Linux 101 Hacks

Linux 101 Hacks www.thegeekstuff.
com
Table of Contents
Introduction ........................................................... 7
About the Author .................................................... 8
Copyriht ! "isclai#er ............................................ $
%ersion .............................................................................. $
&ore e'ooks fro# The (eek )tuff .......................... 10
'ash 101 Hacks ............................................................... 10
)ed and A*k 101 Hacks ................................................... 11
+aios Core ..................................................................... 1,
%i# 101 Hacks ................................................................. 1-
Chapter 1. /o*erful C" Co##and Hacks ................ 10
Hack 1. "efine C" 'ase "irectory 1sin C"/ATH ............... 10
Hack ,. 1se C" Alias to +a2iate 1p the "irectory ............. 13
Hack -. /erfor# #kdir and cd 1sin a )inle Co##and .... 18
Hack 0. Tole 'et*een "irectories ................................. 1$
Hack 3. &anipulate "irectory )tack .................................. ,0
Hack 4. Auto#atically Correct &istyped "irectory +a#es . ,-
Chapter ,. 5ssential Linux Co##ands ................... ,0
Hack 7. (rep Co##and ................................................... ,0
Hack 8. 6eular 5xpression in (rep .................................. ,4
Hack $. 7ind Co##and .................................................... ,$
Hack 10. )uppress )tandard 8utput and 5rror &essae .... -1
Hack 11. 9oin Co##and ................................................... -,
Hack 1,. Chane the Case ............................................... --
Hack 1-. :ars Co##and ................................................ -0
Hack 10. )ort Co##and .................................................. -3
Hack 13. 1ni; Co##and .................................................. -7
Hack 14. Cut Co##and ................................................... -8
Hack 17. )tat Co##and .................................................. -$
Hack 18. "iff Co##and ................................................... 01
2
Linux 101 Hacks www.thegeekstuff.com
Hack 1$. "isplay Total Connect Ti#e of 1sers ................... 0,
Hack ,0. 5xecute Co##ands in the 'ackround ............... 0-
Hack ,1. )ed 'asics < 7ind and 6eplace 1sin 6e5x ........ 03
Hack ,,. A*k Introduction = /rint 5xa#ples ..................... 30
Hack ,-. %i# 5ditor +a2iation 7unda#entals .................. 34
Hack ,0. Ch#od Co##and 5xa#ples ................................ 40
Hack ,3. %ie* &ultiple Lo 7iles in 8ne Ter#inal .............. 4,
Hack ,4. Less Co##and ................................................... 40
Hack ,7. >et 5xa#ples ................................................. 48
Chapter -. ))H Co##ands and Tips ....................... 74
Hack ,8. "ebu ))H Client )ession .................................. 74
Hack ,$. Tole ))H )ession usin ))H 5scape Character . 77
Hack -0. "isplay ))H )ession )tatistics ........................... 78
Hack -1. Chane 8pen))H )ecurity 8ptions ...................... 7$
Hack -,. Transfer All /uTT? )essions ................................ 83
Chapter 0. "ate &anipulation ............................... 87
Hack --. )et )yste# "ate and Ti#e ................................. 87
Hack -0. )et Hard*are "ate and Ti#e ............................. 88
Hack -3. "isplay "ate and Ti#e in a )pecific 7or#at ........ 8$
Hack -4. "isplay /ast "ate and Ti#e ............................... $0
Hack -7. "isplay 7uture "ate and Ti#e ............................ $1
Chapter 3. /)1@ /),@ /)-@ /)0 and
/68&/TAC8&&A+" .............................................. $-
Hack -8. /)1 < "efault Interaction /ro#pt ....................... $-
Hack -$. /), < Continuation Interacti2e /ro#pt ............... $0
Hack 00. /)- < /ro#pt 1sed by )elect Co##and ............... $3
Hack 01. /)0 < /ro#pt to /refix Tracin 8utput ................ $7
Hack 0,. /68&/TAC8&&A+" .......................................... $8
Hack 0-. Custo#iBe 'ash /ro#pt 1sin /)1 ...................... $$
Hack 00. Colorful 'ash /ro#pt 1sin /)1 ........................ 100
Chapter 4. Archi2e and Co#pression .................... 10$
Hack 03. Cip Co##and 'asics ........................................ 10$
Hack 04. Cip Co##and Ad2anced Co#pression ............... 111
3
Hack 07. /ass*ord /rotection of Cip files ....................... 11-
Hack 08. Tar Co##and 5xa#ples ................................... 11-
Hack 0$. Co#bine Bip@ bBip, *ith Tar ........................... 113
Hack 30. 'C is 5aByD 'BE Co##and 5xa#ples .................. 114
Hack 31. Cpio 5xa#ples ................................................. 1,0
Chapter 7. Co##and Line History ....................... 1,0
Hack 3,. 'ash Co##and Line History 5xa#ples .............. 1,0
Hack 3-. History 6elated 5n2iron#ent %ariables .............. 1,8
Hack 30. History 5xpansion 5xa#ples ............................ 1--
Chapter 8. )yste# Ad#inistration Tasks ............... 1-4
Hack 33. /artition 1sin fdisk ......................................... 1-4
Hack 34. 7or#at a /artition 1sin #ke,fsk .................... 1-8
Hack 37. &ount a /artition ............................................ 100
Hack 38. 7ine Tune a /artition 1sin tune,fs .................. 100
Hack 3$. Create a )*ap 7ile )yste# ................................ 10,
Hack 40. Create a +e* 1ser ............................................ 10-
Hack 41. Create a +e* (roup ........................................ 103
Hack 4,. )etup ))H /ass*ordless Loin in 8pen))H ....... 104
Hack 4-. 1se ssh<copy<id Alon >ith ssh<aent .............. 107
Hack 40. Crontab 5xa#ples ............................................ 10$
Hack 43. )afe 6eboot 8f Linux 1sin &aic )ys6; Fey .... 131
Hack 44. Linux /arted Co##and 5xa#ples ..................... 13-
Hack 47. 6sync Co##and 5xa#ples ............................... 140
Hack 48. Chkconfi Co##and 5xa#ples .......................... 14$
Hack 4$. Ho* to )etup Anacron ...................................... 170
Hack 70. I/Tables 6ules 5xa#ples .................................. 178
Chapter $. Install /ackaes .................................. 181
Hack 71. ?u# Co##and 5xa#ples .................................. 181
Hack 7,. 6/& Co##and 5xa#ples .................................. 180
Hack 7-. apt<E Co##and 5xa#ples ................................. 188
Hack 70. Install fro# )ource ........................................... 1$0
Chapter 10. LA&/ )tack ...................................... 1$,
Hack 73. Install Apache , *ith ))L .................................. 1$,
4
Hack 74. Install /H/ fro# )ource ................................... 1$4
Hack 77. Install &y)GL .................................................. 1$$
Hack 78. Install LA&/ )tack ............................................ ,00
Hack 7$. Install :A&// .................................................. ,10
Hack 80. )ecure ?our Apache >eb )er2er ....................... ,1,
Hack 81. Apachectl and Httpd Tips .................................. ,14
Hack 8,. )etup Apache %irtual Host Confiuration ........... ,,-
Hack 8-. 6otate Apache Los 7iles .................................. ,,3
Chapter 11. 'ash )criptin .................................. ,,8
Hack 80. 5xecution )e;uence of .bashAE files .................. ,,8
Hack 83. 'ash 786 Loops 1sin C Like )yntax ................ ,-,
Hack 84. "ebu a )hell )cript ......................................... ,-0
Hack 87. Guotin ........................................................... ,-4
Hack 88. 6ead "ata 7ile 7ields Inside a )hell )cript ........ ,-7
Chapter 1,. )yste# &onitorin and /erfor#ance .. ,-$
Hack 8$. 7ree Co##and ................................................. ,-$
Hack $0. Top Co##and ................................................. ,00
Hack $1. "f Co##and ................................................... ,0-
Hack $,. "u Co##and ................................................... ,00
Hack $-. Lsof Co##ands ............................................... ,03
Hack $0. %#stat Co##and ............................................ ,07
Hack $3. +etstat Co##and ........................................... ,08
Hack $4. )ysctl Co##and .............................................. ,31
Hack $7. +ice Co##and ................................................ ,3,
Hack $8. 6enice Co##and ............................................. ,30
Hack $$. Fill Co##and .................................................. ,34
Hack 100. /s Co##and .................................................. ,38
Hack 101. )ar Co##and ................................................ ,40
?our )upport is Appreciated ................................ ,40
'ash 101 Hacks ............................................................. ,40
)ed and A*k 101 Hacks ................................................. ,40
+aios Core - ............................................................... ,43
%i# 101 Hacks .............................................................. ,43
5
10 A#aBin and 5ssential Linux 'ooks ................. ,44
5xtended 6eadin ............................................... ,4$
&ore Linux Articles ........................................................ ,70
Thank ?ou ........................................................... ,71
6
Introduction
There are total of 101 hacks in this book that will help you build a strong
foundation in inu!. "ll the hacks in this book are e!plained with
appropriate inu! command e!amples that are easy to follow.
This book contains 12 chapters.
#hapters 1 $ 3 e!plain %pen&&' tips and tricks( #) command
hacks( and se*eral essential inu! commands including grep( find
and many more.
#hapters 4 $ 6 co*er date manipulation( inu! command prompt
customi+ation( archi*e and compression commands. #lear
e!amples are pro*ided.
#hapter , $ - e!plain critical inu! sysadmin tasks( package
installation on *arious distros( and bash command line history
with clear e!amples
#hapter 10 . 12 co*er "/0 stack installation and se*eral inu!
system monitoring and performance commands with practical
e!amples.
" note on the e!amples1 /ost e!amples are identified in the following
way.
5xa#ple "escription
Lines of code for you to type, with the result you will
see on screen.
"dditional clarification or discussion will appear below the code section
in plain te!t.
,
There are only 10 types of people in the world those who
understand binary, those who dont, and those who understand
gray code
Geek
About the Author
23m 4amesh 5atara6an( author of The 7eek
&tuff blog thegeekstuff.com and numerous
ebooks including this one.
2 ha*e done e!tensi*e programming in
se*eral languages and # is my fa*orite. 2
ha*e done a lot of work on the
infrastructure side including inu! system
administration( )8"( 5etworking(
'ardware and &torage 9:/#;.
2 also de*eloped passworddragon.com < a free( easy and secure
password manager that runs on =indows( inu! and /ac.
"part from this inu! 101 'acks e8ook( 2>*e also published the following
ebooks1
?im 101 'acks
5agios #ore 3
&ed and "wk 101 'acks
8ash 101 'acks
2f you ha*e any @uestions while reading this book( don>t hesitate to
reach out to me. Aou can connect with me on the following1
Twitter 9Bt hegeekstuff ;
Cacebook page
2f you want to write to me directly( use this contact form to reach out to
me.
D
Copyriht ! "isclai#er
#opyright E 200- . 2011 $ 4amesh 5atara6an. "ll rights reser*ed. 5o
part of this book may be reproduced( translated( posted or shared in any
form( by any means.
The information pro*ided in this book is pro*ided Fas isF with no implied
warranties or guarantees.
%ersion
%ersion "ate 6e2isions
1.0 12 $ Ceb $ 200- Cirst :dition
2.0 16 $ 5o* . 2011 &econd :dition
-
&ore e'ooks fro# The (eek )tuff
'ash 101 Hacks
=hen you are working on a inu!
en*ironment( does any of the following
sound familiar to youG
Aou are spending significant amount
of time doing tasks manually( without
knowing how to automate those
tasks effecti*ely using scripts.
Aou are e!ecuting set of commands
to complete a task( and retyping the
same commands manually with
different *alues to complete similar
tasks.
Aou are ha*ing a good understanding
of all inu! commands( but struggling
to put them together in a shell script to accomplish a task.
8ash is the default shell on inu!. 2f you are spending lot of time on
inu! en*ironment( you should master the 8ash command line features
to become efficient.
"part from being an interacti*e shell( 8ash is also a scripting language(
which allows you to automate your tasks using 8ash shell scripting.
8ash 101 'acks is a downloadable e8ook that contains 101 practical
e!amples on both 8ash command line and shell scripting( that will help
you understand e*erything you need to know about 8ash.
Get Your Copy of: Bash 101 Hacks eBook
http://www.theeekstuff.co!/"ash#101#hacks#e"ook/
10
)ed and A*k 101 Hacks
2f you are spending lot of time on H52I J
inu!( the following might sound familiar to
you.
Aou are manually making the same
edits on multiple files. &ometimes the
same edits are manually repeated on
files on different ser*ers.
Aou are constantly *iewing large log
files 9or data files;( manually looking
for certain lines that contain certain
patterns. %nce you find those lines(
you are manually copying and pasting
a few rele*ant fields from those lines
for reporting purposes.
Aou are constantly dealing with te!t files( and spending a lot of
time manually manipulating the te!t files.
2f you are spending lot of time on H52I J inu!( you3ll be manipulating
te!t files fre@uently. Aou may be making the similar edits on multiple
configuration files on one or more ser*ers. Aou may be digging huge log
files 9or data files; looking for certain information.
&ed and "wk 101 'acks is a downloadable e8ook that contains 101
practical e!amples on *arious ad*anced &ed and "wk features( that will
help you understand e*erything you need to know about &ed and "wk.
Get Your Copy of: $ed and %wk 101 Hacks eBook
http://www.theeekstuff.co!/sed#awk#101#hacks#e"ook/
11
+aios Core
2f you are a sysadmin( dba( network
administrator( or someone who is responsible
for keeping the 2T infrastructure up and
running( the following might sound familiar to
you.
Aou don3t know when you3ll run out of
disk space( or when the ser*er will go
down( or when the database will
crash( or when one of the critical
ser*ices running on the ser*er will
fail.
Aou are worried that right people 9or
team; are not getting notified about
the ser*er or ser*ices issues at the
right time.
Aou 9or your team; are constantly working on finding and fi!ing
issues as they show up.
Aou should implement a robust monitoring solution that will notify you
when there is an issue. 2t should also notify the right people at the right
time about a potential issue( e*en before it becomes critical.
5agios #ore 3 e8ook is the only guide you3ll e*er need to get your 2T
infrastructure monitored using 5agios #ore( and it will help you to
understand e*erything you need to know to implement 5agios #ore 3.
Get Your Copy of: &aios Core eBook
http://www.theeekstuff.co!/naios#core#e"ook/
12
%i# 101 Hacks
2f you are spending lot of time on H52I J
inu! en*ironment( it is essential to become
comfortable with the ?im editor.
2f you are putting off mastering the ?im
editor for a later day because learning ?im
editor is not intuiti*e( friendly( or fun < you
are not alone.
?im editor is *ery powerful editor that will
make you e!tremely producti*e once you
take some time to learn and understand its
features. 2f you are like most people( you
would like to ha*e a structured way of
learning this powerful editor and take ad*antage of all its features.
?im 101 'acks is a downloadable e8ook that contains 101 practical
e!amples on *arious ad*anced ?im features that will make you fast and
producti*e in the ?im editor.
:ach hack pro*ided in this e8ook is *ery crisp and easy to understand.
The practical e!amples will show you e!actly how to use a particular ?im
feature.
Get Your Copy of: 'i! 101 Hacks eBook
http://www.theeekstuff.co!/(i!#101#hacks#e"ook/
13
Chapter 1. /o*erful C" Co##and
Hacks
cd is one of the most fre@uently used commands during a H52I session.
The 6 cd command hacks mentioned in this chapter will boost your
producti*ity instantly and make it easier to na*igate the directory
structure from command line.
Hack 1. "efine C" 'ase "irectory 1sin
C"/ATH
2f you are fre@uently performing cd to subdirectories of a specific parent
directory( you can set the #)0"T' to the parent directory and perform
cd to the subdirectories without gi*ing the parent directory path as
e!plained below.
