext4 filesystems
dumpe2fs dump ext2/ext3/ext4 filesystem information

Ext4 Filesystem

Service Management




  • systemctl : Control the systemd system and service manager
command description remarks
systemctl list-unit-files List unit files installed on the system, in combination with their enablement state
systemctl enable Enable one or more units or unit instances
systemctl disable Disables one or more units
systemctl list-units List units that systemd currently has in memory
systemctl start Start (activate) one or more units specified on the command line
systemctl stop Stop (deactivate) one or more units specified on the command line
systemctl restart Stop and then start one or more units specified on the command line


Process Management

Network Management

Monitoring & Diagnosis




Disk IO




When bash is invoked as an interactive login shell, or as a non-interactive shell with the --login option, it first reads and executes commands from the file /etc/profile, if that file exists. After reading that file, it looks for ~/.bash_profile, ~/.bash_login, and ~/.profile, in that order, and reads and executes commands from the first one that exists and is readable. The --noprofile option may be used when the shell is started to inhibit this behavior.

When a login shell exits, bash reads and executes commands from the files ~/.bash_logout and /etc/bash.bash_logout, if the files exists.

When an interactive shell that is not a login shell is started, bash reads and executes commands from ~/.bashrc, if that file exists. This may be inhibited by using the --norc option. The --rcfile file option will force bash to read and execute commands from file instead of ~/.bashrc.

Bash programming general

Shell expansions

Parameter Meaning Remarks
$@ expands to the positional parameters, starting from one When the expansion occurs within double quotes, each parameter expands to a separate word. That is, "$@" is equivalent to "$1" "$2" ….
$# expands to the number of positional parameters in decimal
$? expands to the exit status of the most recently executed foreground pipeline.
!$ designates the last argument of the preceding command.

Operators and expressions





find ... > found.txt              # write down only output
find ... > out_and_err.txt 2>&1   # write down both output and error
find ... 2> /dev/null             # hide only error
find ... > /dev/null 2>&1         # hide both output and error

If statement

For statement







Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of shared libraries that enable the local system administrator to choose how applications authenticate users.



command description remarks
sestatus SELinux status tool
setenforce modify the mode SELinux is running in
seinfo allows the user to query the components of a SELinux policy e.g.) seinfo -t, seinfo -r, seinfo -u -x
semanage SELinux Policy Management tool semanage boolean, semanage user, semanage login, semanage module, semanage port, semanage interface, semanage node, semanage fcontext
matchpathcon get the default SELinux security context for the specified path from the file contexts configuration
restorecon restore file(s) default SELinux security contexts
chcat change file SELinux security category
task command-line remarks
List all permissive types $ sudo semanage permissive -l
List all modules $ sudo semodule -l
List all module binaries of default policy $ ls /usr/share/linux/default
View log file $ sudo tail -f -n 300 /var/log/audit/audit.log
List all SELinux users $ sudo semanage user -l
List all login mappings $ sudo semanage login -l
List all roles $ seinfo -r
List all types $ seinfo -t
List types that are accessible for a role $ seinfo -rdbadm_r -x
List all security categories $ chcat -L

Files and Directories

file/directory description remarks
/etc/selinux/default/contexts/default_contexts used by SELinux-aware applications that need to set a security context for user processes (generally the login applications) default_contexts man page
/etc/selinux/default/contexts/users/ overrides rules in /etc/selinux/default/contexts/default_contexts by user


Define user

user user1_r roles { role1_r role2_r ... } level ...


