System/Kernel
$ uname -a ; cat /etc/*release
Linux fanatastic 5.4.0-97-generic #110-Ubuntu SMP Thu Jan 13 18:22:13 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.3 LTS"
NAME="Ubuntu"
VERSION="20.04.3 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.3 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal5.4.0-97-genericx86_64Ubuntu 20.04.3 LTS (Focal Fossa)
Networks
$ ip route ; arp -a
default via 192.168.202.254 dev ens160 proto static
192.168.202.0/24 dev ens160 proto kernel scope link src 192.168.202.181
_gateway (192.168.202.254) at 00:50:56:9e:59:95 [ether] on ens160$ netstat -antup4
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:9090 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN -
tcp 0 1 192.168.202.181:38782 91.189.91.48:443 SYN_SENT -
tcp 0 0 127.0.0.1:9090 127.0.0.1:59972 ESTABLISHED -
tcp 0 612 192.168.202.181:22 192.168.45.198:35440 ESTABLISHED -
tcp 0 0 127.0.0.1:59972 127.0.0.1:9090 ESTABLISHED -
udp 0 0 127.0.0.53:53 0.0.0.0:* - tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
Users & Groups
$ cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-network:x:100:102:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:101:103:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
systemd-timesync:x:102:104:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
messagebus:x:103:106::/nonexistent:/usr/sbin/nologin
syslog:x:104:110::/home/syslog:/usr/sbin/nologin
_apt:x:105:65534::/nonexistent:/usr/sbin/nologin
tss:x:106:111:TPM software stack,,,:/var/lib/tpm:/bin/false
uuidd:x:107:112::/run/uuidd:/usr/sbin/nologin
tcpdump:x:108:113::/nonexistent:/usr/sbin/nologin
landscape:x:109:115::/var/lib/landscape:/usr/sbin/nologin
pollinate:x:110:1::/var/cache/pollinate:/bin/false
sshd:x:111:65534::/run/sshd:/usr/sbin/nologin
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
lxd:x:998:100::/var/snap/lxd/common/lxd:/bin/false
usbmux:x:112:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin
grafana:x:113:117::/usr/share/grafana:/bin/false
prometheus:x:1000:1000::/home/prometheus:/bin/false
sysadmin:x:1001:1001::/home/sysadmin:/bin/sh
total 12K
4.0K drwxr-xr-x 3 sysadmin sysadmin 4.0K Apr 2 14:08 sysadmin
4.0K drwxr-xr-x 3 root root 4.0K Feb 4 2022 .
4.0K drwxr-xr-x 20 root root 4.0K Jan 7 2021 ..prometheus
$ cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon) gid=1(daemon) groups=1(daemon)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=100(systemd-network) gid=102(systemd-network) groups=102(systemd-network)
uid=101(systemd-resolve) gid=103(systemd-resolve) groups=103(systemd-resolve)
uid=102(systemd-timesync) gid=104(systemd-timesync) groups=104(systemd-timesync)
uid=103(messagebus) gid=106(messagebus) groups=106(messagebus)
uid=104(syslog) gid=110(syslog) groups=110(syslog),4(adm),5(tty)
uid=105(_apt) gid=65534(nogroup) groups=65534(nogroup)
uid=106(tss) gid=111(tss) groups=111(tss)
uid=107(uuidd) gid=112(uuidd) groups=112(uuidd)
uid=108(tcpdump) gid=113(tcpdump) groups=113(tcpdump)
uid=109(landscape) gid=115(landscape) groups=115(landscape)
uid=110(pollinate) gid=1(daemon) groups=1(daemon)
uid=111(sshd) gid=65534(nogroup) groups=65534(nogroup)
uid=999(systemd-coredump) gid=999(systemd-coredump) groups=999(systemd-coredump)
uid=998(lxd) gid=100(users) groups=100(users)
uid=112(usbmux) gid=46(plugdev) groups=46(plugdev)
uid=113(grafana) gid=117(grafana) groups=117(grafana)
uid=1000(prometheus) gid=1000(prometheus) groups=1000(prometheus)
uid=1001(sysadmin) gid=1001(sysadmin) groups=1001(sysadmin),6(disk)uid=1000(prometheus) gid=1000(prometheus) groups=1000(prometheus)uid=1001(sysadmin) gid=1001(sysadmin) groups=1001(sysadmin),6(disk)