) pwd
/ho!e/ra!esh
) cd !ail
#"ash: cd: !ail: &o such file or directory
*Note: +he a"o(e cd is lookin for !ail directory under
current directory,
) e-port C./%+H0/etc
) cd !ail
/etc/!ail
*Note: +he a"o(e cd is lookin for !ail under /etc and not
under current directory,
) pwd
/etc/!ail

14
To make this change permanent( add e!port #)0"T'KJetc to your
LJ.bashMprofile
&imilar to the 0"T' *ariable( you can add more than one directory entry
in the #)0"T' *ariable( separating them with 1 ( as shown below.
e-port C./%+H0.:1:/etc:/(ar
This hack can be *ery helpful under the following situations1
%racle )8"s fre@uently working under N%4"#:M'%/:( can set
the #)0"T' *ariable to the oracle home
Hni! sysadmins fre@uently working under Jetc( can set the
#)0"T' *ariable to Jetc
)e*elopers fre@uently working under pro6ect directory
JhomeJpro6ects( can set the #)0"T' *ariable to JhomeJpro6ects
:nd.users fre@uently accessing the subdirectories under their
home directory( can set the #)0"T' *ariable to L 9home
directory;
Hack ,. 1se C" Alias to +a2iate 1p the
"irectory
=hen you are na*igating up a *ery long directory structure( you may be
using cd ..O..O with multiple ..O3s depending on how many directories you
want to go up as shown below.
) !kdir #p
/t!p/(ery/lon/directory/structure/that/is/too/deep
) cd /t!p/(ery/lon/directory/structure/that/is/too/deep
) pwd
) cd ../../../../
15
) pwd
/t!p/(ery/lon/directory/structure
2nstead of e!ecuting cd ..J..J..J.. to na*igate four le*els up( use one of the
following four alias methods1
&ethod 1. +a2iate up the directory usin H..nI
2n the e!ample below( ..4 is used to go up 4 directory le*el( ..3 to go up
3 directory le*el( ..2 to go up 2 directory le*el. "dd the following alias to
your LJ.bashMprofile and re.login.
alias ..02cd ..2
alias ..302cd ../..2
alias ..402cd ../../..2
alias ..502cd ../../../..2
alias ..602cd ../../../../..2
) ..5
*Note: use ..5 to o up 5 directory le(el,
) pwd
/t!p/(ery/lon/directory/structure/
&ethod ,. +a2iate up the directory usin only dots
2n the e!ample below( P.. 9fi*e dots; is used to go up 4 directory le*el.
Typing 5 dots to go up 4 directory structure is really easy to remember(
as when you type the first two dots( you are thinking Qgoing up one
directoryR( after that e*ery additional dot( is to go one le*el up.
16
&o( use P. 9four dots; to go up 3 directory le*el and .. 9two dots; to go
up 1 directory le*el. "dd the following alias to your LJ.bashMprofile and
re.login for the P.. 9fi*e dots; to work properly.
alias ..02cd ..2
alias ...02cd ../..2
alias ....02cd ../../..2
alias .....02cd ../../../..2
alias ......02cd ../../../../..2
) .....
*Note: use ..... 7fi(e dots8 to o up 5 directory le(el,
) pwd
/t!p/(ery/lon/directory/structure/
&ethod -. +a2iate up the directory usin cd follo*ed by
consecuti2e dots
2n the e!ample below( cdP.. 9cd followed by fi*e dots; is used to go up
4 directory le*el. /aking it 5 dots to go up 4 directory structure is really
easy to remember( as when you type the first two dots( you are thinking
Qgoing up one directoryR( after that e*ery additional dot( is to go one
le*el up. &o( use cdP. 9cd followed by four dots; to go up 3 directory
le*el and cdP 9cd followed by three dots; to go up 2 directory le*el. "dd
the following alias to your LJ.bashMprofile and re.login for the abo*e
cdP.. 9fi*e dots; to work properly.
alias cd..02cd ..2
alias cd...02cd ../..2
alias cd....02cd ../../..2
alias cd.....02cd ../../../..2
alias cd......02cd ../../../../..2
1,
) cd.....
*Note: use cd..... to o up 5 directory le(el,
) pwd
/t!p/(ery/lon/directory/structure
&ethod 0. +a2iate up the directory usin cd follo*ed by
nu#ber
2n the e!ample below( cd4 9cd followed by number 4; is used to go up 4
directory le*el.
alias cd102cd ..2
alias cd302cd ../..2
alias cd402cd ../../..2
alias cd502cd ../../../..2
alias cd602cd ../../../../..2
Hack -. /erfor# #kdir and cd 1sin a )inle
Co##and
&ometimes when you create a new directory( you may cd to the new
directory immediately to perform some work as shown below.
) !kdir #p /t!p/su"dir1/su"dir3/su"dir4
) cd /t!p/su"dir1/su"dir3/su"dir4
) pwd
/t!p/su"dir1/su"dir3/su"dir4
1D
=ouldn3t it be nice to combine both mkdir and cd in a single commandG
"dd the following to the .bashMprofile and re.login.
) (i ."ash9profile
function !kdircd 78 : !kdir #p 2;<2 == e(al cd 2>2>;;)>22?
@
5ow( perform both mkdir and cd at the same time using a single
command as shown below1
) !kdircd /t!p/su"dir1/su"dir3/su"dir4
*Note: +his creates the directory and cd to it
auto!atically,
) pwd
Hack 0. Tole 'et*een "irectories
Aou can toggle between the last two current directories using cd . as
shown below.
) cd /t!p/su"dir1/su"dir3/su"dir4
) cd -
) pwd
) cd -
) pwd
1-
) cd -
) pwd
Hack 3. &anipulate "irectory )tack
Aou can use directory stack to push directories into it and later pop
directory from the stack. Collowing three commands are used in this
e!ample.
dirs1 )isplay the directory stack
pushd1 0ush directory into the stack
popd1 0op directory from the stack and cd to it
)irs will always print the current directory followed by the content of the
stack. :*en when the directory stack is empty( dirs command will still
print only the current directory as shown below.
) popd
#"ash: popd: directory stack e!pty
) dirs
1
) pwd
/ho!e/ra!esh
'ow to use pushd and popdG et us first create some temporary
directories and push them to the directory stack as shown below.
) !kdir /t!p/dir1
) !kdir /t!p/dir3
) !kdir /t!p/dir4
) !kdir /t!p/dir5
20
) cd /t!p/dir1
) pushd .
) cd /t!p/dir3
) pushd .
) cd /t!p/dir4
) pushd .
) cd /t!p/dir5
) pushd .
) dirs
/t!p/dir5 /t!p/dir5 /t!p/dir4 /t!p/dir3 /t!p/dir1
*Note: +he first directory 7/t!p/dir58 of the dir co!!and
output is always the current directory and not the content
fro! the stack.,
"t this stage( the directory stack contains the following directories1
/t!p/dir5
/t!p/dir4
/t!p/dir3
/t!p/dir1
The last directory that was pushed to the stack will be at the top. =hen
you perform popd( it will cd to the top directory entry in the stack and
remo*e it from the stack. "s shown abo*e( the last directory that was
pushed into the stack is JtmpJdir4. &o( when we do a popd( it will cd to
the JtmpJdir4 and remo*e it from the directory stack as shown below.
) popd
21
) pwd
/t!p/dir5
*Note: %fter the a"o(e popd, directory $tack Contains:
/t!p/dir4
/t!p/dir3
/t!p/dir1,
) popd
) pwd
/t!p/dir4

/t!p/dir3
/t!p/dir1,
) popd
) pwd
/t!p/dir3
/t!p/dir1,
) popd
) pwd
/t!p/dir1
*Note: %fter the a"o(e popd, directory $tack is e!ptyA,
) popd
#"ash: popd: directory stack e!pty
22
Hack 4. Auto#atically Correct &istyped
"irectory +a#es
Hse shopt .s cdspell to correct the typos in the cd command
automatically as shown below. 2f you are not good at typing and make
lot of mistakes( this will be *ery helpful.
) cd /etc/!all
#"ash: cd: /etc/!all: &o such file or directory

) shopt -s cdspell
) cd /etc/!all
) pwd
/etc/!ail
*Note: By !istake, when B typed !all instead of !ail, cd
corrected it auto!atically,
Any Questions?
.iscuss it here: C C. Co!!and Hacks
23
Chapter ,. 5ssential Linux
Co##ands
Hack 7. (rep Co##and
grep command is used to search files for a specific te!t. This is
incredibly powerful command with lots of options.
$ynta-: rep *options, pattern *files,
Ho* can I find all lines #atchin a specific key*ord on a
fileJ
2n this e!ample( grep looks for the te!t Sohn inside JetcJpasswd file and
displays all the matching lines.
) rep Dohn /etc/passwd
Es!ith:-:10F3:10F3:Dohn $!ith:/ho!e/Es!ith:/"in/"ash
Edoe:-:10F4:10F4:Dohn .oe:/ho!e/Edoe:/"in/"ash
%ption .*( will display all the lines e!cept the match. 2n the e!ample
below( it displays all the records from JetcJpassword that doesn>t match
Sohn.
+ote. There are se*eral lines in the JetcJpassword that doesn3t contain
the word Sohn. %nly the first line of the output is shown below.
) rep #( Dohn /etc/passwd
E"ourne:-:10F5:10F5:Dason Bourne:/ho!e/E"ourne:/"in/"ash
Ho* #any lines #atched the text pattern in a particular
fileJ
2n the e!ample below( it displays the total number of lines that contains
the te!t Sohn in JetcJpasswd file.
24
) rep #c Dohn /etc/passwd
3
Aou can also get the total number of lines that did not match the specific
pattern by passing option .c*.
) rep #c( Dohn /etc/passwd
4G
Ho* to search a text by inorin the caseJ
0ass the option .i 9ignore case;( which will ignore the case while
searching.
) rep #i Eohn /etc/passwd
Es!ith:-:10F3:10F3:Dohn $!ith:/ho!e/Es!ith:/"in/"ash
Edoe:-:10F4:10F4:Dohn .oe:/ho!e/Edoe:/"in/"ash
Ho* do I search all subdirectories for a text #atchin a
specific patternJ
Hse option .r 9recursi*e; for this purpose. 2n the e!ample below( it will
search for the te!t FSohnF by ignoring the case inside all the
subdirectories under JhomeJusers.
This will display the output in the format of Ffilename1 line that matching
the patternF. Aou can also pass the option .l( which will display only the
name of the file that matches the pattern.
) rep #ri Eohn /ho!e/users
/ho!e/users/su"dir1/letter.t-t:Dohn, +hanks for your
contri"ution.
/ho!e/users/na!e9list.t-t:Dohn $!ith
/ho!e/users/na!e9list.t-t:Dohn .oe
) rep #ril Eohn /root
25
/ho!e/users/su"dir1/letter.t-t
/ho!e/users/na!e9list.t-t
Additional Grep Examples:
Get a Grip on the GrepA H 16 /ractical Grep Co!!and
I-a!ples
+he /ower of J Co!!ands H Jcat, Jless, Jrep, Jdiff
I-a!ples
K Linu- Grep LM, Grep %&., Grep &L+ Lperator I-a!ples
Hack 8. 6eular 5xpression in (rep
4egular e!pressions are used to search and manipulate the te!t( based
on the patterns. /ost of the inu! commands and programming
languages use regular e!pression.
This hack e!plains how to use most fre@uently used reg.e! operators in
7rep command.
'einnin of line K L M
2n grep command( caret &ymbol T matches the e!pression at the start of
a line. 2n the following e!ample( it displays all the line which starts with
the 5o* 10. i.e "ll the messages logged on 5o*ember 10.
; rep 2N&o( 102 !essaes.1
&o( 10 01:13:66 s134 ntpd*3351,: ti!e reset O0.1KK5KG s
&o( 10 01:1K:1K s134 ntpd*3351,: synchroniPed to
LLC%L708, stratu! 10
&o( 10 01:1F:5G s134 ntpd*3351,: synchroniPed to
16.1.14.14, stratu! 4
&o( 10 14:31:3C s134 ntpd*3351,: ti!e reset O0.15CCC5 s
26
&o( 10 14:36:5C s134 ntpd*3351,: synchroniPed to
LLC%L708, stratu! 10
&o( 10 14:3C:3K s134 ntpd*3351,: synchroniPed to
16.1.14.14, stratu! 4
The T matches the e!pression in the beginning of a line( only if it is the
first character in a regular e!pression. T5 matches line beginning with
5.
5nd of the line K NM
#haracter N matches the e!pression at the end of a line. The following
command will help you to get all the lines which ends with the word
QterminatingR.
; rep 2ter!inatin.;2 !essaes
Dul 13 1K:01:0G clone!e kernel: Qernel lo dae!on
ter!inatin.
Lct 3F 0C:3G:65 clone!e kernel: Qernel lo dae!on
ter!inatin.
Crom the abo*e output you can come to know when all the kernel log
has got terminated. Sust like T matches the beginning of the line only if
it is the first character( N matches the end of the line only if it is the last
character in a regular e!pression.
Count of e#pty lines K LN M
Hsing T and N character you can find out the empty lines a*ailable in a
file. QTNR specifies empty line.
; rep #c 2N;2 !essaes anaconda.lo
!essaes:0
anaconda.lo:4
The abo*e commands displays the count of the empty lines a*ailable in
the messages and anaconda.log files.
2,
)inle Character K.M
The special meta.character Q.R 9dot; matches any character e!cept the
end of the line character. et us take the input file which has the content
as follows.
; cat input
1. first line
3. hi hello
4. hi Pello how are you
5. cello
6. aello
C. eello
K. last line
5ow let us search for a word which has any single character followed by
ello. i.e hello( cello etc.(
; rep 2.ello2 input
3. hi hello
4. hi Pello how are you
5. cello
6. aello
C. eello
2n case if you want to search for a word which has only 4 character you
can gi*e grep .w QP.R where single dot represents any single character.
Cero or #ore occurrence KEM
The special character QUR matches +ero or more occurrence of the
pre*ious character. Cor e!ample( the pattern 31U3 matches +ero or more
31V.
The following e!ample searches for a pattern Qkernel1 UR i.e kernel1 and
+ero or more occurrence of space character.
2D
; rep 2kernel: R.2 R
!essaes.5:Dul 13 1K:01:03 clone!e kernel: %C/B: /CB
interrupt for de(ice 0000:00:11.0 disa"led
!essaes.5:Lct 3F 0C:3G:5G clone!e kernel: %C/B: /S#+i!er
BL /ort: 0-100F
!essaes.5:Lct 3F 0C:41:0C "to(!FK1 kernel: sda: sda1
sda3 sda4
!essaes.5:Lct 3F 0C:41:0C "to(!FK1 kernel: sd 0:0:0:0:
%ttached scsi disk sda
.
.
2n the abo*e e!ample it matches for kernel and colon symbol followed
by any number of spacesJno space and Q.R matches any single
character.
Additional Grep Reg-Ex Examples:
Meular I-pressions in Grep Co!!and with 10 I-a!ples H
/art B
%d(anced Meular I-pressions in Grep Co!!and with 10
I-a!ples H /art BB
Hack $. 7ind Co##and
find is fre@uently used command to find files in the H52I filesystem
based on numerous conditions. et us re*iew some practice e!amples of
find command.
$ynta-: find *pathna!es, *conditions,
Ho* to find files containin a specific *ord in its na#eJ
The following command looks for all the files under Jetc directory with
mail in the filename.
2-
) find /etc #na!e 2R!ailR2
Ho* to find all the files reater than certain siBeJ
The following command will list all the files in the system greater than
100/8.
) find / #type f #siPe O100S
Ho* to find files that are not #odified in the last x
nu#ber of daysJ
The following command will list all the files that were modified more
than 60 days ago under the current directory.
) find . #!ti!e OC0
Ho* to find files that are #odified in the last x nu#ber of
daysJ
The following command will list all the files that were modified in the last
two days under the current directory.
) find . H!ti!e #3
Ho* to delete all the archi2e files *ith extension E.tar.B
and reater than 100&'J
0lease be careful while e!ecuting the following command as you don3t
want to delete the files by mistake. The best practice is to e!ecute the
same command with ls $l to make sure you know which files will get
deleted when you e!ecute the command with rm.
) find / #type f #na!e R.tar.P #siPe O100S #e-ec ls #l :@
>?
) find / #type f #na!e R.tar.P #siPe O100S #e-ec r! #f :@
>?
30
Ho* to archi2e all the files that are not #odified in the
last x nu#ber of daysJ
The following command finds all the files not modified in the last 60
days under JhomeJ6smith directory and creates an archi*e files under
Jtmp in the format of ddmmyyyyMarchi*e.tar.