  • SELinux adds type enforcement to standard Linux. This means that both the standard Linux and enhanced SELinux access controls must be satisfied to access an object. So, for example, if we have SELinux write access to a file but we do not have w permission on the file, we cannot write the file.
  • In general, consider domain, domain type, subject type, and process type to be synonymous.
  • Finally, be aware of the differences between the user ID in standard Linux security and the user identifier in a security context. Technically, these are completely orthogonal identifiers, used separately by the standard and security-enhanced access control mechanisms, respectively. Any relationship between these two is strictly provided via the login process according to conventions not directly enforced by the SELinux policy.
  • Remember that a type_transition rule causes a domain transition to be attempted by default, but it does not allow it.
  • SELinux Users can have multiple roles that they can reach, and then in those roles they can reach multiple types.
  • Three users that you will usually see on the system are "user_u", "system_u" and root. The user_u is the default SELinux User for a logged in user on a system. "system_u" is the default User for processes started during the boot up process.
  • The role field on a file is always object_r, and really has no meaning other than as a place holder.
  • RBAC(Roles Based Access Control) is not really used in targeted policy, but becomes more important in Strict and MLS policy.
  • Most of the policy rules in SELinux revolve around what subject types have what access to which object types.
  • LSM provides a set of hooks in the kernel system call logic. These hooks are usually placed after the standard Linux access checks but before the actual resource is accessed by the kernel on behalf of the caller.
  • In standard Linux, if you have a file descriptor, you can use it regardless of the change in file access mode. In SELinux, for objects such as files where access is validated on all attempts to use (for example, every read system call is checked against the policy and not just open calls), access revocation works fine.
  • Using and applying SELinux is all about writing and understanding policies.
  • SELinux dose not change the Linux DAC implementation nor can it override denials made by the Linux DAC permissions. If regular system (without SELinux) prevents a particular access, there is nothing SELinux can do to override this decision. This is because the LSM hooks are triggered after the regular DAC permission checks have been executed, which is a conscious design decision from the LSM project.
  • There are more than 80 classes and over 200 permissions known to SELinux and policy rules need to take into account all these classes and permissions for each interaction between two objects and resources.
  • SELinux has no notion of Linux process ownership and, once running, does not care how the process is called, witch processID it has, and what account the process runs as.
  • The majority of SELinux policy rules(over 99 percent) consists of rules related to the interaction between two types(without mentioning roles, users or sensitivity levels).
  • Multiple Linux users can be assigned to the same SELinux user.
  • When distributing SELinux policy modules, most Linux distributions place the *.pp SELinux policy modules inside /usr/share/selinux, usually withing a subdirectory named after the policy store.

Targeted Policy

  • Unconfined services executed by init end up running in the unconfined_service_t domain.
  • Unconfined services executed by kernel end up running in the kernel_t domain.
  • Unconfined services executed by unconfined Linux users end up running in the unconfined_t domain.

SELinux Reference Policy

Linux Distributions






Package Repository Remarks
Wireshark stable releases ppa:wireshark-dev/stable
HAProxy 1.8 ppa:vbernat/haproxy-1.8


  • tcp
    • /proc/sys/net/ipv4/

Service Control




Red Hat Enterprise Linux

UNIX Systems


AIX Commands

  • oslevel
    • Reports the latest installed level (technology level, maintenance level and service pack) of the system.
  • lsdev
    • Displays devices in the system and their characteristics.
  • prtconf
    • Displays system configuration information.
  • lparstat
    • Reports logical partition (LPAR) related information and statistics.
  • no
    • Manages network tuning parameters.


Commands, Utilities and Tools


Command Description Readings
find find files POSIX.1-2008/Utilities/find
id return user identity
source read and execute ex commands from file POSIX.1-2008/Utilities/ex/source
. evaluates commands in a computer file in the current execution context
sudo allows users to run programs with the security privileges of another user (normally the superuser, or root)
kill(1) sends the specified signal to the specified process or process group
wc word, line, and byte or character count POSIX.1-2008/Utilities/wc
grep search a file for a pattern POSIX.1-2008/Utilities/grep
tee reads standard input and writes it to both standard output and one or more files, effectively duplicating its input. tee
curl command line tool and library for transferring data with URLs Manual
man page
wget non-interactive download of files from the Web GNU Wget Manual
scp secure remote file copy program













Typical command
Command Syntax Sample Remark
Substitution 's/pattern/replacement/option' sed 's/\r$//g' > README.linux.txt
Append Lines 'address a text-to-append' sed -i '2 a export GOROOT=/usr/lib/go-1.8\nPATH=$PATH:$GOROOT/bin\n' .profile
sed -i '$ a \\nexport GOROOT=/usr/lib/go-1.8\nexport PATH=$PATH:$GOROOT/bin\n' ~/.bashrc
'$' as an address means the last line.
'\n' at the beginning of replacement string need additional leading backslash to form '\\n'.
Change Lines 'address c text-to-change'
Delete Lines 'address d'
Character escape

The only difference between basic and extended regular expressions is in the behavior of a few characters: ‘?’, ‘+’, parentheses, braces (‘{}’), and ‘|’. While basic regular expressions require these to be escaped if you want them to behave as special characters, when using extended regular expressions you must escape them if you want them to match a literal character.