SUIDs
$ find / -perm -04000 -ls -type f 2>/dev/null | grep -v '/snap'
1365 52 -rwsr-xr-- 1 root messagebus 51344 Jun 11 2020 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
11169 464 -rwsr-xr-x 1 root root 473576 Dec 2 2021 /usr/lib/openssh/ssh-keysign
7429 24 -rwsr-xr-x 1 root root 22840 Jan 12 2022 /usr/lib/policykit-1/polkit-agent-helper-1
1372 16 -rwsr-xr-x 1 root root 14488 Jul 8 2019 /usr/lib/eject/dmcrypt-get-device
1956 84 -rwsr-xr-x 1 root root 85064 Jul 14 2021 /usr/bin/chfn
975 40 -rwsr-xr-x 1 root root 39144 Jul 21 2020 /usr/bin/umount
906 56 -rwsr-xr-x 1 root root 55528 Jul 21 2020 /usr/bin/mount
11395 164 -rwsr-xr-x 1 root root 166056 Jan 19 2021 /usr/bin/sudo
7427 32 -rwsr-xr-x 1 root root 31032 Jan 12 2022 /usr/bin/pkexec
1966 68 -rwsr-xr-x 1 root root 68208 Jul 14 2021 /usr/bin/passwd
7537 44 -rwsr-xr-x 1 root root 44784 Jul 14 2021 /usr/bin/newgrp
7658 68 -rwsr-xr-x 1 root root 67816 Jul 21 2020 /usr/bin/su
667 40 -rwsr-xr-x 1 root root 39144 Mar 7 2020 /usr/bin/fusermount
1962 88 -rwsr-xr-x 1 root root 88464 Jul 14 2021 /usr/bin/gpasswd
488 56 -rwsr-sr-x 1 daemon daemon 55560 Nov 12 2018 /usr/bin/at
1958 52 -rwsr-xr-x 1 root root 53040 Jul 14 2021 /usr/bin/chshSGIDs
$ find / -type f -perm -02000 -ls 2>/dev/null | grep -v '/snap'
2965 44 -rwxr-sr-x 1 root shadow 43160 Sep 17 2021 /usr/sbin/unix_chkpwd
2948 44 -rwxr-sr-x 1 root shadow 43168 Sep 17 2021 /usr/sbin/pam_extrausers_chkpwd
134101 16 -rwxr-sr-x 1 root utmp 14648 Sep 30 2019 /usr/lib/x86_64-linux-gnu/utempter/utempter
2168 344 -rwxr-sr-x 1 root ssh 350504 Dec 2 2021 /usr/bin/ssh-agent
586 44 -rwxr-sr-x 1 root crontab 43720 Feb 13 2020 /usr/bin/crontab
3212 36 -rwxr-sr-x 1 root tty 35048 Jul 21 2020 /usr/bin/wall
1953 84 -rwxr-sr-x 1 root shadow 84512 Jul 14 2021 /usr/bin/chage
488 56 -rwsr-sr-x 1 daemon daemon 55560 Nov 12 2018 /usr/bin/at
1960 32 -rwxr-sr-x 1 root shadow 31312 Jul 14 2021 /usr/bin/expiry
501 16 -rwxr-sr-x 1 root tty 14488 Mar 30 2020 /usr/bin/bsd-writeCapabilities
$ getcap -r / 2>/dev/null
/snap/core20/1328/usr/bin/ping = cap_net_raw+ep
/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-ptp-helper = cap_net_bind_service,cap_net_admin+ep
/usr/bin/traceroute6.iputils = cap_net_raw+ep
/usr/bin/ping = cap_net_raw+ep
/usr/bin/mtr-packet = cap_net_raw+epProcesses
$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 1.1 168664 11408 ? Ss 12:15 0:01 /sbin/init maybe-ubiquity
root 452 0.0 5.0 145496 50756 ? S<s 12:15 0:02 /lib/systemd/systemd-journald
root 482 0.0 0.5 21520 5068 ? Ss 12:15 0:00 /lib/systemd/systemd-udevd
root 619 0.0 1.7 345772 17992 ? SLsl 12:15 0:01 /sbin/multipathd -d -s
root 659 0.0 0.0 2488 592 ? S 12:15 0:00 bpfilter_umh
systemd+ 660 0.0 0.4 90232 4588 ? Ssl 12:15 0:00 /lib/systemd/systemd-timesyncd
root 679 0.0 0.8 47540 8396 ? Ss 12:15 0:00 /usr/bin/VGAuthService
root 680 0.0 0.6 311528 6288 ? Ssl 12:15 0:03 /usr/bin/vmtoolsd
systemd+ 758 0.0 1.0 23900 10840 ? Ss 12:15 0:00 /lib/systemd/systemd-resolved
root 838 0.0 0.5 235564 5440 ? Ssl 12:17 0:00 /usr/lib/accountsservice/accounts-daemon
root 841 0.0 0.2 6812 2272 ? Ss 12:17 0:00 /usr/sbin/cron -f
message+ 842 0.0 0.4 7828 4444 ? Ss 12:17 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
grafana 849 0.2 5.6 1385532 56512 ? Ssl 12:17 0:15 /usr/sbin/grafana-server --config=/etc/grafana/grafana.ini --pidfile=/run/grafana/grafana-server.pid --packaging=deb cfg:default.paths.logs=/var/log/grafana cfg:default.paths.data=/var/lib/grafana cfg:default.paths.plugins=/var/lib/grafana/plugins cfg:default.paths.provisioning=/etc/grafana/provisioning