) find /ho!e/Es!ith #type f #!ti!e OC0 T -ars tar #c(f
/t!p/Udate VOWdW!WYV9archi(e.tarU
Additional Find Examples:
So!!y, B found itA X 16 /ractical Linu- Yind Co!!and
I-a!ples
.addy, B found itA, 16 %weso!e Linu- Yind Co!!and
I-a!ples 7/art38
Hack 10. )uppress )tandard 8utput and 5rror
&essae
&ometime while debugging a shell script( you may not want to see either
the standard output or standard error message. Hse Jde*Jnull as shown
below for suppressing the output.
)uppress standard output usin O Pde2Pnull
This will be *ery helpful when you are debugging shell scripts( where
you don3t want to display the echo statement and interested in only
looking at the error messages.
) cat file.t-t Z /de(/null
) ./shell#script.sh Z /de(/null
31
)uppress standard error usin ,O Pde2Pnull
This is also helpful when you are interested in *iewing only the standard
output and don3t want to *iew the error messages.
) cat in(alid#file#na!e.t-t 3Z /de(/null
) ./shell#script.sh 3Z /de(/null
+ote. %ne of the most effecti*e ways to use this is in the crontab(
where you can suppress the output and error message of a cron task as
shown below.
40 1 R R R co!!and Z /de(/null 3Z=1
Hack 11. 9oin Co##and
Soin command combines lines from two files based on a common field.
2n the e!ample below( we ha*e two files $ employee.t!t and salary.t!t.
8oth ha*e employee.id as common field. &o( we can use 6oin command
to combine the data from these two files using employee.id as shown
below.
; cat e!ployee.t-t
100 Dason $!ith
300 Dohn .oe
400 $anEay Gupta
500 %shok $har!a
; cat "onus.t-t
100 ;6,000
300 ;600
400 ;4,000
500 ;1,360
32
; Eoin e!ployee.t-t "onus.t-t
100 Dason $!ith ;6,000
300 Dohn .oe ;600
400 $anEay Gupta ;4,000
500 %shok $har!a ;1,360
Hack 1,. Chane the Case
Con2ert a file to all upper<case
; cat e!ployee.t-t
100 Dason $!ith
300 Dohn .oe
400 $anEay Gupta
500 %shok $har!a
; tr a#P %#J [ e!ployee.t-t
100 D%$L& $SB+H
300 DLH& .LI
400 $%&D%Y G\/+%
500 %$HLQ $H%MS%
Con2ert a file to all lo*er<case
; cat depart!ent.t-t
100 YB&%&CI
300 S%MQI+B&G
400 /ML.\C+ .I'ILL/SI&+
500 $%LI$
33
; tr %#J a#P [ depart!ent.t-t
100 finance
300 !arketin
400 product de(elop!ent
500 sales
Hack 1-. :ars Co##and
!args is a *ery powerful command that takes output of a command and
pass it as argument of another command.
The following are some practical e!amples on how to use !args
effecti*ely.
1. =hen you are trying to delete too many files using rm( you may get
error message1 JbinJrm "rgument list too long $ inu!. Hse !args to a*oid
this problem.
find 1 #na!e ]R.lo^ #print0 T -ars #0 r! #f
2. 7et a list of all the U.conf file under JetcJ. There are different ways to
get the same result. Collowing e!ample is only to demonstrate the use of
!args. The output of the find command in this e!ample is passed to the
ls $l one by one using !args.
) find /etc #na!e 2R.conf2 T -ars ls Hl
3. 2f you ha*e a file with list of H4s that you would like to download( you
can use !args as shown below.
) cat url#list.t-t T -ars wet Hc

4. Cind out all the 6pg images and archi*e it.
34
) find / #na!e R.Ep #type f #print T -ars tar #c(Pf
i!aes.tar.P
5. #opy all the images to an e!ternal hard.dri*e.
) ls R.Ep T -ars #n1 #i cp :@ /e-ternal#hard#
dri(e/directory
Hack 10. )ort Co##and
&ort command sorts the lines of a te!t file. Collowing are se*eral
practical e!amples on how to use the sort command based on the
following sample te!t file that has employee information in the format1
e!ployee9na!e:e!ployee9id:depart!ent9na!e.
; cat na!es.t-t
I!!a +ho!as:100:Sarketin
%le- Dason:300:$ales
Sadison Mandy:400:/roduct .e(elop!ent
$anEay Gupta:500:$upport
&isha $inh:600:$ales
&ort a te!t file in ascending order
; sort na!es.t-t
&ort a te!t file in descending order
35
; sort #r na!es.t-t
&ort a colon delimited te!t file on 2nd field 9employeeMid;
; sort #t: #k 3 na!es.t-t
&ort a tab delimited te!t file on 3rd field 9departmentMname; and
suppress duplicates
; sort #t: #u #k 4 na!es.t-t
&ort the passwd file by the 3rd field 9numeric userid;
; sort #t: #k 4n /etc/passwd T !ore
root:-:0:0:root:/root:/"in/"ash
"in:-:1:1:"in:/"in:/s"in/noloin
dae!on:-:3:3:dae!on:/s"in:/s"in/noloin
ad!:-:4:5:ad!:/(ar/ad!:/s"in/noloin
36
lp:-:5:K:lp:/(ar/spool/lpd:/s"in/noloin
&ort JetcJhosts file by ip.address
; sort #t . #k 1,1n #k 3,3n #k 4,4n #k 5,5n /etc/hosts
13K.0.0.1 localhost.localdo!ain localhost
1G3.1CF.100.101 de(#d".theeekstuff.co! de(#d"
1G3.1CF.100.103 prod#d".theeekstuff.co! prod#d"
1G3.1CF.101.30 de(#we".theeekstuff.co! de(#we"
1G3.1CF.101.31 prod#we".theeekstuff.co! prod#we"
#ombine sort with other commands
ps =ef Q sort 1 &ort the output of process list
ls <al Q sort R0n 1 ist the files in the ascending order of the file.
si+e. i.e sorted by 5th filed and displaying smallest files first.
ls <al Q sort R0nr 1 ist the files in the descending order of the
file.si+e. i.e sorted by 5th filed and displaying largest files first.
Hack 13. 1ni; Co##and
Hni@ command is mostly used in combination with sort command( as
uni@ remo*es duplicates only from a sorted file. i.e 2n order for uni@ to
work( all the duplicate entries should be in the ad6acent lines. The
following are some common e!amples.
1. =hen you ha*e an employee file with duplicate entries( you can do
the following to remo*e duplicates.
; sort na!esd.t-t T uni_
; sort Hu na!esd.t-t
3,
2. 2f you want to know how many lines are duplicates( do the following.
The first field in the following e!amples indicates how many duplicates
where found for that particular line. &o( in this e!ample the lines
beginning with "le! and :mma were found twice in the namesd.t!t file.
; sort na!esd.t-t T uni_ Hc
3 %le- Dason:300:$ales
3 I!!a +ho!as:100:Sarketin
1 Sadison Mandy:400:/roduct .e(elop!ent
1 &isha $inh:600:$ales
1 $anEay Gupta:500:$upport
3. The following displays only the entries that are duplicates.
; sort na!esd.t-t T uni_ Hcd
3 %le- Dason:300:$ales
3 I!!a +ho!as:100:Sarketin
Hack 14. Cut Co##and
#ut command can be used to display only specific columns from a te!t
file or other command outputs.
The following are some of the e!amples.
)isplay the 1st field 9employee name; from a colon delimited file
; cut #d: #f 1 na!es.t-t
I!!a +ho!as
%le- Dason
Sadison Mandy
$anEay Gupta
&isha $inh
3D
)isplay 1st and 3rd field from a colon delimited file
; cut #d: #f 1,4 na!es.t-t
I!!a +ho!as:Sarketin
%le- Dason:$ales
Sadison Mandy:/roduct .e(elop!ent
$anEay Gupta:$upport
&isha $inh:$ales
)isplay only the first D characters of e*ery line in a file
; cut #c 1#F na!es.t-t
I!!a +ho
%le- Das
Sadison
$anEay G
&isha $i
/isc #ut command e!amples
cut <d. <f1 PetcPpass*d )isplays the uni! login names for all the
users in the system.
free Q tr <s S S Q sed SPL&e#PDdS Q cut <dT T <f, )isplays the
total memory a*ailable on the system.
Hack 17. )tat Co##and
&tat command can be used either to check the statusJproperties of a
single file or the filesystem.
)isplay statistics of a file or directory.
; stat /etc/!y.cnf
Yile: U/etc/!y.cnfV
3-
$iPe: 45C Blocks: 1C BL Block: 50GC reular file
.e(ice: F01h/305Gd Bnode: 3KGF6C Links: 1
%ccess: 70C55/#rw#r##r##8 \id: 70/root8 Gid: 70/root8
%ccess: 300G#01#01 03:6F:40.000000000 #0F00
Sodify: 300C#0C#01 30:53:3K.000000000 #0K00
Chane: 300K#03#03 15:1K:3K.000000000 #0F00
; stat /ho!e/ra!esh
Yile: U/ho!e/ra!eshV
$iPe: 50GC Blocks: F BL Block: 50GC
directory
.e(ice: F04h/3061d Bnode: 663150G Links: K
%ccess: 70K66/drw-r#-r#-8 \id: 7501/ra!esh8 Gid:
7501/ra!esh8
%ccess: 300G#01#01 13:1K:53.000000000 #0F00
Sodify: 300G#01#01 13:0K:44.000000000 #0F00
Chane: 300G#01#0G 13:0K:44.000000000 #0F00
)isplay the status of the filesystem using option $f
; stat #f /
Yile: 2/2
B.: 0 &a!elen: 366 +ype: e-t3/e-t4
Blocks: +otal: 36KG56K Yree: 300F03K %(aila"le:
1FKCGGF $iPe: 50GC
Bnodes: +otal: 1410K30 Yree: 1316FG3
Additional Stat Examples:
\ni- $tat Co!!and: How +o Bdentify Yile %ttri"utes
40
Hack 18. "iff Co##and
diff command compares two different files and reports the difference.
The output of the diff command is *ery cryptic and not straight forward
to read.
$ynta-: diff *options, file1 file3
>hat *as #odified in #y ne* file *hen co#pare to #y old
fileJ
The option .w in the diff command will ignore the white space while
performing the comparison.
2n the following diff output1
The lines abo*e ...( indicates the changes happened in first file in
the diff command 9i.e nameMlist.t!t;.
The lines below ...( indicates the changes happened to the
second file in the diff command 9i.e nameMlistMnew.t!t;. The lines
that belong to the first file starts with W and the lines of second
file starts with X.
) diff #w na!e9list.t-t na!e9list9new.t-t
3c3,4
[ Dohn .oe
###
Z Dohn S .oe
Z Dason Bourne
Additional Di Examples:
+op 5 Yile .ifference +ools on Linu- H .iff, Colordiff,
`diff, 'i!diff
41
'isual Yile .iff with 'i!diff H Bt .oes Sake a
.ifferenceA
Hack 1$. "isplay Total Connect Ti#e of 1sers
"c command will display the statistics about the user3s connect time.
Connect ti#e for the current loed in user
=ith the option $d( it will break down the output for the indi*idual days.
2n this e!ample( 23*e been logged in to the system for more than 6 hours
today. %n )ec 1st( 2 was logged in for about 1 hour.
; ac Hd
.ec 1 total 1.0F
.ec 3 total 0.GG
.ec 4 total 4.4G
.ec 5 total 5.60
+oday total C.10
Connect ti#e for all the users
To display connect time for all the users use $p as shown below. 0lease
note that this indicates the cumulati*e connect time for the indi*idual
users.
; ac #p
Eohn 4.C5
!adison 0.0C
sanEay FF.1K
nisha 106.G3
ra!esh 111.53
total 40G.31
42
Connect ti#e for a specific user
To get a connect time report for a specific user( e!ecute the following1
; ac #d sanEay
Dul 3 total 13.F6
%u 36 total 6.06
$ep 4 total 1.04
$ep 5 total 6.4K
.ec 35 total F.16
.ec 3G total 1.53
+oday total 3.G6
Hack ,0. 5xecute Co##ands in the
'ackround
Aou can use one of the 5 methods e!plained in this hack to e!ecute a
inu! command( or shell script in the background.
&ethod 1. 1se !
Aou can e!ecute a command 9or shell script; as a background 6ob by
appending an ampersand to the command as shown below.
; ./!y#shell#script.sh =
&ethod ,. +ohup
"fter you e!ecute a command 9or shell script; in the background using
Y( if you logout from the session( the command will get killed. To a*oid
that( you should use nohup as shown below.
; nohup ./!y#shell#script.sh =
&ethod -. )creen Co##and
"fter you e!ecute a command in the background using nohup and Y( the
command will get e!ecuted e*en after you logout. 8ut( you cannot
43
connect to the same session again to see e!actly what is happening on
the screen. To do that( you should use screen command.
inu! screen command offers the ability to detach a session that is
running some process( and then attach it at a later time. =hen you
reattach the session later( your terminals will be there e!actly in the way
you left them earlier.
&ethod 0. At Co##and
Hsing at command you can schedule a 6ob to run at a particular date
and time. Cor e!ample( to e!ecute the backup script at 10 a.m
tomorrow( do the following.
; at #f "ackup.sh 10 a! to!orrow
&ethod 3. >atch Co##and
To e!ecute a command continuously at a certain inter*al( use watch
command as shown below.
; watch df #h
Additional !ac"ground #ommand Examples:
B, Y, =, Ctrl#J H 6 I-a!ples to Sanae \ni- Backround
Do"s
\ni- &ohup: Mun a Co!!and or $hell#$cript I(en after You
Loout
$creen Co!!and I-a!ples: Get Control of Linu- / \ni-
+er!inal
at, at_, atr!, "atch Co!!ands usin G I-a!ples
44
Mepeat \ni- Co!!ands or $hell#$cripts e(ery & seconds
Hack ,1. )ed 'asics < 7ind and 6eplace 1sin
6e5x
This hack e!plains how to use sed substitute command QsR.
The Zs3 command is probably the most important in Zsed3 and has a lot
of different options.
The Zs3 command attempts to match the pattern space against the
supplied 4:7:I0[ if the match is successful( then that portion of the
pattern space which was matched is replaced with 4:0"#:/:5T.
&ynta!1
)sed V%..MI$$s/MIGIa//MI/L%CISI&+/YL%G$V filena!e
)sed V/%++IM&s/MIGIa//MI/L%CISI&+/YL%G$V filena!e
s is substitute command
J is a delimiter
4:7:I0 is regular e!pression to match
4:0"#:/:5T is a *alue to replace
C"7& can be any of the following 1
g 4eplace all the instance of 4:7:I0 with 4:0"#:/:5T
n #ould be any number(replace nth instance of the 4:7:I0 with
4:0"#:/:5T.
p 2f substitution was made( then prints the new pattern space.
i match 4:7:I0 in a case.insensiti*e manner.
w file 2f substitution was made( write out the result to the gi*en
file.
45
=e can use different delimiters 9 one of B \ [ 1 ; instead of J
et us first create thegeekstuff.t!t file that will be used in all the
e!amples mentioned below.
; cat theeekstuff.t-t
) Bnstruction Guides
1. Linu- $ysad!in, Linu- $criptin etc.
3. .ata"ases # Lracle, !y$bL etc.
4. $ecurity 7Yirewall, &etwork, Lnline $ecurity etc8
5. $torae in Linu-
6. /roducti(ity 7+oo !any technoloies to e-plore, not
!uch ti!e a(aila"le8
) %dditional Y%b$
C. ìndows# $ysad!in, re"oot etc.
)ubstitute >ord HLinuxI to HLinux<1nixI 1sin sed sPP
2n the e!ample below( in the output line Q1. inu!.Hni! &ysadmin( inu!
&cripting etcR only first inu! is replaced by inu!.Hni!. 2f no flags are
specified the first match of line is replaced.
; sed Vs/Linu-/Linu-#\ni-/V theeekstuff.t-t
1. Linu-#\ni- $ysad!in, Linu- $criptin etc.
5. $torae in Linu-#\ni-
) %dditional Y%b$
46
)ubstitute all Appearances of a >ord 1sin sed sPP
The below sed command replaces all occurrences of inu! to inu!.Hni!
using global substitution flag QgR.