Package Management


command description remarks
apt-file searching files in packages for the APT package management system
apt provides a high-level commandline interface for the package management system. cann't be used inside script file

Monitoring & Diagnosis

Command Description Misc
sysctl examining and changing kernel parameters at runtime
lsof displays information about files open to Unix processes
iostat collect and show operating system storage input and output statistics


Category Option Description Remarks
Simple Process Selection a Lift the BSD-style "only yourself" restriction, which is imposed upon the set of all processes when some BSD-style (without "-") options are used or when the ps personality setting is BSD-like. The set of processes selected in this manner is in addition to the set of processes selected by other means. An alternate description is that this option causes ps to list all processes with a terminal (tty), or to list all processes when used together with the x option.
x Lift the BSD-style "must have a tty" restriction, which is imposed upon the set of all processes when some BSD-style (without "-") options are used or when the ps personality setting is BSD-like. The set of processes selected in this manner is in addition to the set of processes selected by other means. An alternate description is that this option causes ps to list all processes owned by you (same EUID as ps), or to list all processes when used together with the a option.
Output Format Control u Display user-oriented format.
Output Modifires c Show the true command name. This is derived from the name of the executable file, rather than from the argv value. Command arguments and any modifications to them are thus not shown. This option effectively turns the args format keyword into the comm format keyword; it is useful with the -f format option and with the various BSD-style format options, which all normally display the command arguments. See the -f option, the format keyword args, and the format keyword comm.
f ASCII art process hierarchy (forest).
$ ps auxww      #full command line
$ ps auxc       #true command name only, used before calling 'killall -r'
$ ps auxcf      #true command name in hierarchy
# ps auxwwf     #full command line in hierrachy











  • Options
Option Description Remarks
-n Don't convert addresses
-i interface Listen on interface
-A Print each packet (minus its link level header) in ASCII Handy for capturing web pages
-x When parsing and printing, in addition to printing the headers of each packet, print the data of each packet (minus its link level header) in hex





  • ip man page
  • show / manipulate routing, devices, policy routing and tunnels




PAC Manager



TCP Wrapper






Diagnosing and Monitoring Linux

Identifying the product of Linux installed

For Linux, /etc/issues file contains more detailed information on what Linux product it is.

$ cat /etc/issue
Red Hat Enterprise Linux Server release 5.5 (Tikanga)
Kernel \r on an \m

For most of Linux distributions, /etc/*-release file is provided which contains more detailed and systematic information. The file would be lsb-release, os-release, redhat-release or so on as to the Linux distributions.

$ cat /etc/*-release

Identifying kernel version

$ more /proc/version
Linux version 4.4.0-83-generic (buildd@lgw01-29) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.4) ) #106-Ubuntu SMP Mon Jun 26 17:54:43 UTC 2017

Identifying kernel parameters

$ sysctl -a | more

Identifying threads of a specific process

$ ps -T -p 31

Identifying CPU capacity

$ cat /proc/cpuinfo

Identifying the memory capacity and usage

$ cat /proc/meminfo
MemTotal:        3922904 kB
MemFree:         3037280 kB

Listing disks

$ lsblk

Listing filesystems

To list filesystems with capacity and usage, use df

$ df -ahT

To list filesystems with mount options, use mount command

$ mount -l

Identifying the details of a certain filesystem

$ sudo dumpe2fs -h /dev/xvda2

Identifying the filesystem a certain file belongs to

$ df -h /var   #asking what filesystem contains /var directory

Checking disk caching

$ hdparm -W /dev/sda

Identifying disk detail information

$ hdparm -i /dev/sda

Benchmarking disk performance

for i in {1..3}; do
  rm -f /var/tmp/diskperftest.txt && time dd bs=100K count=5000 if=/dev/zero of=/var/tmp/diskperftest.txt conv=notrunc oflag=append,noatime

for i in {1..3}; do
  rm -f /var/tmp/diskperftest.txt && time dd bs=100K count=5000 if=/dev/zero of=/var/tmp/diskperftest.txt conv=fdatasync,notrunc oflag=append,noatime

