Tuesday, February 4, 2025
Latest:
linux ftp serverLinux serverNETWORK ADMINISTRATIONS

8 Basic lsof Commands Every Sysadmin Needs to Know

lsof basics – list open files on Linux and Unix (expand for timestamps and details).

In this video I introduce the ‘lsof’ command, found on Linux and Unix systems. I’ll show you some practical examples and teach you how to explore what’s happening with the filesytem in a system or process.

1:00 Which files are open?
lsof

2:56 Which processes have this file open?
lsof /var/log/nginx-error.log

4:49 Which files does process X have open?
lsof -p 1
lsof -p `pgrep ABC`

7:08 Where is the binary for this process?
lsof -p ABC | grep bin

7:44 Which shared libraries is this program using? (manually upgrading software, i.e. openssl)
lsof -p PID | grep .so

8:03 Where is this thing logging to?
lsof -p ABC | grep log

8:40 Which processes still have this old library open?
lsof grep libname.so

9:45 Which files does user XYZ have open?
lsof -u XYZ
lsof -u XYZ -i # network only

10:25 Which process is listening on Port X (or using Protocol Y)?
lsof -i :80
lsof -i tcp

11:21 Super lsof Story Time!

14:03 Exercises

My step-by-step project-based Linux course for beginners: https://www.udemy.com/course/hands-on-linux-self-hosted-wordpress-for-linux-beginners/?referralCode=19C0A7DEE2FD53C9C09D

Free Linux Sysadmin Course Playlist: https://www.youtube.com/playlist?list=PLtK75qxsQaMLZSo7KL-PmiRarU7hrpnwK

DigitalOcean referral link: https://m.do.co/c/0380a1db56a6

Patreon: https://www.patreon.com/tutorialinux
Official Site & e-mail list: https://tutorialinux.com/
Twitter: https://twitter.com/tutorialinux
Facebook: https://www.facebook.com/tutorialinux
Podcast: http://kernelpanicpodcast.com

source

by tutoriaLinux

linux ftp command

You May Also Like

OpenStack – Power, Provision & Console

Confi Email Server and Email Client

How to move your Dedicated Palworld Save onto a Server Host – WITH ALL MAP AND PLAYER DATA

43 thoughts on “8 Basic lsof Commands Every Sysadmin Needs to Know

  • is this an application i have to download? I'm completely new to this so forgive me. I'm trying figure out why finder on my mac is generating random folders in my documents tabs.

  • I am a Doctor. I just opened this series out of curiosity and I am hooked and this is 40ish video or something

  • I liked that “sometimes wonderful, sometimes terrible” comment about UNIX-like systems using the “file” metaphor / construct for everything. 😂

  • I've used this only a few times, but when you need it you really need it. (Of course, in Windows, you have a download a tool for this, from SysInternals I think.)

  • For that last part, as a sysadmin I've ran into the issue numerous times where a process is holding on to a file and space isn't freed up after it's deleted. In that case you can do 'lsof | grep deleted' to see files that have been deleted from the system, but still have processes holding on to them.

  • Thanks for the video! You should have escaped the dot symbol when grepping for used .so files like “.so$” for dot not to be treated like “any one symbol”, anchor to the end of line with “$” thus eliminating “sockets” from grep results

  • I know this video is old but I need an explanation; I'm playing around testing these commands on a CentOS machine and when I run lsof /var/log/gitlab/production.log (which is a log file Gitlab writes to) I can see that the COMMAND writting to this file is called "bundle", and the PID is for example 3210. When I run "ps 3210" to take a closer look at the PID, I see that the COMMAND in this output is instead "puma", which makes sense because that's the web server that runs on Gitlab.

    Why am I getting two different values on the "COMMAND" column of these two commands with the same PID? Are they referring to different things?

  • This is so powerful and super useful thing to know. Thanks for what you are doing, you're the best!

  • Loved the way you explained , beautiful way of teaching…. Keep making such basic vdo's

  • If I lsof by a PID, is there a way to know which of the open files is creating a memory drain?

  • thanks im trying to build a talking robot friend im goint to name him george 🙂

  • Hey buddy, I'm just wondering if finding ghost files using | grep -i deleted , is the best option?

  • Thank you for sharing this!!! I hope this will finally help me why my MacOS Catalina blocks my external disks from ejecting. With Catalina, this has become a nightmare. Lot’s of greetings, Dennis 🇳🇱

  • I used this command to find processes connecting to a port. This is the reverse of the usual query of finding what process is listening on a port.

  • Thank you for taking the time to make this video. It has helped me a great bit on learning Linux

  • You told wrong brother….standard output file descriptor value is 1, standard error file descriptor value is 2 and standard input file descriptor value is 0. You told value of output wrong bro..thanks

  • 10:20 – LOL Nice touch! Good humor on such a serious video, while still educating people. 🙂

  • Absolutely amazing. Thank you man 👍

  • Can you explain how to troubleshoot and fix the linux server load(both php fpm and mysql)?

  • You have a realy nice tutorials for linux but I can't understand peaple who work's a lot at terminal and used windows as main system. In any case I don't have any confrontation about windows ( that's really useful OS at that cases where it needed). Just can't understand it.

  • Another great Linux vid. I know enough Linux to be dangerous, but trying to up my game a bit and your videos have been super helpful. Earned a sub for sure. Thanks

Comments are closed.