; sed Vs/Linu-/Linu-#\ni-/V theeekstuff.t-t
1. Linu-#\ni- $ysad!in, Linu-#\ni- $criptin etc.
) %dditional Y%b$
)ubstitute 8nly ,nd 8ccurrence of a >ord 1sin sed sPP,
2n the e!ample below( in the output line Q1. inu! &ysadmin( inu!.Hni!
&cripting etc.R only 2nd occurrence of inu! is replaced by inu!.Hni!.
; sed Vs/Linu-/Linu-#\ni-/3V theeekstuff.t-t
1. Linu- $ysad!in, Linu-#\ni- $criptin etc.
5. $torae in Linu-
) %dditional Y%b$
5. `rite Chanes to a Yile and /rint the Chanes \sin sed
s//pw
The e!ample below has substitution with three flags. 2t substitutes all
the occurrence of inu! to inu!.Hni! and prints the substituted output
as well as written the same to the gi*en the file.
4,
; sed #n Vs/Linu-/Linu-#\ni-/pw outputV theeekstuff.t-t
; cat output
6. $u"stitute Lnly `hen the Line Satches with the /attern
\sin sed
2n this e!ample( if the line matches with the pattern Q.R( then it replaces
all the characters from Q.R with the empty.
; sed V/>#/s/>#.R//V theeekstuff.t-t
3. .ata"ases
5. $torae in Linu-
) %dditional Y%b$
C. ìndows
"elete Last : +u#ber of Characters 7ro# 5ach Line 1sin
sed
This sed e!ample deletes last 3 characters from each line.
; sed Vs/...;//V theeekstuff.t-t
) Bnstruction Gui
1. Linu- $ysad!in, Linu- $criptin e
3. .ata"ases # Lracle, !y$bL e
4. $ecurity 7Yirewall, &etwork, Lnline $ecurity e
4D
5. $torae in Li
!uch ti!e a(aila"
) %dditional Y
C. ìndows# $ysad!in, re"oot e
5li#inate Co##ents 1sin sed
)elete all the comment lines from a file as shown below using sed
command.
; sed #e Vs/).R//V theeekstuff.t-t
5. $torae in Linu-
F. Ili!inate Co!!ents and I!pty Lines \sin sed
2n the following e!ample( there are two commands separated by ][3
Cirst command replaces the lines starting with the ^ to the blank lines
&econd command deletes the empty lines.
; sed #e Vs/).R//?/N;/dV theeekstuff.t-t
5. $torae in Linu-
4-
G. Con(ert .L$ newlines 7CM/LY8 to \ni- for!at \sin sed
5li#inate HT&L Tas fro# file 1sin sed
2n this e!ample( the regular e!pression gi*en in the sed command
matches the html tags and replaces with the empty.
; sed #e Vs/[*NZ,RZ//V
+his ["Z is [/"Z an [iZe-a!ple[/iZ.
+his is an e-a!ple.
Any Questions?
.iscuss it here: $ed +utorial: Yind and Meplace +e-t
Bnside a Yile \sin MeI-
Additional Sed Su$stitution Examples:
%d(anced $ed $u"stitution I-a!ples
Hack ,,. A*k Introduction = /rint 5xa#ples
This hack e!plains the fundamental awk working methodology along
with , practical awk print e!amples.
A*k Introduction and /rintin 8perations
"wk is a programming language which allows easy manipulation of
structured data and the generation of formatted reports. "wk stands for
the names of its authors Q"ho( =einberger( and _ernighanR
50
The "wk is mostly used for pattern scanning and processing. 2t searches
one or more files to see if they contain lines that matches with the
specified patterns and then perform associated actions.
&ome of the key features of "wk are1
"wk *iews a te!t file as records and fields.
ike common programming language( "wk has *ariables(
conditionals and loops
"wk has arithmetic and string operators.
"wk can generate formatted reports
"wk reads from a file or from its standard input( and outputs to
its standard output. "wk does not get along with non.te!t files.
&ynta!1
awk V/search pattern1/ :%ctions@
/search pattern3/ :%ctions@V file
2n the abo*e awk synta!1
search pattern is a regular e!pression.
"ctions $ statement9s; to be performed.
se*eral patterns and actions are possible in "wk.
file $ 2nput file.
&ingle @uotes around program is to a*oid shell not to interpret
any of its special characters.
A*k >orkin &ethodoloy
1. "wk reads the input files one line at a time.
2. Cor each line( it matches with gi*en pattern in the gi*en order( if
matches performs the corresponding action.
3. 2f no pattern matches( no action will be performed.
4. 2n the abo*e synta!( either search pattern or action are optional(
8ut not both.
51
5. 2f the search pattern is not gi*en( then "wk performs the gi*en
actions for each line of the input.
6. 2f the action is not gi*en( print all that lines that matches with the
gi*en patterns which is the default action.
,. :mpty braces with out any action does nothing. 2t wont perform
default printing operation.
D. :ach statement in "ctions should be delimited by semicolon.
et us create employee.t!t file which has the following content( which
will be used in the e!amples mentioned below.
; cat e!ployee.t-t
100 +ho!as Sanaer $ales ;6,000
300 Dason .e(eloper +echnoloy ;6,600
400 $anEay $ysad!in +echnoloy ;K,000
500 &isha Sanaer Sarketin ;G,600
600 Mandy .B% +echnoloy ;C,000
"efault beha2ior of A*k
8y default "wk prints e*ery line from the file.
; awk V:print?@V e!ployee.t-t
2n the abo*e e!ample pattern is not gi*en. &o the actions are applicable
to all the lines.
"ction print with out any argument prints the whole line by default. &o it
prints all the lines of the file with out fail. "ctions has to be enclosed
with in the braces.
52
/rint the lines *hich #atches *ith the pattern.
; awk V/+ho!as/
Z /&isha/V e!ployee.t-t
2n the abo*e e!ample it prints all the line which matches with the
]Thomas3 or ]5isha3. 2t has two patterns. "wk accepts any number of
patterns( but each set 9patterns and its corresponding actions; has to be
separated by newline.
/rint only specific field
"wk has number of built in *ariables. Cor each record i.e line( it splits the
record delimited by whitespace character by default and stores it in the
Nn *ariables. 2f the line has 4 words( it will be stored in N1( N2( N3 and
N4. N0 represents whole line. 5C is a built in *ariable which represents
total number of fields in a record.
; awk V:print ;3,;6?@V e!ployee.t-t
+ho!as ;6,000
Dason ;6,600
$anEay ;K,000
&isha ;G,600
Mandy ;C,000
; awk V:print ;3,;&Y?@V e!ployee.t-t
+ho!as ;6,000
Dason ;6,600
$anEay ;K,000
&isha ;G,600
Mandy ;C,000
2n the abo*e e!ample N2 and N5 represents 5ame and &alary
respecti*ely. =e can get the &alary using N5C also( where N5C
represents last field. 2n the print statement ](3 is a concatenator.
53
InitialiBation and 7inal Action
"wk has two important patterns which are specified by the keyword
called 8:725 and :5).
&ynta!1
BIGB& : %ctions@
:%C+BL&@ ) %ction for e(eryline in a file
I&. : %ctions @
^ is for comments in "wk
"ctions specified in the 8:725 section will be e!ecuted before
starts reading the lines from the input.
:5) actions will be performed after completing the reading and
processing the lines from the input.
; awk VBIGB& :print
2&a!e>t.esination>t.epart!ent>t$alary2?@
Z :print ;3,2>t2,;4,2>t2,;5,2>t2,;&Y?@
Z I&.:print 2Meport Generated>n##############2?
Z @V e!ployee.t-t
&a!e .esination .epart!ent $alary
+ho!as Sanaer $ales ;6,000
Dason .e(eloper +echnoloy ;6,600
$anEay $ysad!in +echnoloy ;K,000
&isha Sanaer Sarketin ;G,600
Mandy .B% +echnoloy ;C,000
Meport Generated
##############
2n the abo*e e!ample( it prints headline and last file for the reports.
54
7ind the e#ployees *ho has e#ployee id reater than ,00
; awk V;1 Z300V e!ployee.t-t
2n the abo*e e!ample( first field 9N1; is employee id. &o if N1 is greater
than 200( then 6ust do the default print action to print the whole line.
/rint the list of e#ployees in Technoloy depart#ent
5ow department name is a*ailable as a fourth field( so need to check if
N4 matches with the string QTechnologyR( if yes print the line.
; awk V;5 1/+echnoloy/V e!ployee.t-t
%perator L is for comparing with the regular e!pressions. 2f it matches
the default action i.e print whole line will be performed.
/rint nu#ber of e#ployees in Technoloy depart#ent
The below e!ample( checks if the department is Technology( if it is yes(
in the "ction( 6ust increment the count *ariable( which was initiali+ed
with +ero in the 8:725 section.
; awk VBIGB& : count00?@
;5 1 /+echnoloy/ : countOO? @
I&. : print 2&u!"er of e!ployees in +echnoloy .ept
02,count?@V e!ployee.t-t
&u!"er of e!ployees in +ehcnoloy .ept 0 4
55
Then at the end of the process( 6ust print the *alue of count which gi*es
you the number of employees in Technology department.
Any Questions?
.iscuss it here: %wk Bntroduction +utorial H K %wk /rint
I-a!ples
Additional A%" Examples:
\nderstand %wk 'aria"les with 4 /ractical I-a!ples
F /owerful %wk Built#in 'aria"les H Y$, LY$, M$, LM$,
&M, &Y, YBLI&%SI, Y&M
K /owerful %wk Lperators I-a!ples 7\nary, Binary,
%rith!etic, $trin, %ssin!ent, Conditional, Me#I- %wk
Lperators8
%`Q %rrays I-plained with 6 /ractical I-a!ples
Hack ,-. %i# 5ditor +a2iation 7unda#entals
5a*igation is a *ital part of te!t editing. To be *ery producti*e( you
should be aware of all possible na*igation shortcuts in your editor.
This hack e!plains the following D ?i J ?im na*igation options.
1. ine na*igation
2. &creen na*igation
3. =ord na*igation
4. &pecial na*igation
5. 0aragraph na*igation
6. &earch na*igation
56
,. #ode na*igation
D. 5a*igation from command line
Line +a2iation
Collowing are the four na*igation that can be done line by line.
k $ na*igate upwards
6 $ na*igate downwards
l $ na*igate right side
h $ na*igate left side
8y using the repeat factor in ?2/ we can do this operation for 5 times.
Cor e!ample( when you want to go down by 10 lines( then type Q106R.
=ithin a line if you want to na*igate to different position( you ha*e 4
other options.
0 $ go to the starting of the current line.
T $ go to the first non blank character of the line.
N $ go to the end of the current line.
gM $ go to the last non blank character of the line.
)creen +a2iation
Collowing are the three na*igation which can be done in relation to te!t
shown in the screen.
' $ 7o to the first line of current screen.
/ $ 7o to the middle line of current screen.
$ 7o to the last line of current screen.
ctrl`f $ Sump forward one full screen.
ctrl`b $ Sump backwards one full screen
ctrl`d $ Sump forward 9down; a half screen
ctrlù $ Sump back 9up; one half screen
5,
)pecial +a2iation
Aou may want to do some special na*igation inside a file( which are1
5\ $ 7o to the 5th percentage line of the file.
57 $ 7o to the 5th line of the file.
7 $ 7o to the end of the file.
ZR $ 7o to the position where you were in 5%4/" /%): while
last closing the file.
ZT $ 7o to the position where you were in 25&:4T /%): while
last closing the file.
g $ 7o to the beginning of the file.
>ord +a2iation
Aou may want to do se*eral na*igation in relation to the words( such as1
e $ go to the end of the current word.
: $ go to the end of the current =%4).
b $ go to the pre*ious 9before; word.
8 $ go to the pre*ious 9before; =%4).
w $ go to the ne!t word.
= $ go to the ne!t =%4).
=%4) $ =%4) consists of a se@uence of non.blank characters(
separated with white space.
word $ word consists of a se@uence of letters( digits and underscores.
:!ample to show the difference between =%4) and word
1-2.16D.1.1 $ single =%4)
1-2.16D.1.1 $ se*en words.
/araraph +a2iation
5D
a $ 7o to the beginning of the current paragraph. 8y pressing
a again and again mo*e to the pre*ious paragraph beginnings.
b $ 7o to the end of the current paragraph. 8y pressing b again
and again mo*e to the ne!t paragraph end( and again.
)earch +a2iation
Ji $ &earch for a pattern which will you take you to the ne!t
occurrence of it.
Gi $ &earch for a pattern which will you take you to the pre*ious
occurrence of it.
U . 7o to the ne!t occurrence of the current word under the
cursor.
^ . 7o to the pre*ious occurrence of the current word under the
cursor.
Code +a2iation
\ $ 7o to the matching braces( or parenthesis inside code.
+a2iation fro# Co##and Line
?im `5 filename1 7o to the 5th line of the file after opening it.
(i! O10 /etc/passwd
?im `Jpattern filename1 7o to the particular pattern3s line inside the file(
first occurrence from first. 2n the following e!ample( it will open the
4:")/: file and 6ump to the first occurrence of the word QinstallR.
(i! O/install MI%.SI
?im `Gpatten filename1 7o to the particular pattern3s line inside the file(
first occurrence from last. 2n the following e!ample( it will open the
4:")/: file and 6ump to the last occurrence of the word QbugR.
(i! Oc"u MI%.SI
5-
Any Questions?
.iscuss it here: F Issential 'i! Iditor &a(iation
Yunda!entals
&ore 'im Examples:
'i! search and replace H 13 powerful find and replace
e-a!ples.
How +o add "ook!arks inside the 'i! editor
How +o record and play inside the 'i! editor
Correct spellin !istakes auto!atically inside the 'i!
Iditor
Hack ,0. Ch#od Co##and 5xa#ples
This hack e!plains how to use symbolic representation with chmod.
Collowing are the symbolic representation of three different roles1
u is for user(
g is for group(
and o is for others.
Collowing are the symbolic representation of three different permissions1
r is for read permission(
w is for write permission(
! is for e!ecute permission.

60
The following are few e!amples on how to use the symbolic
representation on chmod.
Add sinle per#ission to a filePdirectory
#hanging permission to a single set. ` symbol means adding
permission. Cor e!ample( do the following to gi*e e!ecute permission for
the user irrespecti*e of anything else1
; ch!od uO- filena!e
Add #ultiple per#ission to a filePdirectory
Hse comma to separate the multiple permission sets as shown below.
; ch!od uOr,O- filena!e
6e#o2e per#ission fro# a filePdirectory
The following e!ample remo*es read and write permission for the user.
; ch!od u#r- filena!e
Chane per#ission for all roles on a filePdirectory
The following e!ample assigns e!ecute pri*ilege to user( group and
others 9basically anybody can e!ecute this file;.
; ch!od aO- filena!e
&ake per#ission for a file sa#e as another file Kusin
referenceM
2f you want to change a file permission same as another file( use the
reference option as shown below. 2n this e!ample( file2Vs permission will
be set e!actly same as file1Vs permission.
; ch!od ##reference0file1 file3
61
Apply the per#ission to all the files under a directory
recursi2ely
Hse option .4 to change the permission recursi*ely as shown below.
; ch!od #M K66 directory#na!e/
Chane execute per#ission only on the directories Kfiles
are not affectedM
%n a particular directory if you ha*e multiple sub.directories and files(
the following command will assign e!ecute permission only to all the
sub.directories in the current directory 9not the files in the current
directory;.
; ch!od uOa R
5ote1 2f the files has e!ecute permission already for either the group or
others( the abo*e command will assign the e!ecute permission to the
user.
Any Questions?
.iscuss it here: K Ch!od Co!!and I-a!ples for Beinners
Additional chmod Examples:
Beinners Guide to Yile and .irectory /er!issions
7 u!ask, ch!od, read, write, e-ecute 8
Hack ,3. %ie* &ultiple Lo 7iles in 8ne
Ter#inal
Typically you may open multiple terminals to *iew tail .f of multiple files.
Cor e!ample( if you want to *iew "pache errorMlog and accessMlog at the
same time you may do the following in two different terminals.