for i in {1..3}; do
  rm -f /var/tmp/diskperftest.txt && time dd bs=100K count=5000 if=/dev/zero of=/var/tmp/diskperftest.txt conv=notrunc oflag=dsync,append,noatime

for i in {1..3}; do
  rm -f /var/tmp/diskperftest.txt && time dd bs=100K count=5000 if=/dev/zero of=/var/tmp/diskperftest.txt conv=notrunc oflag=direct,append,noatime
Each CONV symbol may be:

  ascii     from EBCDIC to ASCII
  ebcdic    from ASCII to EBCDIC
  ibm       from ASCII to alternate EBCDIC
  block     pad newline-terminated records with spaces to cbs-size
  unblock   replace trailing spaces in cbs-size records with newline
  lcase     change upper case to lower case
  ucase     change lower case to upper case
  sparse    try to seek rather than write the output for NUL input blocks
  swab      swap every pair of input bytes
  sync      pad every input block with NULs to ibs-size; when used
            with block or unblock, pad with spaces rather than NULs
  excl      fail if the output file already exists
  nocreat   do not create the output file
  notrunc   do not truncate the output file
  noerror   continue after read errors
  fdatasync  physically write output file data before finishing
  fsync     likewise, but also write metadata

Each FLAG symbol may be:

  append    append mode (makes sense only for output; conv=notrunc suggested)
  direct    use direct I/O for data
  directory  fail unless a directory
  dsync     use synchronized I/O for data
  sync      likewise, but also for metadata
  fullblock  accumulate full blocks of input (iflag only)
  nonblock  use non-blocking I/O
  noatime   do not update access time
  nocache   Request to drop cache.  See also oflag=sync
  noctty    do not assign controlling terminal from file
  nofollow  do not follow symlinks
  count_bytes  treat 'count=N' as a byte count (iflag only)
  skip_bytes  treat 'skip=N' as a byte count (iflag only)
  seek_bytes  treat 'seek=N' as a byte count (oflag only)

Identifying TCP/IP ports currently in use

You can identify TCP/IP ports currently in use using netstat command. The options of netstat is slightly different among operating systems.


$ netstat -anotu

For Linux,

$ sudo netstat -anoptu

(-a : all sockets, -n : numeric, -o : timers, -p : PID/program, -t : TCP, -u : UDP)

You need root privilege to take effect of -p option To find out whether a given port is being used or not, use grep command.

$ sudo netstat -anoptu | grep -E '(^Proto)|(8080)'

For Windows,

$ netstat -ano

For more about netstat, refer topics in Wikipedia.

Monitoring network traffic by interface card

watch -n 2 netstat -i

Capturing incoming HTTP request using tcpdump

sudo tcpdump -s 0 -A -i eth1 dst port 80


Diagnosing and Monitoring AIX

Identifying System Configuration

Using Common Shell Commands

Identifying the shell of your current login

To identify what shell a user is set to use by default, you can check SHELL variable.

$ echo $SHELL
$ bin/ksh
$ echo $SHELL

As the above example shows, SHELL variable contains the login default shell type not the one currently in use.

Hiding the output of command

To hide both the normal output and error output, redirect stdout and stderr to null device

% npm ls -g json >/dev/null 2>&1
% #or
% npm ls -g y18n &>/dev/null

To hide only the error output, redirect stderr to null device

% npm ls -g json 2>/dev/null

Listing files using find command excluding files with 'Permission denied'

When executing find command in simplest format, you may get lots of lines just saying that 'Permission denied'. Most cases, those are not what you want, and lots of permission denied lines can disturb you identifying the wanted result.

You can use stderr redirection to cut out permission denied files (or directories).

% find / -name '*.jar' 2>/dev/null

Finding files having specified name with full path

If you want to find files with extension of 'jar' and print them with full path, use find command with -exec operator like the following.

% find . -name '*.jar' -exec ls -l {} \;

For more about find command and -exec operator including strange '{}' or '\;' in the above example, refer the followings.

Finding files containing the specified word

% find /home |xargs grep "password"

For more about xargs, refer the followings.

Finding large files

To find large files(not directories) under current directory and list them in pages, use the following command.

% find . -type f -exec du -k {} 2>/dev/null \; | sort -nr | more

To filter out small files, you can use size option with find command, or to filter out some subdirectories you can redirect the result to grep command. The following command will list files whose size are more than 1 mega-byte under current directory recursively except the subdirectories starting with 'svn' in order of their size.

