TopicLadder
Reference

Maker Command-Line Checklist

Use this page when a project is stuck and you need to choose the next inspection command. Start with the question you are trying to answer, not with a random command.

This checklist favors inspection commands. Avoid broad changes such as recursive permission edits, deletes, restarts, or config rewrites until the evidence points to a specific fix.

Choose by what you need to prove

Each group gives a few commands, the signal to look for, and the TopicLadder or LinuxOneLiners page that explains the next step.

Where am I and what is here?

Use this group before path-sensitive work. Many project mistakes begin from the wrong folder or a guessed file name.

CommandUse it toExpected signal
pwd Show the current directory. You get one absolute path. Write it into the project note before running path-sensitive commands.
ls -lah Inspect names, sizes, permissions, and hidden entries. Look for the target file, owner, size, and timestamp instead of assuming it exists.
find . -maxdepth 2 -type f | sort | head List nearby files without crawling the whole machine. You see a small inventory that helps choose the next file to inspect.

Related learning

What does the file contain?

Use this group when the next clue is inside a config, log, script, or note. Read a bounded piece first.

CommandUse it toExpected signal
head -40 file.txt Preview the top of a text file. You see headers, comments, or the start of a config without dumping the whole file.
less file.txt Page through a file interactively. You can search inside the file and quit without modifying it.
grep -n "pattern" file.txt Find matching lines with line numbers. You get exact line numbers that can be discussed or copied into a note.

Related learning

Who can read or run this path?

Use this group before changing ownership or permissions. Permission problems often come from a parent directory, not the final file.

CommandUse it toExpected signal
namei -l /path/to/file Walk every path component with permissions and owners. The first directory without execute permission is often the real blocker.
stat -c '%A %U:%G %n' /path/to/file Show mode, owner, group, and name in one line. You can compare the actual owner and mode with the service or user that needs access.
id Show the current user and groups. You know which groups the current shell actually has.

Related learning

What changed recently?

Use this group when a project worked yesterday and fails today. The goal is a short change list, not blame.

CommandUse it toExpected signal
git status --short Show changed files in a Git project. You get a compact list of modified, added, deleted, or untracked files.
git diff -- path/to/file Inspect one file's unstaged change. You can explain the changed lines before committing or reverting.
find . -type f -mtime -1 | sort | head -50 List files modified in the last day. You get a bounded list of recent local changes outside Git or before a commit.

Related learning

Is the service or site alive?

Use this group when a local tool, static site, or VPS route should be reachable. Separate process, port, HTTP, and logs.

CommandUse it toExpected signal
ss -ltnp Show listening TCP ports and owning processes. A listener appears on the expected port before browser debugging begins.
curl -I https://example.com Fetch response headers only. You see status code, server headers, redirects, or TLS issues without downloading the page body.
systemctl status nginx --no-pager Inspect service state without opening a pager. You see active state, recent failure text, and unit metadata.

Related learning

What are the logs saying?

Use this group after you know which system or service should be speaking. Search by time and scope first.

CommandUse it toExpected signal
journalctl -u nginx --since '15 minutes ago' --no-pager Read recent logs for one service. You get recent service messages without scanning the whole journal.
tail -80 /var/log/nginx/error.log Read the last lines of a service log. You see the most recent errors while preserving context.
journalctl -p warning --since '1 hour ago' --no-pager Inspect recent system warnings and errors. You see warning-level messages that may explain a sudden failure.

Related learning

Is the machine out of space?

Use this group when writes fail, services stop, builds break, or logs grow unexpectedly. Check bytes and inodes separately.

CommandUse it toExpected signal
df -h Check filesystem byte usage. Use% and Mounted on show which filesystem is full.
df -i Check inode usage. IUse% can be full even when df -h still looks okay.
du -xhd1 /var 2>/dev/null | sort -h Rank top-level directory sizes without crossing filesystems. The largest directories appear near the bottom of the sorted output.

Related learning

Which process is taking resources?

Use this group when the project machine feels slow, a build hangs, or a local service competes with other work.