62

%n one terminal1
; tail #f error9lo
%n another terminal1
; tail #f access9lo
8ut( waitc =ouldn3t it be nice if you can e!ecute multiple uni! tail
command in single terminal using one of the following methodsG
; !ulti#tail.sh error9lo access9lo
7or8
; tail #f /(ar/lo/syslo #f /(ar/lo/auth.lo
This hack e!plains two methods on how to e!ecute multiple inu! tail .f
at the same time in single terminal.
&ethod 1. Custo# )hell )cript K*ith 1nix tail co##andM
#reate the multitail.sh as shown below.
; (i !ulti#tail.sh
)A/"in/sh
) `hen this e-its, e-it all "ack round process also.
trap Vkill ;7Eo"s #p8V IaB+
) iterate throuh the each i(en file na!es,
for file in 2;<2
do
63
) show tails of each in "ackround.
tail #f ;file =
done
) wait .. until C+MLOC
wait
5ow( open multiple files using this new shell script as shown below.
; ./!ulti#tail.sh error9lo access9lo
&ethod ,. )tandard Linux tail co##and
The latest *ersion of the Hni! tail command supports multiple .f as
shown below.
; tail #f /(ar/lo/syslo #f /(ar/lo/auth.lo
Any Questions?
.iscuss it here: 4 Sethods +o 'iew tail #f output of
Sultiple Lo Yiles in Lne +er!inal
Hack ,4. Less Co##and
2 personally prefer to use less command to *iew files 9instead of opening
the file to *iew in an editor;.
ess is similar to more command( but less allows both forward and
backward mo*ements. /oreo*er( less don3t re@uire to load the whole file
before *iewing. Try opening a large log file in ?im editor and less <
you3ll see the speed difference.
64
The na*igation keys in less command are similar to ?im editor. This hack
e!plains less command na*igation and other operations which will make
you a better command line warrior.
)earch +a2iation
%nce you3*e opened a log file 9or any file; using less file.name( use the
following keys to search. 0lease note that the match will be highlighted
automatically by default.
Hse the following shortcut for the less command forward search 1
J $ search for a pattern which will take you to the ne!t
occurrence.
n $ for ne!t match in forward
5 $ for pre*ious match in backward
Hse the following shortcut for the less command backward search 1
G $ search for a pattern which will take you to the pre*ious
occurrence.
n $ for ne!t match in backward direction
5 $ for pre*ious match in forward direction
Tip1 2f you don>t bother about which direction the search is happening(
and you want to search file path( or H4( such as QJhomeJrameshJR( you
can use backward search 9Gpattern; which will be handy as you don3t
want to escape slashes each time.
$earch /ath
Bn forward: />/ho!e>/ra!esh>/
Bn "ackward: c/ho!e/ra!esh/
)creen +a2iation
Hse the following screen na*igation commands while *iewing large log
files.
#T4`C $ forward one window
65
#T4`8 $ backward one window
#T4`) $ forward half window
#T4`H $ backward half window
Line na2iation
2n a smaller chunk of data( where you want to locate particular error(
you may want to na*igate line by line using these keys1
6 $ na*igate forward by one line
k $ na*igate backward by one line
8ther +a2iations
The following are other na*igation operations that you can use inside
the less pager.
7 $ go to the end of file
g $ go to the start of file
@ or dd $ e!it the less pager
)i#ulate tail <f inside less paer = /ress 7
%nce you3*e opened a file using less command( any content that is
appended to the file after that will not be displayed automatically.
'owe*er( you can press C less command will show the status ]waiting for
data]. This is as similar to ]tail .f3.
Count #aic
&imilar to ?im editor na*igation command( you can gi*e 106 to scroll 10
lines down( or 10k to go up by 10 lines.
106 $ 10 lines forward.
10k $ 10 lines backward.
#T4`7 $ show the current file name along with line( byte and
percentage statistics.
66
8ther useful Less Co##and 8perations
* $ using the configured editor edit the current file.
h $ summary of less commands
Ypattern $ display only the matching lines( not all.
&arked na2iation
=hen you are *iewing a large log file using less command( you can mark
a particular position and return back to that place again by using that
mark.
ma $ mark the current position with the letter ]a3(
]a $ go to the marked position ]a3.
&ultiple file pain
/ethod 11 Aou can open multiple files by passing the file names as
arguments.
; less file1 file3
/ethod 21 =hile you are *iewing file1( use 1e to open the file2 as shown
below.
N less file1
:e file3
5a*igation across files1 =hen you opened more than two files 9 for e.g $
less U ;( use the following keys to na*igate between files.
1n $ go to the ne!t file.
1p $ go to the pre*ious file.
Any Questions?
6,
.iscuss it here: Less Co!!and: 10 +ips for Iffecti(e
&a(iation
Additional (ess Examples:
Lpen = 'iew 10 .ifferent Yile +ypes with Linu- Less
Co!!and
Hack ,7. >et 5xa#ples
wget utility is the best option to download files from internet. wget can
pretty much handle all comple! download situations including large file
downloads( recursi*e downloads( non.interacti*e downloads( multiple
file downloads etc.(
This hack e!plains how to use wget for *arious download scenarios using
15 awesome wget e!amples.
"o*nload )inle 7ile *ith *et
The following e!ample downloads a single file from internet and stores
in the current directory.
; wet http://www.openssK.or/repos/tar"alls/str-36#
0.G.3.1.tar."P3
=hile downloading it will show a progress bar with the following
information1
\age of download completion 9for e.g. 31\ as shown below;
Total amount of bytes downloaded so far 9for e.g. 1(213(5-2
bytes as shown below;
#urrent download speed 9for e.g. 6D.2_Js as shown below;
4emaining time to download 9for e.g. eta 34 seconds as shown
below;
6D
)ownload in progress1
0.G.3.1.tar."P3
$a(in to: Ustr-36#0.G.3.1.tar."P3.1V
41W *00000000000000000Z 1,314,6G3 CF.3Q/s eta 45s
)ownload completed1
0.G.3.1.tar."P3
$a(in to: Ustr-36#0.G.3.1.tar."P3V
100W*0000000000000000000000Z, 4,F63,4K5 KC.FQ/s in 66s
300G#0G#36 11:16:40 7CF.K QB/s8 # Ustr-36#0.G.3.1.tar."P3V
sa(ed *4F634K5/4F634K5,
"o*nload and )tore >ith a "ifferent 7ile na#e 1sin
*et <8
8y default wget will pick the filename from the last word after last
forward slash( which may not be appropriate always.
>ron. Collowing e!ample will download and store the file with name1
downloadMscript.phpGsrcMidK,,01
; wet http://www.(i!.or/scripts/download9script.phpc
src9id0KK01
:*en though the downloaded file is in +ip format( it will get stored in the
file as shown below.
; ls
download9script.phpcsrc9id0KK01
6-
Correct. To correct this issue( we can specify the output file name using
the .% option as1
; wet #L talist.Pip
http://www.(i!.or/scripts/download9script.phpcsrc9id0KK01
)pecify "o*nload )peed P "o*nload 6ate 1sin *et =
li#it<rate
=hile e!ecuting the wget( by default it will try to occupy full possible
bandwidth. This might not be acceptable when you are downloading
huge files on production ser*ers. &o( to a*oid that we can limit the
download speed using the $limit.rate as shown below.
2n the following e!ample( the download speed is limited to 200k
; wet ##li!it#rate0300k
http://www.openssK.or/repos/tar"alls/str-36#
0.G.3.1.tar."P3
Continue the Inco#plete "o*nload 1sin *et <c
4estart a download which got stopped in the middle using wget .c option
as shown below.
; wet #c http://www.openssK.or/repos/tar"alls/str-36#
0.G.3.1.tar."P3
This is *ery helpful when you ha*e initiated a *ery big file download
which got interrupted in the middle. 2nstead of starting the whole
download again( you can start the download from where it got
interrupted using option .c
+ote. 2f a download is stopped in middle( when you restart the
download again without the option .c( wget will append .1 to the
filename automatically as a file with the pre*ious name already e!ist. 2f
a file with .1 already e!ist( it will download the file with .2 at the end.
,0
"o*nload in the 'ackround 1sin *et <b
Cor a huge download( put the download in background using wget option
.b as shown below.
; wet #" http://www.openssK.or/repos/tar"alls/str-36#
0.G.3.1.tar."P3
Continuin in "ackround, pid 1GF5.
Lutput will "e written to Uwet#loV.
2t will initiate the download and gi*es back the shell prompt to you. Aou
can always check the status of the download using tail .f as shown
below.
; tail #f wet#lo
$a(in to: Ustr-36#0.G.3.1.tar."P3.5V
0Q ...... ........ ......... .......... 1W C6.6Q 6Ks
160Q .......... ............. .......... 6W FC.CQ 56s
360Q .......... ............. .......... KW 1F3S 5Cs
400Q .......... ............. .......... GW 6K.GQ 5Ks
&ask 1ser Aent and "isplay *et like 'ro*ser 1sin
*et =user<aent
&ome websites can disallow you to download its page by identifying that
the user agent is not a browser. &o you can mask the user agent by
using $user.agent options and show wget like a browser as shown below.
; wet ##user#aent02SoPilla/6.0 7a11? \? Linu- iCFC? en#
\$? r(:1.G.0.48 Gecko/300F0G351C Yirefo-/4.0.42 \ML#+L#
.L`&LL%.
Test "o*nload 16L 1sin *et =spider
=hen you are going to do scheduled download( you should check
whether download will happen fine or not at scheduled time. To do so(
copy the line e!actly from the schedule( and then add $spider option to
check.
,1
; wet ##spider .L`&LL%.#\ML
2f the H4 gi*en is correct( it will say
; wet ##spider download#url
$pider !ode ena"led. Check if re!ote file e-ists.
H++/ re_uest sent, awaitin response... 300 LQ
Lenth: unspecified *te-t/ht!l,
Me!ote file e-ists and could contain further links,
"ut recursion is disa"led ## not retrie(in.
This ensures that the downloading will get success at the scheduled
time. 8ut when you had gi*e a wrong H4( you will get the following
error.
; wet ##spider download#url
$pider !ode ena"led. Check if re!ote file e-ists.
H++/ re_uest sent, awaitin response... 505 &ot Yound
Me!ote file does not e-ist ## "roken linkAAA
Aou can use the spider option under following scenarios1
#heck before scheduling a download.
/onitoring whether a website is a*ailable or not at certain
inter*als.
#heck a list of pages from your bookmark( and find out which
pages are still e!ists.
Increase Total +u#ber of 6etry Atte#pts 1sin *et =tries
2f the internet connection has problem( and if the download file is large
there is a chance of failures in the download. 8y default wget retries 20
times to make the download successful.
,2
2f needed( you can increase retry attempts using $tries option as shown
below.
; wet ##tries0K6 .L`&LL%.#\ML
"o*nload &ultiple 7iles P 16Ls 1sin >et <i
Cirst( store all the download files or H4s in a te!t file as1
; cat Z download#file#list.t-t
\ML1
\ML3
\ML4
\ML5
5e!t( gi*e the download.file.list.t!t as argument to wget using .i option
as shown below.
; wet #i download#file#list.t-t
"o*nload a 7ull >ebsite 1sin *et =#irror
Collowing is the command line which you want to e!ecute when you
want to download a full website and made a*ailable for local *iewing.
; wet ##!irror #p ##con(ert#links #/ ./LLC%L#.BM ÌB$B+I#
\ML
$mirror 1 turn on options suitable for mirroring.
.p 1 download all files that are necessary to properly display a
gi*en 'T/ page.
$con*ert.links 1 after the download( con*ert the links in document
for local *iewing.
.0 .J%#".)24 1 sa*e all the files and directories to the specified
directory.
,3
6eUect Certain 7ile Types *hile "o*nloadin 1sin *et =
reUect
Aou ha*e found a website which is useful( but don3t want to download
the images you can specify the following.
; wet ##reEect0if ÌB$B+I#+L#BI#.L`&LL%.I.
Lo #essaes to a lo file instead of stderr 1sin *et <o
=hen you wanted the log to be redirected to a log file instead of the
terminal.
; wet #o download.lo .L`&LL%.#\ML
Guit "o*nloadin >hen it 5xceeds Certain )iBe 1sin
*et <G
=hen you want to stop download when it crosses 5 /8 you can use the
following wget command line.
; wet #b6! #i YBLI#`HBCH#H%$#\ML$
5ote1 This @uota will not get effect when you do a download a single
H4. That is irrespecti*e of the @uota si+e e*erything will get
downloaded when you specify a single file. This @uota is applicable only
for recursi*e downloads.
"o*nload 8nly Certain 7ile Types 1sin *et <r <A
Aou can use this under following situations1
)ownload all images from a website
)ownload all *ideos from a website
)ownload all 0)C files from a website
; wet #r #%.pdf http://url#to#we"pae#with#pdfs/
,4
7T/ "o*nload >ith *et
Aou can use wget to perform CT0 download as shown below.
"nonymous CT0 download using =get
; wet ftp#url
CT0 download using wget with username and password authentication.
; wet ##ftp#user0\$IM&%SI ##ftp#password0/%$$`LM.
.L`&LL%.#\ML
Any Questions?
.iscuss it here: èt .ownload Guide ìth 16 I-a!ples
,5
Chapter -. ))H Co##ands and Tips
Hack ,8. "ebu ))H Client )ession
&ometimes it is necessary to *iew debug messages to troubleshoot any
&&' connection issues. pass .* 9lowercase *; option to the ssh as shown
below to *iew the ssh debug messages.
:!ample without &&' client debug message1
; ssh #l Es!ith re!otehost.e-a!ple.co!
warnin: Connectin to re!otehost.e-a!ple.co! failed: &o
address associated to the na!e
:!ample with &&' client debug message1
; ssh #( #l Es!ith re!otehost.e-a!ple.co!
de"u: $shConfi/sshconfi.c:3F4F/ssh39parse9confi9e-t:
Setaconfi parsin stopped at line 4.
de"u:
$shConfi/sshconfi.c:C4K/ssh9confi9set9para!9(er"ose:
$ettin (aria"le ]'er"oseSode^ to ]Y%L$I^.
de"u:
$shConfi/sshconfi.c:4140/ssh9confi9read9file9e-t: Mead
1K para!s fro! confi file.
de"u: $sh3/ssh3.c:1K0K/!ain: \ser confi file not found,
usin defaults. 7Looked for
]/ho!e/Es!ith/.ssh3/ssh39confi^8
de"u: Connectin to re!otehost.e-a!ple.co!, port 33d
7$LCQ$ not used8
,6
warnin: Connectin to re!otehost.e-a!ple.co! failed: &o
address associated to the na!e
Hack ,$. Tole ))H )ession usin ))H
5scape Character
=hen you3*e logged on to the remotehost using ssh from the localhost(
you may want to come back to the localhost to perform some acti*ity
and go back to remote host again. 2n this case( you don3t need to
disconnect the ssh session to the remote host. 2nstead( follow the steps
below.
1. ogin to remotehost from localhost1
localhost; ssh #l Es!ith re!otehost
2. 5ow you are connected to the remotehost1
re!otehost;
3. To come back to the localhost temporarily( type the escape character
L and #ontrol.d.
=hen you type L you will not see that immediately on the screen until
you press W#ontrol.dX and press enter. &o( on the remotehost in a new
line enter the following key strokes for the below to work1 LW#ontrol.dX
re!otehost; )*+
*1,O $topped ssh #l Es!ith re!otehost
localhost;
4. 5ow you are back to the localhost and the ssh remotehost client
session runs as a typical H52I background 6ob( which you can check as
shown below1
,,
localhost; ,o$s
*1,O $topped ssh #l Es!ith re!otehost
5. Aou can go back to the remote host ssh without entering the password
again by bringing the background ssh remotehost session 6ob to
foreground on the localhost.
localhost; g -.
ssh #l Es!ith re!otehost
re!otehost;
Hack -0. "isplay ))H )ession )tatistics
To get some useful statistics about the current ssh session( do the
following. This works only on &&'2 client.