% find . -type f -size +1000000c -exec du -k {} 2>/dev/null \; | sort -nr | grep -E "\./svn.*" -v

Listing all files under a certain directory recursively

Using find command

% find /proc/sys -type f 2>/dev/null | more

Listing distinct file extensions of all files under a directory

% find . -type f -name "*.*" | sed -r 's/^.+(\.\w+)$/\1/' | sort | uniq

Counting files under a directory recurssively

% find . -type f -print | wc -l

Counting files in a tar file

% tar -tvf archive.tar | grep "^-.*" | wc -l

Inverse matching with grep command

To find lines not matching the specified patterns in a file, you can use -v option with grep command.

$ svn list -R http://.../repos1 | grep -v -E '(.*java|.*/)'

You don't need to be bothered to find out how to use complex negative patterns with regex.

Viewing files in octal or hexadecimal format - od

You can view non ascii base files in hexadecimal format using od command.

% od -A d -x journal.log

For more about od, refer the following.

Viewing file contents without line wrapping - less -S

% less -S known_hosts

Viewing the result of ps command without line wrapping

You can redirect the result to cat or less command, or use ww flag.

% ps auxf | cat
% ps auxfww
% ps auxf | less -+S

Viewing file contents without comments lines (starting with #)

% cat /etc/apt/sources.list | grep -P '^[^#].*'

Sorting the file system usage result from the du command

You can sort the output of du command applying pipe to sort command.

% du -m | sort -n

For more about du and sort, read the followings.

Getting multiple files form the target URL using wget command

wget provide --accept or -A switch which can represent multiple files using comma separated list, wild card, or character class. But it's not that -A switch support regular expression.

$ su - hdfs -c "(cd ~; wget -x -P samples/flight/rawdata -A '198[7-9].csv.bz2'"
$ su - hdfs -c "(cd ~; wget -x -P samples/flight/rawdata -A '199[0-9].csv.bz2'"
$ su - hdfs -c "(cd ~; wget -x -P samples/flight/rawdata -A '200[0-8].csv.bz2'"
$ su - hdfs -c "(cd ~; wget -x -P samples/flight/rawdata -A 'airports.csv, carriers.csv, plane-data.csv'"

For more, refer the following

Adding lines to a specific row of a file using sed command

$ sed -i '2 a export GOROOT=/usr/lib/go-1.8' .profile
$ sed -i '3 a export PATH=$PATH:$GOROOT/bin\n' .profile

Repeat command over piped targets using xargs

$ dpkg -l | grep "^rc" | awk '{print $2}' | xargs sudo dpkg --purge

Bash Programming

Directory containing the current script

readonly dir=$(cd `dirname $0` && pwd)

Looping array

For indexed array

fruits=(Apple Banana Kiwi)

for f in ${fruits[@]}; do
  echo $f

For correlated arrays,

fruits=(Apple Banana Kiwi)
colors=(red yellow green)

for (( i=0; i<${#fruits[@]}; i++ )); do
  echo ${fruits[$i]} is ${colors[$i]}

For associate array,

declare -Ar vm_params=( # kernel parameters for virtual memory
  [min_free_kbytes]=262144 #256MB

for param in "${!vm_params[@]}"; do
  echo "Updating 'vm.${param}' to '${vm_params[${param}]}'."
  sudo sysctl -wq vm.${param}=${vm_params[${param}]}

  if [ `grep -E "^\\s*vm.${param}\\s*=\\s*${vm_params[${param}]}.*" /etc/sysctl.conf | wc -l` -ne 1 ]; then
    sudo sed -r -i 's/^\s*(vm\.'"${param}"'.*)/#\1/g' /etc/sysctl.conf
    sudo sh -c "echo 'vm.${param}=${vm_params[${param}]}' >> /etc/sysctl.conf"

Looping arguments

Looping arguments by item,

declare command="curl -sSL ${url_base}/ | bash -s --"

for arg in "$@"; do
  if [ ${arg:0:1} == '-' ]; then
    command=${command}" ${arg}"
    command=${command}" '${arg}'"

Looping arguments by index,

declare -A args
declare arg
for (( i = 1; i <= $#; i++ )); do
  if [ ! ${arg:0:1} == '-' ]; then arg="'${arg}'"; fi
# echo ${args[@]}