root 852 0.0 1.1 29012 11812 ? Ss 12:17 0:00 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
prometh+ 853 0.1 6.3 913132 63872 ? Ssl 12:17 0:10 /usr/local/bin/prometheus --config.file /etc/prometheus/prometheus.yml --storage.tsdb.path /var/lib/prometheus/ --web.console.templates=/etc/prometheus/consoles --web.console.libraries=/etc/prometheus/console_libraries
syslog 854 0.0 0.4 224348 4716 ? Ssl 12:17 0:00 /usr/sbin/rsyslogd -n -iNONE
root 857 0.1 3.7 726320 37208 ? Ssl 12:17 0:09 /usr/lib/snapd/snapd
root 859 0.0 0.6 16652 6412 ? Ss 12:17 0:00 /lib/systemd/systemd-logind
root 861 0.0 0.9 392548 9372 ? Ssl 12:17 0:00 /usr/lib/udisks2/udisksd
daemon 864 0.0 0.2 3792 2192 ? Ss 12:17 0:00 /usr/sbin/atd -f
root 874 0.0 0.1 5828 1716 tty1 Ss+ 12:17 0:00 /sbin/agetty -o -p -- \u --noclear tty1 linux
root 904 0.0 0.6 12176 6452 ? Ss 12:17 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root 912 0.0 0.5 232716 5292 ? Ssl 12:17 0:00 /usr/lib/policykit-1/polkitd --no-debug
root 943 0.0 1.4 107908 14272 ? Ssl 12:17 0:00 /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
root 1152 0.0 1.8 456228 18088 ? Ssl 12:17 0:00 /usr/libexec/fwupd/fwupd
root 1161 0.0 0.7 314924 7204 ? Ssl 12:17 0:00 /usr/lib/upower/upowerd
systemd+ 1350 0.0 0.4 18416 4820 ? Ss 12:17 0:00 /lib/systemd/systemd-networkd
root 6420 0.0 0.8 13952 8172 ? Ss 14:08 0:00 sshd: sysadmin [priv]
sysadmin 6434 0.0 0.8 18428 8104 ? Ss 14:08 0:00 /lib/systemd/systemd --user
sysadmin 6435 0.0 0.4 169880 4416 ? S 14:08 0:00 (sd-pam)
root 6436 0.0 0.0 0 0 ? I 14:08 0:00 [kworker/0:2]
sysadmin 6542 0.0 0.5 13952 5628 ? S 14:08 0:00 sshd: sysadmin@pts/0
sysadmin 6544 0.0 0.1 2608 1916 pts/0 Ss 14:08 0:00 -sh
sysadmin 6705 0.0 0.3 9084 3480 pts/0 R+ 14:11 0:00 ps -auxwwwroot 841 0.0 0.2 6812 2272 ? Ss 12:17 0:00 /usr/sbin/cron -fgrafana 849 0.2 5.6 1385532 56512 ? Ssl 12:17 0:15 /usr/sbin/grafana-server --config=/etc/grafana/grafana.ini --pidfile=/run/grafana/grafana-server.pid --packaging=deb cfg:default.paths.logs=/var/log/grafana cfg:default.paths.data=/var/lib/grafana cfg:default.paths.plugins=/var/lib/grafana/plugins cfg:default.paths.provisioning=/etc/grafana/provisioningprometh+ 853 0.1 6.3 913132 63872 ? Ssl 12:17 0:10 /usr/local/bin/prometheus --config.file /etc/prometheus/prometheus.yml --storage.tsdb.path /var/lib/prometheus/ --web.console.templates=/etc/prometheus/consoles --web.console.libraries=/etc/prometheus/console_librariesroot 912 0.0 0.5 232716 5292 ? Ssl 12:17 0:00 /usr/lib/policykit-1/polkitd --no-debug
Cron & Systemd
$ crontab -l ; cat /etc/crontab ; systemctl list-timers
no crontab for sysadmin
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
NEXT LEFT LAST PASSED UNIT ACTIVATES >
Wed 2025-04-02 18:48:08 UTC 4h 35min left Wed 2025-04-02 12:17:50 UTC 1h 54min ago ua-timer.timer ua-timer.service >
Thu 2025-04-03 00:00:00 UTC 9h left Wed 2025-04-02 12:17:48 UTC 1h 54min ago logrotate.timer logrotate.service >
Thu 2025-04-03 00:00:00 UTC 9h left Wed 2025-04-02 12:17:48 UTC 1h 54min ago man-db.timer man-db.service >
Thu 2025-04-03 03:41:22 UTC 13h left Wed 2025-04-02 12:17:48 UTC 1h 54min ago apt-daily.timer apt-daily.service >
Thu 2025-04-03 05:05:14 UTC 14h left Wed 2025-04-02 12:17:48 UTC 1h 54min ago fwupd-refresh.timer fwupd-refresh.service >
Thu 2025-04-03 06:16:09 UTC 16h left Wed 2025-04-02 12:17:48 UTC 1h 54min ago apt-daily-upgrade.timer apt-daily-upgrade.servi>
Thu 2025-04-03 08:57:23 UTC 18h left Wed 2025-04-02 12:17:48 UTC 1h 54min ago motd-news.timer motd-news.service >