1. ogin to remotehost from localhost.
localhost; ssh #l Es!ith re!otehost
2. %n the remotehost( type ssh escape character L followed by s as
shown below. This will display lot of useful statistics about the current
&&' connection.
re!otehost; *Note: +he 1s is not (isi"le on the co!!and
line when you type.,
re!ote host: re!otehost
local host: localhost
re!ote (ersion: $$H#1.GG#Lpen$$H94.Gp1
local (ersion: $$H#3.0#4.3.G.1 $$H $ecure $hell
co!pressed "ytes in: 160C
unco!pressed "ytes in: 1C33
,D
co!pressed "ytes out: 5GGK
unco!pressed "ytes out: 611F
packets in: 16
packets out: 35
rekeys: 0
%lorith!s:
Chosen key e-chane alorith!: diffie#hell!an#
roup1#sha1
Chosen host key alorith!: ssh#dss
Co!!on host key alorith!s: ssh#dss,ssh#rsa
%lorith!s client to ser(er:
Cipher: aes13F#c"c
S%C: h!ac#sha1
Co!pression: Pli"
%lorith!s ser(er to client:
Cipher: aes13F#c"c
S%C: h!ac#sha1
Co!pression: Pli"
localhost;
Any /uestions?
.iscuss it here: $$H Client co!!ands
Hack -1. Chane 8pen))H )ecurity 8ptions
%pen&&' options are controlled through the JetcJsshJsshdMconfig file.
This hack e!plains the , default options in sshdMconfig file that you
should change.
,-
2n sshdMconfig( the lines that start with ^ are comments. Cor those
options that uses the default *alues( the sshdMconfig file contains a
commented line with the option and its default *alue.
This makes it easier for us( as we can see the %pen&&' option name and
the default *alue without ha*ing to lookup somewhere else.
Cor e!ample( sshdMconfig file contains the following commented line.
This indicates that the 0ubkey"uthentication option contains QyesR as
the default *alue.
; rep #i pu"key /etc/ssh/sshd9confi
)/u"key%uthentication yes
2f you like to change this( you should remo*e the comment and change
the *alue 9from yes to no; as shown below.
; (i /etc/ssh/sshd9confi
/u"key%uthentication no
2 showed the abo*e only as an e!ample. Aou don3t need to change the
default *alue of 0ubkey"uthentication option( as allowing public key
authentication is good.
Aou don3t need to modify any of the default *alues in the sshdMconfig file
e!cept the , options mentioned in this hack.
"isable 6oot Loin K/er#it6ootLoinM
8y default you can ssh to the ser*er as root. 2t is best not to allow root to
login directly to the ser*er. 2nstead( you should login to the system as
your account and then do ]su .3 to login as root.
2f you ha*e multiple sysadmins in your organi+ation( and if they all login
to the ser*er directly as root( you might not know which sysadmin
logged in as root. 2nstead( if you disable login as root( sysadmins are
D0
forced to login as their account first( before they can do ]su .3( this
makes the auditing easier.
"dd the following entry to sshdMconfig to disable root to login to the
ser*er directly.
/er!itMootLoin no
Allo* 8nly )pecific 1sers or (roups KAllo*1sers
Allo*(roupsM
8y default anybody who is authenticated successfully are allowed to
login. 2nstead you can restrict which users 9or groups; you allow to login
to the system.
This is helpful when you ha*e created se*eral user accounts on the
system( but want only few of them to login.
This is also helpful when you are using 52&( open)"0 9or some other
e!ternal system; for authentication. :*ery user in your company might
ha*e account on 52&( %pen)"0 etc. 8ut( on a specific ser*er you want
only few of them to login. Cor e!ample( on production system you want
only sysadmins to login.
"dd the following entry to the sshdMconfig file to allow only specific
users to login to the system. 2n the e!ample below only ramesh( 6ohn
and 6ason can login to this system. Hsernames should be separated by
space.
%llow\sers ra!esh Eohn Eason
"dd the following entry to the sshdMconfig file to allow only the users
who belong to a specific group to login. 2n the e!ample below only users
who belong to sysadmin and dba group can login to the system.
D1
%llowGroups sysad!in d"a
"eny )pecific 1sers or (roups K"eny1sers "eny(roupsM
2nstead of allowing specific users 9or groups;( you can also deny specific
users or groups.
"dd the following entry to the sshdMconfig file to deny specific users to
login to the system. 2n the e!ample below c*s( apache( 6ane cannot login
to this system. Hsernames should be separated by space.
.eny\sers c(s apache Eane
"dd the following entry to the sshdMconfig file to deny users who belong
to a specific group to login. 2n the e!ample below users who belong to
de*elopers and @a group cannot login to the system.
.enyGroups de(elopers _a
+ote. Aou can use combination of all the "llow and )eny directi*es. 2t is
processed in this order1 )enyHsers( "llowHsers( )eny7roups( and finally
"llow7roups
Chane ))H" /ort +u#ber K/ortM
8y default ssh runs on port 22. /ost of the attackers will check if a
ser*er is open on port 22( and will randomly use brute force to login to
the ser*er using se*eral username and password combination.
2f you change the port ^ to something different( others need to know
e!actly what port to use to login to the ser*er using ssh. The e!ample
below uses port 222 for ssh.
/ort 333
D2
Crom your logs 9J*arJlogJsecure;( if you see lot of in*alid logins using ssh
for accounts that don3t e!ist on your system( from the ip.address that
you don3t recogni+e( it might be some brute.force attack. Those kind of
ssh in*alid login will stop( if you change the port number.
0lease note that this causes little incon*enience to your team who login
to the system( as they need to know both the ip.address and the port
number.
Chane Loin (race Ti#e KLoin(raceTi#eM
=hen you ssh to a ser*er( you ha*e 2 minutes to login. 2f you don3t
successfully login within 2 minutes( ssh will disconnect.
2 minutes time to login successfully is too much. Aou should consider
changing it to 30 seconds( or may be 1 minute.
"dd the following entry to the sshdMconfig file to change the login grace
time from 2 minutes to 1 minute.
LoinGrace+i!e 1!
6estrict the Interface KI/ AddressM to Loin
KListenAddressM
2f you ha*e multiple interfaces on the ser*er that are configured to
different ip.address( you might not want e*erybody to login to the ser*er
using all those ip.address.
et us assume that you ha*e the following 4 interfaces on the ser*er1
eth0 $ 1-2.16D.10.200
eth1 $ 1-2.16D.10.201
eth2 $ 1-2.16D.10.202
eth3 $ 1-2.16D.10.203
D3
8y default ssh will listen on all of the abo*e ip.addresses. 2f you want
users to login only using ip.address 200 and 202( do the following in
your sshdMconfig
Listen%ddress 1G3.1CF.10.300
Listen%ddress 1G3.1CF.10.303
"isconnect ))H *hen no acti2ity KClientAli2eInter2alM
%nce you3*e successfully logged in to the system( you might want to get
disconnected when there are no acti*ities after ! number of minutes.
This is basically idle timeout.

2n 8ash( you can achie*e this using T/%HT *ariable.
2n %pen&&'( this can be achie*ed by combining #lient"li*e#ount/a!
and #lient"li*e2nter*al options in sshdMconfig file.
#lient"li*e#ount/a! $ This indicates the total number of
checkali*e message sent by the ssh ser*er without getting any
response from the ssh client. )efault is 3.
#lient"li*e2nter*al $ This indicates the timeout in seconds. "fter !
number of seconds( ssh ser*er will send a message to the client
asking for response. )eafult is 0 9ser*er will not send message to
client to check.;.
2f you want ssh client to e!it 9timeout; automatically after 10 minutes
9600 seconds;( modify the sshdMconfig file and set the following two
parameters as shown below.
Client%li(eBnter(al C00
Client%li(eCountSa- 0
D4
Any Questions?

.iscuss it here: K .efault Lpen$$H $ecurity Lptions that
You $hould Chane
Hack -,. Transfer All /uTT? )essions
2f you want to connect from a =indows machine to a inu! ser*er( you
need to use one of the &&' clients. 0uTTA is hands.down the best &&'
client for =indows. 2t3s light.weight with a single putty.e!e file and
nothing else to install.
2f you ha*e not used 0uTTA earlier( you may want to download 0uTTA
software from the official 0uTTA download page before e!ploring these
0uTTA tricks.
&o2e /utty sessions to another co#puter
0uTTA stores all the session information in =indows registry. %n the
source machine( e!port the 0uTTA session registry information as shown
below.
C:Z reedit /e 2WuserprofileW>desktop>putty#reistry.re2
HQIY9C\MMI&+9\$IM>$oftware>$i!ontatha!
Transfer this putty.registry.reg file from source machine to destination
machine.
%n the destination machine( import the 0uTTA &&' session registry( by
right mouse.click on the putty.registry.reg and click on ]/erge3. This will
transfer all the 0uTTA session information from one windows system to
another.
"elete All /uTT? )essions Toether
=hen you are swapping an old computer with a new computer( you may
end.up transferring all 0uTTA sessions to new computer. %nce you3*e
D5
transferred all 0uTTA sessions( e!ecute Qputty .cleanupR from the
command line as shown below.
C:Zputty #cleanup
This will display a warning message. #lick on ]Aes3 to wipe.out all 0uTTA
session and random seed files from the =indows registry. This is a better
process to delete all sa*ed 0uTTA sessions from =indows registry
instead of deleting one.by.one from the 0uTTA session list.
&ore 0u112 1ips:
+ur"ochare /u++Y with 13 /owerful %dd#Lns
10 %weso!e /u++Y +ips and +ricks You /ro"a"ly .idn^t
Qnow
I-tre!e Sakeo(er \sin /u++Y Connection Sanaer
D6
Chapter 0. "ate &anipulation
Hack --. )et )yste# "ate and Ti#e
To change the system date use1
) date :!!ddhh!iyyyy.ss@
mm $ /onth
dd $ )ate
hh $ 24 hour format
mi $ /inutes
yyyy $ Aear
ss $ seconds
Cor e!ample( to set system date to San 31st 200-( 1011- p.m( 53
seconds
) date 0141331G300G.64
Aou can also change system date using set argument as shown below.
) date 0141331G300G.64
) date OWYW!Wd #s 2300G01412
) date #s 201/41/300G 33:1G:642
) date #s 241 D%& 300G 33:1G:642
) date set0241 D%& 300G 33:1G:642
D,
To set the time only1
) date OW+ #s 233:1G:642
) date OW+Wp #s 210:1G:64/S2
Hack -0. )et Hard*are "ate and Ti#e
8efore setting the hardware date and time( make sure the %& date and
time is set appropriately as shown in pre*ious hack.

&et the hardware date and time based on the system date as shown
below1
) hwclock Hsystohc
) hwclock ##systohc Hutc
Hse hwclock without any parameter( to *iew the current hardware date
and time1
) hwclock
#heck the clock file to *erify whether the system is set for HT#1
) cat /etc/sysconfi/clock
JL&I02%!erica/Los9%neles2
\+C0false
%MC0false
DD
Hack -3. "isplay "ate and Ti#e in a )pecific
7or#at
The following are different ways of displaying the current date and time
in *arious formats1
; date
+hu Dan 1 0F:1G:34 /$+ 300G
; date ##date02now2
+hu Dan 1 0F:30:06 /$+ 300G
; date ##date02today2
+hu Dan 1 0F:30:13 /$+ 300G

; date ##date0V1GK0#01#01 00:00:01 \+C O6 hoursV OWs
1F001
; date VOCurrent .ate: W!/Wd/WyWnCurrent +i!e:WH:WS:W$V
Current .ate: 01/01/0G
Current +i!e:0F:31:51
; date O2Wd#W!#WY2
01#01#300G
; date O2Wd/W!/WY2
01/01/300G
; date O2W%,WB Wd WY2
+hursday,Danuary 01 300G
D-
The following are the different format options you can pass to the date
command1
\) date 9mmJddJyy;
\d day of month 901..31;
\m month 901..12;
\y last two digits of year 900..--;
\a locale3s abbre*iated weekday name 9&un..&at;
\" locale3s full weekday name( *ariable length
9&unday..&aturday;
\b locale3s abbre*iated month name 9San..)ec;
\8 locale3s full month name( *ariable length
9Sanuary..)ecember;
\' hour 900..23;
\2 hour 901..12;
\A year 91-,0P;
Hack -4. "isplay /ast "ate and Ti#e
The following are *arious ways to display a past date and time1
; date ##date0V4 seconds aoV
+hu Dan 1 0F:3K:00 /$+ 300G
; date ##date021 day ao2
èd .ec 41 0F:3K:14 /$+ 300F
; date ##date021 days ao2
èd .ec 41 0F:3K:1F /$+ 300F
; date ##date021 !onth ao2
Son .ec 1 0F:3K:34 /$+ 300F
-0
; date ##date021 year ao2
+ue Dan 1 0F:3K:3F /$+ 300F
; date ##date02yesterday2
èd .ec 41 0F:3K:45 /$+ 300F
; date ##date0210 !onths 3 day ao2
+hu Ye" 3F 0F:3K:51 /$+ 300F
Hack -7. "isplay 7uture "ate and Ti#e
The following e!amples shows how to display a future date and time.
; date
+hu Dan 1 0F:40:0K /$+ 300G
; date ##date0V4 secondsV
+hu Dan 1 0F:40:13 /$+ 300G
; date ##date0V5 hoursV
+hu Dan 1 13:40:1K /$+ 300G
; date ##date0Vto!orrowV
Yri Dan 3 0F:40:36 /$+ 300G
; date ##date021 day2
Yri Dan 3 0F:40:41 /$+ 300G
; date ##date021 days2
Yri Dan 3 0F:40:4F /$+ 300G
; date ##date023 days2
-1
$at Dan 4 0F:40:54 /$+ 300G
; date ##date0V1 !onthV
$un Ye" 1 0F:40:5F /$+ 300G
; date ##date0V1 weekV
+hu Dan F 0F:40:64 /$+ 300G
; date ##date023 !onths2
$un Sar 1 0F:40:6F /$+ 300G
; date ##date023 years2
$at Dan 1 0F:41:04 /$+ 3011
; date ##date02ne-t day2
Yri Dan 3 0F:41:10 /$+ 300G
; date ##date02#1 days ao2
Yri Dan 3 0F:41:16 /$+ 300G
; date ##date02this èdnesday2
èd Dan K 00:00:00 /$+ 300G
-2
Chapter 3. /)1@ /),@ /)-@ /)0 and
/68&/TAC8&&A+"
Hack -8. /)1 < "efault Interaction /ro#pt
The default interacti*e prompt on your inu! can be modified as shown
below to something useful and informati*e. 2n the following e!ample(
the default 0&1 was QOs.O*ONR( which displays the shell name and the
*ersion number. et us change this default beha*ior to display the
username( hostname and current working directory name as shown
below.
#"ash#4.3; e-port /$102>u<>h >wZ 2
ra!esh<de(#d" 1Z cd /etc/!ail
ra!esh<de(#d" /etc/!ailZ
*&ote: /ro!pt chaned to 2userna!e<hostna!e current#dirZ2
for!at,
Collowing 0&1 codes are used in this e!ample1
Ou $ Hsername
Oh $ 'ostname
Ow . Cull pathname of current directory. 0lease note that when you
are in the home directory( this will display only L as shown abo*e
5ote that there is a space at the end in the *alue of 0&1. 0ersonally( 2
prefer a space at the end of the prompt for better readability.
/ake this setting permanent by adding e!port 0&1KROuBOh OwX R to
either .bashMprofile 9or; .bashrc as shown below.
-3
ra!esh<de(#d" 1Z (i 1/."ash9profile
ra!esh<de(#d" 1Z (i 1/."ashrc
*&ote: %dd e-port /$102>u<>h >wZ 2 to one of the a"o(e
files,
Hack -$. /), < Continuation Interacti2e
/ro#pt
" *ery long command can be broken down to multiple lines by gi*ing O at
the end of the line. The default interacti*e prompt for a multi.line
command is QX Q. et us change this default beha*ior to display
Qcontinue.XR by using 0&2 en*ironment *ariable as shown below.
ra!esh<de(#d" 1Z !yisa!chk ##silent ##force ##fast
##update#state >
Z ##key9"uffer9siPe0613S ##sort9"uffer9siPe0613S >
Z ##read9"uffer9siPe05S ##write9"uffer9siPe05S >
Z /(ar/li"/!ys_l/"us/R.SYB
*Note: +his uses the default 2Z2 for continuation pro!pt,
ra!esh<de(#d" 1Z e-port /$302continue#Z 2
ra!esh<de(#d" 1Z !yisa!chk ##silent ##force ##fast
##update#state >
continue#Z ##key9"uffer9siPe0613S
##sort9"uffer9siPe0613S >
continue#Z ##read9"uffer9siPe05S ##write9"uffer9siPe05S >
continue#Z /(ar/li"/!ys_l/"us/R.SYB
*Note: +his uses the !odified 2continue#Z 2 for
continuation pro!pt,
-4
2 found it *ery helpful and easy to read( when 2 break my long
commands into multiple lines using O. 2 ha*e also seen others who don3t
like to break.up long commands.