CommandUse it toExpected signal
ps -eo pid,comm,%cpu,%mem --sort=-%cpu | head List CPU-heavy processes. The top rows show which process names and PIDs deserve the next check.
ps -eo pid,comm,%mem,%cpu --sort=-%mem | head List memory-heavy processes. The largest memory users appear first without opening an interactive monitor.
pgrep -af process-name Find matching process command lines. You see PIDs and arguments for the named tool or service.
uptime Check load average quickly. Load averages help decide whether the machine is busy or the symptom is elsewhere.

Related learning

What is listening on the network?

Use this group when a browser, game server, local API, or VPS endpoint should be reachable but is not.

CommandUse it toExpected signal
ss -ltnp List listening TCP ports with processes. The expected port and owning program are visible before firewall or browser debugging.
ip route Show routing decisions. A default route exists when the machine knows where non-local traffic should go.
ip addr Show interface addresses. The relevant interface has the expected IPv4 or IPv6 address.
resolvectl status Inspect resolver state. You can see DNS servers and per-link resolver configuration.

Related learning

Which package owns this file?

Use this group when a command, library, config, or binary appears but you do not know which package installed it.

CommandUse it toExpected signal
dpkg -S /path/to/file Find the Debian or Ubuntu package owner. The package name appears before the path when the file is managed by dpkg.
rpm -qf /path/to/file Find the RPM package owner. The owning RPM package is printed if the file is managed by the package database.
pacman -Qo /path/to/file Find the Arch package owner. Pacman reports the package that owns the file.
command -v tool-name Find the executable path for a command. You get the exact path that package-owner checks can inspect next.

Related learning

Is a scheduled task supposed to run?

Use this group when a backup, build, log rotation, or maintenance step did not happen at the expected time.

CommandUse it toExpected signal
systemctl list-timers --no-pager List systemd timers. You see last run, next run, and timer unit names.
systemctl status timer-name.timer --no-pager Inspect one timer. The active state and recent status explain whether the timer is loaded.
crontab -l Read the current user's cron entries. You can confirm schedule, command, and output handling.
journalctl -u timer-name --since '24 hours ago' --no-pager Read recent logs for a timer or service. Recent run attempts and failures appear without scanning the full journal.

Related learning

Is the project using the expected runtime?

Use this group when Python, Node, Godot exports, scripts, or command-line tools behave differently across machines.

CommandUse it toExpected signal
command -v python3 Find the Python executable. The path shows whether the shell is using system Python, a virtual environment, or another install.
python3 --version Check Python version. The major and minor version can be compared with project requirements.
command -v node Find the Node executable. The path shows which Node installation the shell will run.
env | sort | head -50 Inspect a bounded environment sample. Important variables appear without dumping an entire session into notes.

Related learning

What did the kernel or hardware report?

Use this group when a sensor board, USB device, disk, driver, or machine-level issue may be below the app layer.

CommandUse it toExpected signal
dmesg -T | tail -80 Read recent kernel messages. Recent device, disk, permission, or driver messages show up with timestamps.
lsusb List USB devices. The attached device appears with vendor and product information.
lspci List PCI devices. Graphics, network, storage, and controller devices are visible.
journalctl -k --since '1 hour ago' --no-pager Read recent kernel journal entries. Kernel messages are scoped to a useful time window.

Related learning

Can I verify after a change?

Use this group after a careful edit, deploy, or configuration change. The goal is proof, not optimism.

CommandUse it toExpected signal
git diff --check Find whitespace or patch issues before commit. The command is silent when no whitespace errors are detected.
curl -fsS https://example.com/ >/dev/null Verify a URL returns successfully. The command exits cleanly for reachable successful responses.
systemctl is-active service-name Check whether a service is active. The output is active when systemd thinks the service is running.
tail -40 path/to/log Read the newest log lines after the change. Fresh errors or success messages are visible near the end.

Related learning

What should go in the project note?

Use this group when the command result matters but will be forgotten before the next build session.

CommandUse it toExpected signal
printf 'Question:\nCommand:\nExpected:\nActual:\nNext:\n' >> project-note.md Append a small inspection template. A reusable note block is added without needing a heavy tool.
date -Is Record an ISO timestamp. The note has a precise time for later comparison.
hostnamectl Capture machine identity and OS facts. Hostname, OS, kernel, and architecture are visible.
git rev-parse --short HEAD Record the current Git commit. The short commit hash ties the note to project state.