2 dimentional array

declare -a m
m[0]='a b c d'
m[1]='e f g h'
m[2]='i j k l'
m[3]='m n o p'
m[4]='q r s t'

for r in "${m[@]}"; do
  echo $r
  for c in $r; do
    echo $c

awk script typical snippet

Use awk to structure target data table from the input source and process each row using while statement assigning each column to its own variable using read.
So typical script flow is awk ... | while read var1 var2 var3; do ...; done like the following real example.

awk -F, '{if (($1 ~ /vm[0-9]*/) && (substr($1, 3, length($1) - 1) + 0 < 97)) print $1 " " $2}' ../../vms.csv | while read vm ip; do

  no=${vm##vm}  # remove left 'vm'
  org_no=$(($(($((no - 1))/org_size)) + 1))
  peer_str="{\"requests\": \"grpcs://${ip}:7051\", \"events\": \"grpcs://${ip}:7053\", \"server-hostname\": \"peer${no}\", \"tls_cacerts\": \"tlsCerts/org${org_no}.com/tlsca${org_no}-cert.pem\"}"

  # Defines paired peer no : (vm1-vm2, vm3-vm4, ...)
  if [ $((no % 2)) -eq 1 ]; then
    no2=$((no + 1))
    no2=$((no - 1))

  # For current peer vm
  sed -i -r 's#@@peer1@@#\"peer1\": '"$peer_str"',#' ./generated/vm${no}/channelConfig.json
  if [ $? -ne 0 ]; then
    echo "Fail to update 'peer1' part of './generated/vm${no}/channelConfig.json' file."
    exit 1
    echo "Successfully updated 'peer1' part of './generated/vm${no}/channelConfig.json' file."

  # For paired peer vm
  sed -i -r 's#@@peer2@@#\"peer2\": '"$peer_str"'#' ./generated/vm${no2}/channelConfig.json
  if [ $? -ne 0 ]; then
    echo "Fail to update 'peer2' part of './generated/vm${no2}/channelConfig.json' file."
    exit 1
    echo "Successfully updated 'peer2' part of './generated/vm${no2}/channelConfig.json' file."

parallel script typical snippet

For local tasks

dirs=('/boot' '/proc' '/sys' '/var' '/sbin');

for dir in ${dirs[@]}; do echo $dir; done | parallel --no-notice --bar --joblog /dev/stdout '
  files=$(sudo find {} -type f 2>/dev/null | wc -l);
  echo {} ":" ${files} "files"

For remote tasks

hosts=('' '' '');

for host in ${hosts[@]}; do echo $host; done | parallel --no-notice --bar --joblog /dev/stdout '
  name=$(ssh -o StrictHostKeyChecking=no paul@{} echo "\`hostname\`");
  echo {} ":" ${name};

Managing Packages


Installing a new software package
  1. Update the package information
  2. Check whether or not the software package is already installed
  3. Search and review the software package to install
  4. Install or upgrade the software package
  5. (Optionally) Confirm all the files installed by the package

Not using apt, which is preferred 'cause apt doesn't support in-script usage well.

$ sudo apt-get update                                 # update package information
$ sudo dpkg -l | awk '{print $2}' | grep golang-1.8   # check previous installation
$ sudo apt-cache --names-only search ^golang | more   # search available packages
$ sudo apt-cache show golang-1.8                      # review the software to install
$ sudo apt-get install golang-1.8                     # install the software
$ sudo apt-file list golang-1.8                       # confirm all the files installed

Using apt

$ sudo apt update                          # update package information
$ sudo apt list *golang-1.8* --installed   # check previous installation
$ sudo apt search ^golang | more           # search available packages
$ sudo apt show golang-1.8                 # review the software to install
$ sudo apt install golang-1.8              # install the software
$ sudo apt-file list golang-1.8            # confirm all the files installed
  • References
    • apt-get
    • apt-cache
    • apt-file : searching files in packages for the APT package management system.
    • apt : provides a high-level commandline interface for the package management system.
Installing a software package specifying version with wildcard
$ sudo apt-get install nodejs=6.10.2*
Listing all installed packages
$ sudo dpkg -l | awk '{print $2}'


$ sudo apt list --installed