Hack 00. /)- < /ro#pt 1sed by )elect
Co##and
Aou can define a custom prompt for the select loop inside a shell script(
using the 0&3 en*ironment *ariable( as e!plained below.
)hell script and output >ITH81T /)-.
ra!esh<de(#d" 1Z cat ps4.sh
select i in !on tue wed e-it
do
case ;i in
!on8 echo 2Sonday2??
tue8 echo 2+uesday2??
wed8 echo 2èdnesday2??
e-it8 e-it??
esac
done
ra!esh<de(#d" 1Z ./ps4.sh
18 !on
38 tue
48 wed
58 e-it
)c 1
Sonday
)c 5
-5
*Note: +his displays the default 2)c2 for select co!!and
pro!pt,
)hell script and output >ITH /)-.
/$402$elect a day 71#58: 2
select i in !on tue wed e-it
do
case ;i in
!on8 echo 2Sonday2??
tue8 echo 2+uesday2??
wed8 echo 2èdnesday2??
e-it8 e-it??
esac
done
18 !on
38 tue
48 wed
58 e-it
$elect a day 71#58: 1
Sonday
$elect a day 71#58: 5
*Note: +his displays the !odified 2$elect a day 71#58:2
for select co!!and pro!pt,
-6
Hack 01. /)0 < /ro#pt to /refix Tracin
8utput
The 0&4 shell *ariable defines the prompt that gets displayed( when you
e!ecute a shell script in debug mode 9using set .!; as shown below.
)hell script and output >ITH81T /)0.
set #-
echo 2/$5 de!o script2
ls #l /etc/ T wc #l
du #sh 1
OO echo V/$5 de!o scriptV
/$5 de!o script
OO ls #l /etc/
OO wc #l
354
OO du #sh /ho!e/ra!esh
5FQ /ho!e/ra!esh
*Note: +his displays the default 2OO2 while tracin the
output usin set #-,
)hell script and output >ITH /)0.
The 0&4 defined below in the ps4.sh has the following two codes1
N0 . indicates the name of script
N25:5% . displays the current line number within the script
-,
e-port /$50V;0.;LB&I&LO V
set #-
echo 2/$5 de!o script2
ls #l /etc/ T wc #l
du #sh 1
../ps5.sh.4O echo V/$5 de!o scriptV
/$5 de!o script
../ps5.sh.5O ls #l /etc/
../ps5.sh.5O wc #l
354
../ps5.sh.6O du #sh /ho!e/ra!esh
5FQ /ho!e/ra!esh
*Note: +his displays the !odified 2:script#na!e@.:line#
nu!"er@O2 while tracin the output usin set #-,
Hack 0,. /68&/TAC8&&A+"
8ash shell e!ecutes the content of the 04%/0TM#%//"5) 6ust before
displaying the 0&1 *ariable.
ra!esh<de(#d" 1Z e-port /MLS/+9CLSS%&.02date OWH:WS:W$2
33:0F:53
ra!esh<de(#d" 1Z
*Note: +his displays the /MLS/+9CLSS%&. and /$1 output on
different lines,
2f you want to display the *alue of 04%/0TM#%//"5) in the same line
as the 0&1( use the echo .n as shown below.
-D
ra!esh<de(#d" 1Z e-port /MLS/+9CLSS%&.02echo #n *;7date O
WH:WS:W$8,2
*33:0F:61,ra!esh<de(#d" 1Z
*Note: +his displays the /MLS/+9CLSS%&. and /$1 output on
the sa!e line,
Any Questions?
.iscuss it here: Bash $hell: +ake Control of /$1, /$3,
/$4, /$5 and /MLS/+9CLSS%&.
Hack 0-. Custo#iBe 'ash /ro#pt 1sin /)1
"isplay userna#e@ hostna#e and basena#e of directory in
the pro#pt
The 0&1 in this e!ample displays following three information in the
prompt1
Ou $ Hsername
Oh $ 'ostname
O= $ 8ase name of the current working directory
#"ash#4.3; e-port /$102>u<>h >`Z 2
ra!esh<de(#d" 1Z cd /etc/!ail
ra!esh<de(#d" !ailZ
--
"isplay current ti#e in the pro#pt
2n the 0&1 en*ironment *ariable( you can directly e!ecute any inu!
command( by specifying in the format N9linu!Mcommand;. 2n the
following e!ample( the command N9date; is e!ecuted to display the
current time inside the prompt.
ra!esh<de(#d" 1Z e-port /$102>u<>h *>;7date OWH:WS:W$8,Z 2

ra!esh<de(#d" *11:0G:6C,Z
Aou can also use Ot to display the current time in the hh1mm1ss format as
shown below1
ra!esh<de(#d" 1Z e-port /$102>u<>h *>t,Z 2
ra!esh<de(#d" *13:53:66,Z
Aou can also use OB to display the current time in 12.hour amJpm format
as shown below1
ra!esh<de(#d" 1Z e-port /$102*><, >u<>hZ 2
*05:13 /S, ra!esh<de(#d"Z
"isplay output of any co##and in the pro#pt
Aou can display output of any inu! command in the prompt. The
following e!ample displays three items separated by e 9pipe; in the
command prompt1
Oc1 The history number of the command
Oh1 hostname
NkernelM*ersion1 The output of the uname .r command from
NkernelM*ersion *ariable
ONG1 &tatus of the last command
ra!esh<de(#d" 1Z kernel9(ersion0;7una!e #r8
100
ra!esh<de(#d" 1Z e-port /$102>AT>hT;kernel9(ersionT>;cZ 2
5K4Tde(#d"T3.C.36#15.fcG.iCFCT0Z
Create your o*n pro#pt usin the a2ailable codes for /)1
2ariable
Hse the following codes and create your own personal 0&1 inu! prompt
that is functional and suites your taste.
Oa an "&#22 bell character 90,;
Od the date in Q=eekday /onth )ateR format 9e.g.( QTue /ay 26f;
O)aformatb . the format is passed to strftime93; and the result is
inserted into the prompt string[ an empty format results in a
locale.specific time representation. The braces are re@uired
Oe an "&#22 escape character 9033;
Oh the hostname up to the first part
O' the hostname
O6 the number of 6obs currently managed by the shell
Ol the basename of the shell3s terminal de*ice name
On newline
Or carriage return
Os the name of the shell( the basename of N0 9the portion
following the final slash;
Ot the current time in 24.hour ''1//1&& format
OT the current time in 12.hour ''1//1&& format
OB the current time in 12.hour amJpm format
O" the current time in 24.hour ''1// format
Ou the username of the current user
O* the *ersion of bash 9e.g.( 2.00;
O? the release of bash( *ersion ` patch le*el 9e.g.( 2.00.0;
101
Ow the current working directory( with N'%/: abbre*iated with a
tilde
O= the basename of the current working directory( with N'%/:
abbre*iated with a tilde
Oc the history number of this command
O^ the command number of this command
ON if the effecti*e H2) is 0( a ^( otherwise a N
Onnn the character corresponding to the octal number nnn
OO a backslash
Og begin a se@uence of non.printing characters( which could be
used to embed a terminal control se@uence into the prompt
Oh end a se@uence of non.printing character
1se bash shell function inside /)1 2ariable
Aou can also in*oke a bash shell function in the 0&1 as shown below.
ra!esh<de(#d" 1Z function httpdcount :
Z ps au- T rep httpd T rep #( rep T wc #l
Z @
ra!esh<de(#d" 1Z e-port /$102>u<>h *UhttpdcountU,Z 2
ra!esh<de(#d" *13,Z
*Note: +his displays the total nu!"er of runnin httpd
processes,
Aou can add the following line to your LJ.bashMprofile or LJ.bashrc to
make this change permanent1
; (i ."ash9profile
function httpdcount :
ps au- T rep httpd T rep #( rep T wc #l
102
@
e-port /$10V>u<>h *UhttpdcountU,Z V
5ote1 Aou can also use Qpgrep httpd e wc $lR instead of the Qps au! e grep
httpd e grep .* grep e wc $lR in the abo*e httpdcount function.
1se shell script inside /)1 2ariable
Aou can also in*oke a shell script inside the 0&1 *ariable. 2n the e!ample
below( the LJbinJtotalfilesi+e.sh( which calculates the total filesi+e of the
current directory( is in*oked inside the 0&1 *ariable.
ra!esh<de(#d" 1Z cat 1/"in/totalfilesiPe.sh
for filesiPe in ;7ls #l . T rep 2N#2 T awk V:print ;6@V8
do
let totalsiPe0;totalsiPeO;filesiPe
done
echo #n 2;totalsiPe2
ra!esh<de(#d" 1Z e-port /%+H0;/%+H:1/"in
ra!esh<de(#d" 1Z e-port /$102>u<>h *>;7totalfilesiPe.sh8
"ytes,Z 2
ra!esh<de(#d" *645 "ytes,Z cd /etc/!ail
ra!esh<de(#d" *1CKGGK "ytes,Z
*Note: +his e-ecutes the totalfilesiPe.sh to display the
total file siPe of the current directory in the /$1
pro!pt,
Aou can also write the LJbinJtotalfilesi+e.sh as shown below without the
for loop.
103
ra!esh<de(#d" 1Z cat 1/"in/totalfilesiPe.sh
ls #l T awk V/N#/ : su!O0;6 @ I&. : printf su! @V
Hack 00. Colorful 'ash /ro#pt 1sin /)1
Chane foreround color of the pro#pt
)isplay prompt in blue color( along with username( host and current
directory information .
Hse the following is for light blue prompt1
; e-port /$102>e*0?45!>u<>h >wZ >e*! 2
Hse the following for dark blue prompt1
; e-port /$102>e*1?45!>u<>h >wZ >e*! 2
Oeg . 2ndicates the beginning of color prompt
![ym . 2ndicates color code. Hse the color code *alues mentioned
below.
Oegm . indicates the end of color prompt
#olor #ode Table1
8lack 0[30
8lue 0[34
7reen 0[32
#yan 0[36
4ed 0[31
0urple 0[35
8rown 0[33
104
g5ote1 4eplace 0 with 1 for dark colorh
/ake the color change permanent by adding the following lines your
LJ.bashMprofile or LJ.bashrc
; (i 1/."ash9profile
$+%M+CLLLM0V>e*0?45!V?
I&.CLLLM02>e*0!2
e-port /$102;$+%M+CLLLM>u<>h >wZ ;I&.CLLLM2
Chane backround color of the pro#pt
#hange the background color by specifying Oegacodebm in the 0&1
prompt as shown below.
Hse the following for ight 7ray background1
; e-port /$102>e*5K!>u<>h >wZ >e*! 2
Co#bination of backround and foreround
Hse the following for ight 8lue foreground and ight 7ray background
; e-port /$102>e*0?45!>e*5K!>u<>h >wZ >e*! 2
"dd the following to your LJ.bashMprofile or LJ.bashrc to make the abo*e
background and foreground color permanent.
; (i 1/."ash9profile
$+%M+YGCLLLM0V>e*0?45!V?
$+%M+BGCLLLM02>e*5K!2
I&.CLLLM02>e*0!2
e-port /$102;$+%M+YGCLLLM;$+%M+BGCLLLM>u<>h >wZ ;I&.CLLLM2
0lay around by using the following background color and choose the one
that match your taste1
105
Oeg40m
Oeg41m
Oeg42m
Oeg43m
Oeg44m
Oeg45m
Oeg46m
Oeg4,m
"isplay #ultiple colors in the pro#pt
Aou can also display multiple colors in the same prompt. "dd the
following function to your LJ.bashMprofile
function pro!pt :
local BL\I02>*>044*0?45!>,2
local .%MQ9BL\I02>*>044*1?45!>,e
local MI.0e>*>044*0?41!>,e
local .%MQ9MI.0e>*>044*1?41!>,e
local &L9CLLLM0e>*>044*0!>,e
case ;+IMS in
-ter!RTr-(tR8
+B+LIB%M0^>*>044,0?>u<>h:>w>00K>,^
??
R8
+B+LIB%M0e2
??
esac
/$10e>u<>h *>t,Z e
/$10e;:+B+LIB%M@>
;BL\I>u<>h ;MI.*>t,Z;&L9CLLLM e
/$30^continue#Z ]
/$50^;0.;LB&I&LO ]
106
@
Aou can re.login for the changes to take effect or source the
.bashMprofile as shown below.
;. ./."ash9profile
; pro!pt
ra!esh<de(#d" *14:03:14,Z
Chane the pro#pt color usin tput
Aou can also change color of the 0&1 prompt using tput as shown below1
; e-port /$102>*;7tput "old8;7tput set" 58;7tput setaf
K8>,>u<>h:>w ; >*;7tput sr08>,f
tput #olor #apabilities1
tput setab g1.,h . &et a background color using "5&2 escape
tput setb g1.,h . &et a background color
tput setaf g1.,h . &et a foreground color using "5&2 escape
tput setf g1.,h . &et a foreground color
tput Te!t /ode #apabilities1
tput bold . &et bold mode
tput dim . turn on half.bright mode
tput smul . begin underline mode
tput rmul . e!it underline mode
tput re* . Turn on re*erse mode
tput smso . :nter standout mode 9bold on r!*t;
tput rmso . :!it standout mode
tput sgr0 . Turn off all attributes
10,
#olor #ode for tput1
0 $ 8lack
1 $ 4ed
2 $ 7reen
3 $ Aellow
4 $ 8lue
5 $ /agenta
6 $ #yan
, . =hite
Any Questions?
.iscuss it here: Bash $hell /$1: 10 I-a!ples to Sake
Your Linu- /ro!pt like %nelina Dolie
Additional tput Examples:
G \&Ba / Linu- tput I-a!ples: Control Your +er!inal
Color and Cursor
10D
Chapter 4. Archi2e and
Co#pression
Hack 03. Cip Co##and 'asics
Ho* to Bip #ultiple filesJ
synta-: Pip :.Pip file#na!e@ :file#na!es@
) Pip (ar#lo#files.Pip /(ar/lo/R
addin: (ar/lo/acpid 7deflated F1W8
addin: (ar/lo/anaconda.lo 7deflated KGW8
addin: (ar/lo/anaconda.syslo 7deflated K4W8
addin: (ar/lo/anaconda.-lo 7deflated F3W8
addin: (ar/lo/audit/ 7stored 0W8
addin: (ar/lo/"oot.lo 7stored 0W8
addin: (ar/lo/"oot.lo.1 7deflated 50W8
Ho* to Bip a directory and itVs files recursi2elyJ
) Pip #r (ar#lo#dir.Pip /(ar/lo/
updatin: (ar/lo/ 7stored 0W8
addin: (ar/lo/wt!p 7deflated KFW8
addin: (ar/lo/scrollkeeper.lo 7deflated G5W8
addin: (ar/lo/rp!pks.4 7deflated CFW8
addin: (ar/lo/spooler 7stored 0W8
addin: (ar/lo/cron.3 7deflated G0W8
10-
addin: (ar/lo/spooler.1 7stored 0W8
addin: (ar/lo/spooler.5 7stored 0W8
addin: (ar/lo/httpd/ 7stored 0W8
addin: (ar/lo/rp!pks.1 7deflated CFW8
addin: (ar/lo/anaconda.lo 7deflated KGW8
addin: (ar/lo/secure.3 7deflated G4W8
Ho* to unBip a E.Bip co#pressed fileJ
) unPip (ar#lo.Pip
%rchi(e: (ar#lo.Pip
inflatin: (ar/lo/acpid
inflatin: (ar/lo/anaconda.lo
inflatin: (ar/lo/anaconda.syslo
inflatin: (ar/lo/anaconda.-lo
creatin: (ar/lo/audit/
To see a detailed output during un+ip pass the $* option as shown below.
