On Linux, the commands required for system administration are stored in the /sbin directory.
What is sbin in Linux?
The /sbin directory in Linux is a directory containing some executable files. These are mainly system administration binaries (so you can remember the folder name as System BINaries). These commands should be used only by administrative users for example the root user.
Sbin is similar to /bin, as both are in the root directory, but the first contains mainly administration tools, while the second contains mainly executables needed to start the system.
There are usually some other similar folders you can find on a typical configuration, /usr/bin and /usr/sbin or /usr/local/sbin and /usr/local/bin. These are in the /usr folder, and contain binary files not strictly needed to boot the OS, as this folder could be mounted after the boot process in a separate mount point.
What does /sbin contain?
Depending on the Linux distribution and the particular configuration you installed, the folder can contain a different amount of tools.
Here is a screenshot of ls /sbin on a ubuntu desktop standard installation. Not everything is shown as the list is long (more than 130 executables), but it can give you an idea.
Most of these are system tools, so you’ll probably never need to use them, but let’s see some of the most interesting ones:
fsck
Fsck is a command-line utility used to perform consistency checks on your disks and to try to repair your filesystem if something gets damaged.
Fsck is often run at startup time by unix-like operating systems but can be run manually by the system administrator to manually correct errors. It can also “dry run”, to make an analysis, report errors but not take action in fixing them. There are different executables for each filesystem version such as fat, ext2, ext3, ext4. It can take quite some time to deeply scan a full disk, but if your filesystem is damaged, it can be useful to spend some time saving your files.
fdisk
Fdisk is another disk management tool, but it’s used to manage partitions. With this application, you can add, remove and change partitions on all the connected disks. This is always a delicate operation, so use fdisk only if you know what you’re doing and think twice about every step.
iptables and ip6tables
These two tools are used to manage network packet filtering rules for ipv4 and ipv6 traffic. This is not strictly an essential binary to boot the system so it can be found in the /usr/sbin depending on your operating system version.
You can get some info about this command and the available options on its man page.
lsmod
This command shows the currently loaded loadable kernel modules. It can be useful to diagnose if you added some additional kernel modules that are not properly working or not working at all.
poweroff and shutdown
These are two useful tools, especially in server environments if you don’t have access to a graphic environment, and have to rely only on a command-line interface. Their purpose is, as the names say, to shutdown and/or restart the system.
sysctl
The sysctl (SYStem ConTroL) is used to change kernel parameters at run time. This allows you to change your operating system’s parameters if you need to tweak them.
wpa_supplicant, wpa_action, wpa_cli
These are used to manage WPA keys (the ones you’re probably using to protect your wi-fi network.
mount
This is another useful tool. This tool gives you the ability to mount a filesystem on a specific directory in the file system hierarchy.
In unix-like operating systems, the filesystem is based on a root directory / that articulates in many subdirectories. Differently from windows, where each partition has its own filesystem hierarchy, in linux you can “mount” a partition on a specific directory in the “global filesystem”, and the operating system will attach its filesystem starting from there.
With this approach, each mounted filesystem can be accessed with an absolute path starting from the root filesystem /.
Some mounts can be defined in the /etc/fstab. At boot time, the boot script will use mount with that source configuration file to mount the configured disks.
ifconfig
This tool is used to control and configure network interfaces. It is directly used by the startup script to configure the network parameters. Also, as a user, you’ll probably find it pretty useful to get your ip address. Running the ifconfig command without other options will output a list of your network devices with some info, and between them, you’ll find your local ip address.
FAQ about /sbin directory and its tools
What is /sbin/ifconfig command?
ifconfig is a system administration tool used to view and manage the configuration of network interfaces. On it’s essential version without options, it outputs the list of the configured network devices with their configuration and status (included the assigned ipv4 and ipv6 address).
What does /sbin/arp -a do in unix?
The arp command is used to manage the arp translation tables, the tables where a source ip address is translated to a physical mac address.
The arp -a command lists all the entries in the arp translation tables. Using the -a option together with the -d option deletes all the entries in the table.
What is /sbin/ifdown?
Ifdown is a command used to “deconfigure” a network interface. It takes as a single argument the network interface configuration to switch off.
What is /sbin/nologin?
You can find /sbin/nologin or /usr/sbin/nologin as the default shell for some users in the etc/passwd. This indicates a disabled shell access. Everyone trying to access a shell with that account will get a message (defined in /etc/nologin.txt) and the connection attempt will be terminated with a non-zero result code.
Conclusions
The sbin contains some very useful tools you can use with your operating system. Most of them are administrative tools, so if you put them in a script, remember to execute the script (or at least the single commands) with sudo privileges. Also, every Linux version can have a different set of executables in sbin, so if you change your environment by changing OS release version or distribution and have custom scripts, remember to check where those tools are.