Related learning

Can the domain and certificate be trusted?

Use this group when a site is live on one machine but not for users. DNS, HTTP, and HTTPS need separate checks.

CommandUse it toExpected signal
dig +short example.com A Check A records for a domain. You see the IP addresses DNS currently returns.
curl -I http://example.com Check plain HTTP reachability. You can separate DNS and web-server reachability from TLS.
openssl s_client -connect example.com:443 -servername example.com </dev/null Inspect the TLS handshake and certificate. Certificate subject, issuer, dates, and verification text become visible.

Related learning

Good project note format

Question, command, expected signal, actual result, next action. That is enough to make the next session faster and to ask for help without dumping noise.

When to switch pages

If the checklist points at a domain problem, use the DNS ladder. If it points at a service or Linux repair path, use the linked LinuxOneLiners page for deeper triage.

Obsidian note preview

The downloadable note keeps this checklist in a project-vault format: workflow, command groups, and a project note template.

# Maker Command-Line Checklist

Question:
Command:
Expected signal:
Actual result:
Next action:

Flashcard preview

These cards review command choice, expected signals, and common misreads. Export the TSV if you want to import the full set.

What should you write before choosing a command?

Write the question you are trying to answer: path, file, service, logs, disk, domain, or permissions.

Why start with `pwd`?

`pwd` proves the current directory before path-sensitive commands run from the wrong place.

What does `ls -lah` help inspect?

Names, hidden entries, permissions, owners, sizes, and timestamps in the current directory.

When is `find . -maxdepth 2 -type f` useful?

When you need a bounded local file inventory without crawling the whole machine.

Why use `head -40 file.txt` before `cat`?

It previews a bounded part of a file and avoids dumping huge logs or configs.

What does `grep -n` add?

Line numbers, so a match can be discussed, cited, or saved in a project note.

What does `namei -l /path/to/file` prove?

It walks every path component and can reveal a parent directory permission problem.

What does `stat -c '%A %U:%G %n'` show?

Mode, owner, group, and name in one compact line.

Why check `id` during permission triage?

It shows the current user and groups actually available to the shell.

What does `git status --short` show?

A compact list of modified, added, deleted, or untracked files.

Why inspect `git diff -- path/to/file`?

It explains one file's unstaged changes before committing or reverting.

What does `ss -ltnp` prove?

Which TCP ports are listening and which process owns them.

Why use `curl -I`?

It checks headers, status, redirects, and TLS behavior without downloading the full page.

What does `systemctl status nginx --no-pager` show?

Service state, recent failure text, and unit metadata without opening a pager.

Why scope `journalctl` with `-u` and `--since`?

It keeps log reading focused on one service and a useful time window.

What is the difference between `df -h` and `df -i`?

`df -h` checks bytes; `df -i` checks inode availability.

Why use `du -xhd1 /var 2>/dev/null | sort -h`?

It ranks top-level directory sizes without crossing filesystems.

What does `dig +short example.com A` answer?

Which IPv4 addresses DNS currently returns for the domain.

Why test HTTP before TLS?

It separates DNS and web-server reachability from certificate problems.

What should you record after a command?

The command, expected signal, actual result, and next action.

Command selection workflow

Use the checklist from the top down only when the problem is unclear. If you already know the failure is a permission issue, jump to the permission group. If you know it is a domain issue, jump to DNS and certificate checks. The goal is not to run every command; the goal is to pick the smallest command that answers the current question.

When two commands seem possible, choose the one that reads state without changing it. A bounded read gives you evidence and preserves the system for the next check. A broad edit can hide the original cause and make the next lesson harder.

Copy less, inspect more

Commands on this page are examples to inspect. Replace paths, domains, unit names, and file names with the actual project target. Keep the command and result together in the project note so you can explain what was checked later.

If a command returns no output, treat that as a signal. It may mean the target does not exist, the pattern did not match, the service is not installed, or the command was run from the wrong environment. Write that down before trying a stronger command.

Related routes

Last reviewed: July 5, 2026. TopicLadder pages are curated for practical learning and may be updated as examples improve.