Linux Survival Basics
Read-only, sensitive outputInspect Certbot Certificate Inventory
You need current certificate names, domains, paths, and expiry from Certbot.
Command
sudo certbot certificates
Before you run this
System impact: Read-only. Output may expose users, paths, tokens, keys, IPs, process arguments, or log details.
When not to use it: Do not delete certificate files from this output alone.
Expected output
Certificate names, domains, expiry dates, and filesystem paths.
System impact
Read-only, sensitive output. Nothing changes. The command reads current state and prints diagnostic evidence.
May require elevated permissions on protected paths or service-owned files.
Recovery / rollback: no state is changed.
When to use it
Use before changing renewal config or deleting old certs.
When not to use it
Do not delete certificate files from this output alone.
Example run
Commands shown
These are the commands shown for inspection. Treat them as an example, not proof that your system will behave identically.
sudo certbot certificatessudo certbot certificates
next steps
Related commands
Run Certbot Renewal Dry Run
Certbot has a safe renewal rehearsal.
sudo certbot renew --dry-run
Find the dpkg Lock Owner
Find the process holding the dpkg lock before touching lock files.
sudo lsof /var/lib/dpkg/lock-frontend /var/lib/dpkg/lock 2>/dev/null
Inspect One Process Open Files
Look at one target process, not the whole host, when pressure is scoped.
sudo lsof -p 1234 | head
List sudo Group Members
Before granting sudo, see who already has it.
getent group sudo
List Effective sudo Privileges
sudo -l shows policy; guessing invites bad access changes.
sudo -l
next diagnostic step
Where to go from this command
- Certbot renewal failed hub Use for certificate inventory.
Study mapping
Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.
Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.