Thu 2025-04-03 12:30:54 UTC 22h left Wed 2025-04-02 12:30:54 UTC 1h 41min ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.>
Sun 2025-04-06 03:10:30 UTC 3 days left Wed 2025-04-02 12:17:48 UTC 1h 54min ago e2scrub_all.timer e2scrub_all.service >
Mon 2025-04-07 00:00:00 UTC 4 days left Wed 2025-04-02 12:17:48 UTC 1h 54min ago fstrim.timer fstrim.service >
10 timers listed.
Pass --all to see loaded but inactive timers, too.Services
$ systemctl list-units --state=running
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active running Arbitrary Executable File Formats File System Automount Point
init.scope loaded active running System and Service Manager
session-3.scope loaded active running Session 3 of user sysadmin
accounts-daemon.service loaded active running Accounts Service
atd.service loaded active running Deferred execution scheduler
cron.service loaded active running Regular background program processing daemon
dbus.service loaded active running D-Bus System Message Bus
fwupd.service loaded active running Firmware update daemon
getty@tty1.service loaded active running Getty on tty1
grafana-server.service loaded active running Grafana instance
multipathd.service loaded active running Device-Mapper Multipath Device Controller
networkd-dispatcher.service loaded active running Dispatcher daemon for systemd-networkd
open-vm-tools.service loaded active running Service for virtual machines hosted on VMware
polkit.service loaded active running Authorization Manager
prometheus.service loaded active running Prometheus
rsyslog.service loaded active running System Logging Service
snapd.service loaded active running Snap Daemon
ssh.service loaded active running OpenBSD Secure Shell server
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-networkd.service loaded active running Network Service
systemd-resolved.service loaded active running Network Name Resolution
systemd-timesyncd.service loaded active running Network Time Synchronization
systemd-udevd.service loaded active running udev Kernel Device Manager
udisks2.service loaded active running Disk Manager
unattended-upgrades.service loaded active running Unattended Upgrades Shutdown
upower.service loaded active running Daemon for power management
user@1001.service loaded active running User Manager for UID 1001
vgauth.service loaded active running Authentication service for virtual machines hosted on VMware
dbus.socket loaded active running D-Bus System Message Bus Socket
multipathd.socket loaded active running multipathd control socket
snapd.socket loaded active running Socket activation for snappy daemon
syslog.socket loaded active running Syslog Socket
systemd-journald-audit.socket loaded active running Journal Audit Socket
systemd-journald-dev-log.socket loaded active running Journal Socket (/dev/log)
systemd-journald.socket loaded active running Journal Socket
systemd-networkd.socket loaded active running Network Service Netlink Socket
systemd-udevd-control.socket loaded active running udev Control Socket
systemd-udevd-kernel.socket loaded active running udev Kernel Socket
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
39 loaded units listed.grafana-server.serviceprometheus.service
Sudo Version
$ sudo --version
Sudo version 1.8.31
Sudoers policy plugin version 1.8.31
Sudoers file grammar version 46
Sudoers I/O plugin version 1.8.31Sudo version 1.8.31
Glibc Version
$ ldd --version
ldd (Ubuntu GLIBC 2.31-0ubuntu9.2) 2.31
Copyright (C) 2020 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (Ubuntu GLIBC 2.31-0ubuntu9.2) 2.31