) unPip #( (ar#lo.Pip
%rchi(e: (ar#lo.Pip
Lenth Sethod $iPe Matio .ate +i!e CMC#43 &a!e
######## ###### ####### ##### #### #### ######
1G1C .efl:& 4CG F1W 03#0F#0F 15:3K e3ffdc0c
(ar/lo/acpid
1465C .efl:& 3G00 KGW 03#03#0K 15:36 45cc04a1
(ar/lo/anaconda.lo
skip..
KCF0 .efl:& 511 G6W 13#40#0F 10:66 feFKCeeG
(ar/lo/wt!p.1
110
50GF1 .efl:& K4G6 F3W 03#0F#0F 15:3F C4FCaG6e
(ar/lo/aor.0.lo
######## ####### ###
5150CGG1 3F0G33G G4W
6C files
Ho* to list a content of Bip file *ith unco#pressin itJ
) unPip #l (ar#lo.Pip
%rchi(e: (ar#lo.Pip
Lenth .ate +i!e &a!e
######## #### #### ####
1G1C 03#0F#0F 15:3K (ar/lo/acpid
1465C 03#03#0K 15:36 (ar/lo/anaconda.lo
..skip..
50GF1 03#0F#0F 15:3F (ar/lo/aor.0.lo
50GF1 03#0F#0K 15:6C (ar/lo/aor.0.lo.old
######## #######
5150CGG1 6C files
Hack 04. Cip Co##and Ad2anced
Co#pression
There are 10 le*els of compression pro*ided by +ip command.
e*el 0 is the lowest le*el( where it 6ust archi*es the file without
any compression.
e*el 1 will perform little compression. 8ut( will be *ery fast.
e*el 6 is the default le*el of compression.
111
e*el - is the ma!imum compression. This will be slower when
compared to default le*el. 2n my opinion( unless you are
compressing a huge file( you should always use le*el -.
2n the e!ample below( 2 used e*el 0( default e*el 6( and e*el -
compression on a same directory. &ee the compressed file si+e yourself.
) Pip (ar#lo#files#default.Pip /(ar/lo/R
) Pip #0 (ar#lo#files#0.Pip /(ar/lo/R
) Pip #G (ar#lo#files#G.Pip /(ar/lo/R
) ls #ltr
#rw#r##r## 1 root root 3F1K35F Dan 1 14:06
(ar#lo#files#default.Pip
#rw#r##r## 1 root root 51516401 Dan 1 14:06
(ar#lo#files#0.Pip
#rw#r##r## 1 root root 36F3C10 Dan 1 14:0C
(ar#lo#files#G.Pip
%alidate a Bip archi2e
&ometime you may want to *alidate a +ip archi*e without e!tracting it.
To test the *alidity of the +ip file( pass option $t as shown below.
) unPip #t (ar#lo.Pip
%rchi(e: (ar#lo.Pip
testin: (ar/lo/acpid LQ
testin: (ar/lo/anaconda.lo LQ
testin: (ar/lo/anaconda.syslo LQ
skip...
testin: (ar/lo/wt!p LQ
112
testin: (ar/lo/wt!p.1 LQ
testin: (ar/lo/aor.0.lo LQ
5o errors detected in compressed data of *ar.log.+ip.
Hack 07. /ass*ord /rotection of Cip files
0ass the option $0 to the +ip command to assign a password to the +ip
file.
) Pip #/ !ysecurepwd (ar#lo#protected.Pip /(ar/lo/R
The abo*e option is good if you are using the command inside a shell.
script for background 6obs. 'owe*er( when you are performing the
compression interacti*ely on the command.line( you don3t want the
password to be *isible in the history. &o( use the option $e as shown
below to assign the password.
) Pip #e (ar#lo#protected.Pip /(ar/lo/R
Inter password:
'erify password:
updatin: (ar/lo/acpid 7deflated F1W8
updatin: (ar/lo/anaconda.lo 7deflated KGW8
=hen you are uncompressing a password protected file( it will ask for
the password as shown below.
) unPip (ar#lo#protected.Pip
%rchi(e: (ar#lo#protected.Pip
*(ar#lo#protected.Pip, (ar/lo/acpid password:
Hack 08. Tar Co##and 5xa#ples
tar command 9tape archi*e; is used to con*ert a group of files into an
archi*e.
113
&ynta!1
tar *options, *tar#archi(e#na!e, *other#file#na!es,
Ho* can I create a sinle backup file of all files and
subdirectories under #y ho#e directoryJ
The following command creates a single archi*e backup file called
myMhomeMdirectory.tar under Jtmp. This archi*e will contain all the files
and subdirectories under JhomeJ6smith.
%ption c( stands for create an archi*e.
%ption * stands for *erbose mode( displays additional
information while e!ecuting the command.
%ption f indicates the archi*e file name mentioned in the
command.
) tar c(f /t!p/!y9ho!e9directory.tar /ho!e/Es!ith
Ho* do I 2ie* all the files inside the tar archi2eJ
%ption t will display all the files from the tar archi*e.
) tar t(f /t!p/!y9ho!e9directory.tar
Ho* do I extract all the files fro# a tar archi2eJ
%ption ! will e!tract the files from the tar archi*e as shown below. This
will e!tract the content to the current directory location from where the
command is e!ecuted.
) tar -(f /t!p/!y9ho!e9directory.tar
Ho* do I extract tar.B files to a specific directoryJ
) tar -(fP /t!p/!y9ho!e9directory.tar.P HC /ho!e/ra!esh
114
Additional 1ar Examples:
+he \lti!ate +ar Co!!and +utorial with 10 /ractical
I-a!ples
Hack 0$. Co#bine Bip@ bBip, *ith Tar
Ho* to use Bip *ith tarJ
"dd option + to the tar command when dealing with tar.g+ compressed
file.
) tar c(fP /t!p/!y9ho!e9directory.tar.P /ho!e/Es!ith
) tar -(fP /t!p/!y9ho!e9directory.tar.P
) tar t(fP /t!p/!y9ho!e9directory.tar.P
5ote1 Hsing g+ip is faster when compared to b+ip2.
Ho* to use bBip, *ith tarJ
"dd option 6 to the tar command when dealing with tar.b+2 compressed
file.
) tar c(fE /t!p/!y9ho!e9directory.tar."P3 /ho!e/Es!ith
) tar -(fE /t!p/!y9ho!e9directory.tar."P3
) tar t(fE /t!p/!y9ho!e9directory.tar."P3
5ote1 Hsing bi+p2 gi*es higher le*el of compression when compared to
g+ip.
115
Hack 30. 'C is 5aByD 'BE Co##and 5xa#ples
b+ip2 command is used for compression and decompression of files. The
main ad*antage of b+ip2 is the best compression si+e.
b+ip2 *s g+ip1
b+ip2 will compress better than g+ip.
&peed of b+ip2 is somewhat slower than g+ip and +ip.
b+ip2 pro*ides high rate of compression with reasonable speed.
There are se*eral inu! b+ commands a*ailable to manipulate the b+ip2
files. This hack e!plains *arious b+ commands with 6 practical e!amples.
Co#pressin a file usin bBip,
=hen you compress a file using b+ip2 command( it creates a
compressed file with U.b+2 e!tension as shown below.
; "Pip3 trace
; ls #l trace."P3
#rw#r##r## 1 root root 651CK Dan 34 300G trace."P3
)earch operation in bBip, file usin bBrep
b+grep command is used to search for a string or a pattern 9regular
e!pression; on b+ip2 compressed files.
b+grep will apply grep to data from files in the b+ip2 format without
re@uiring on.disk decompression. &o all the options of a grep command
will be applied for b+grep also.
&ynta!1
"Prep rep#options #e pattern filena!e
116
2n the below e!ample( trace.b+2 is a compressed trace file which is of
si+e 5D/.
; "Prep #i 2CL&$LLI0.R2 trace."P3
3010#10#11+0F:50:3F.100 s71CGF68: CL&$LLI0/de(/pts/0
3010#10#11+0F:50:3G.KK3 s71K0418: CL&$LLI0/de(/pts/0
3010#10#11+0F:50:6F.150 s71K0GG8: CL&$LLI0/de(/pts/0
3010#10#11+0F:51:3K.65K s71K1C58: CL&$LLI0/de(/pts/0
3010#10#11+0F:51:6K.GC3 s71K3448: CL&$LLI0/de(/pts/0
3010#10#11+0F:53:3F.4G3 s71K3G58: CL&$LLI0/de(/pts/0
3010#10#11+0F:53:6K.K31 s71K54G8: CL&$LLI0/de(/pts/0
2f b+grep is not there( you ha*e to decompress the file manually and do
a grep on that( where b+grep does this process internally and gi*es you
the re@uired output. b+egrep and b+fgrep commands will apply egrep
and fgrep operation on b+ip2 files respecti*ely.
%ie* the bBip, file usin bBcat
2f you want only to read the compressed file without decompressing it(
use the b+cat command as shown below.
; "Pcat trace."P3
0: IMM: èd $ep 33 0G:6G:53 3010:
s711164/5KK63CKKKG5C508: *chk9s_lcode.scp:G3,: .ata"ase:
LM%#01C64: una"le to e-tend ta"le L/C9L/.L/
C9HB$+9SI$$%GI$ 7LpC60#168
0: IMM: èd $ep 33 0G:6G:5K 3010:
C9HB$+9SI$$%GI$ 7LpC60#168
Metry. 7LpC61#338
.ata"ase: LM%#01C64: una"le to e-tend ta"le
L/C9L/.L/C9HB$+9SI$$%GI$ "y C5 in ta"lespace L/C9C
7LpC60#168
.
11,
.
b+cat command displays the uncompressed content into standard
output file for the users to *iew the content.
/ain bBip, co#pressed file *ith bBless ! bB#ore
b+less and b+more command allows you to *iew the content of b+ip2
compressed files page by page. b+more works on files compressed with
b+ip2 and also on uncompressed files.
; "Pless trace."P3
; "P!ore trace."P3
0: IMM: èd $ep 33 0G:6G:53 3010:
C9HB$+9SI$$%GI$ 7LpC60#168
0: IMM: èd $ep 33 0G:6G:5K 3010:
C9HB$+9SI$$%GI$ 7LpC60#168
Metry. 7LpC61#338
.ata"ase: LM%#01C64: una"le to e-tend ta"le
L/C9L/.L/C9HB$+9SI$$%GI$ "y C5 in ta"lespace L/C9C
7LpC60#168
.
.
##Sore##
Co#pare bBip, files usin bBc#p
Aou can compare two b+ip2 compressed file using b+cmp command. 2t
internally uses cmp command to compare the content of the
compressed contents. 'ere you can see the output of comparison of the
two normal files and compressed files.
11D
; c!p $yste!.t-t.001 $yste!.t-t.003
$yste!.t-t.001 $yste!.t-t.003 differ: "yte 30, line 3

; "Pc!p $yste!.t-t.001."P3 $yste!.t-t.003."P3
# /t!p/"Pdiff.cs_G4303G differ: "yte 30, line 3
7ind the difference bet*een t*o bBip, files usin bBdiff
2n inu!( diff command will compare two files and gi*e you the lowdown
on 6ust how different they are. 2f you gi*e b+2 files to diff command( it
will not be in a position to e!plain the difference.
Cor b+ip2 compressed files( b+diff command gi*es the differences of two
b+ip2 compressed files as shown below.
; "Pdiff $yste!.t-t.001."P3 $yste!.t-t.003."P3
3c3
[ 0: IMM: Son $ep 3K 13:1G:45 3010: s711164/1106F350C58:
*chk9s_lcode.scp:G3,: .ata"ase: LM%#01C65: una"le to
e-tend inde- L/C9L/.L/Ca
9%&&L9&\S "y C5 in ta"lespace L/C9B&.Ia1
###
Z 0: IMM: èd $ep 33 0G:6G:53 3010:
LM%#01C64: una"le to e-tend ta"le L/C9L/.
L/C9HB$+9SI$$%GI$ "y C5 in ta"lespace L/C9C
5,6c5
[ Metry. 7LpC61#338
[ .ata"ase: LM%#01C65: una"le to e-tend inde-
L/C9L/.L/Ca9%&&L9&\S "y C5 in ta"lespace L/C9B&.Ia1
###
Z 0: IMM: èd $ep 33 0G:6G:5K 3010:
LM%#01C64: una"le to e-tend ta"le L/C9L/.
L/C9HB$+9SI$$%GI$ "y C5 in ta"lespace L/C9C
11-
Any Questions?
.iscuss it here: "Pip3, "Prep, "Pc!p, "Pdiff, "Pcat,
"Pless, "P!ore e-a!ples
Hack 31. Cpio 5xa#ples
cpio command is used to process archi*e files 9for e!ample( U.cpio or
U.tar files;.
cpio stands for Qcopy in( copy outR.
cpio performs the following three operations.
1. #opying files to an archi*e
2. :!tracting files from an archi*e
3. 0assing files to another directory tree
cpio takes the list of files from the standard input while creating an
archi*e( and sends the output to the standard output.
Create E.cpio Archi2e 7ile
Aou can create a U.cpio archi*e that contains files and directories using
cpio .o*
; cd o"Eects
; ls
file1.o file3.o file4.o
; ls T cpio #o( Z /t!p/o"Eect.cpio
120
"s seen abo*e( the ls command passes the three ob6ect filenames to
cpio command and cpio generates the ob6ect.cpio archi*e.
5xtract E.cpio Archi2e 7ile
cpio e!tract1 To e!tract a gi*en U.cpio file( use cpio .i* as shown below.
; !kdir output
; cd output
; cpio #id( [ /t!p/o"Eect.cpio
Create E.cpio Archi2e *ith )elected 7iles
The following e!ample creates a U.cpio archi*e only with U.c files.
; find . #ina!e R.c #print T cpio #o( Z/t!p/c9files.cpio
Create E.tar Archi2e 7ile usin cpio <7
=e already know how to use the tar command effecti*ely.
)id you know that you can also use cpio command to create tar files as
shown belowG
; ls T cpio #o( #H tar #Y sa!ple.tar
"s seen abo*e( instead of redirecting the standard output you can
mention the output archi*e filename with the option .C.
5xtract E.tar Archi2e 7ile usin cpio co##and
Aou can also e!tract a tar file using cpio command as shown below.
; cpio #id( #Y sa!ple.tar
121
%ie* the content of E.tar Archi2e 7ile
To *iew the content of U.tar file( do the following.
; cpio #it #Y sa!ple.tar
Create a E.cpio Archi2e *ith the 8riinal files that a
)y#bolic Link /oints
cpio archi*e can be created with the original files that a symbolic link is
referring to as shown below.
; ls T cpio #oL( Z/t!p/test.cpio
/reser2e the 7ile &odification Ti#e *hile restorin E.cpio
The modification time of the files can be preser*ed when we are
restoring the cpio archi*e files as shown below.
; ls T cpio #o!( Z/t!p/test.cpio
Copy "irectory Tree fro# 8ne to Another
cpio allows you to copy one directory contents into another directory
without creating an intermediate archi*e. 2t reads the file list from the
standard input and pass it to the target directory.
The e!ample below copies the files and sub.directories of ob6ects
directory into JmntJout directory.
; !kdir /!nt/out
; cd o"Eects
; find . #depth T cpio #p!d( /!nt/out
2n the abo*e e!ample1
122
cpio option .p makes cpio to use pass through mode. 2ts like
piping cpio .o into cpio .i.
cpio option .d creates leading directories as needed in the target
directory.
Any Questions?
.iscuss it here: Linu- cpio I-a!ples: How to Create and
I-tract cpio %rchi(es 7and tar archi(es8
Additional cpio Examples:
How to 'iew, Sodify and Mecreate initrd.i! \sin cpio
Co!!and
123
Chapter 7. Co##and Line History
Hack 3,. 'ash Co##and Line History
5xa#ples
=hen you are using inu! command line fre@uently( using the history
effecti*ely can be a ma6or producti*ity boost. 2n fact( once you ha*e
mastered the 15 e!amples that 23*e pro*ided here( you3ll find using
command line more en6oyable and fun.
)earch the history usin ControlR6
2 strongly belie*e that this may be your most fre@uently used feature of
history. =hen you3*e already e!ecuted a *ery long command( you can
simply search history using a keyword and re.e!ecute the same
command without ha*ing to type it fully. 0ress #ontrol`4 and type the
keyword.
2n the following e!ample( 2 searched for red( which displayed the
pre*ious command Qcat JetcJredhat.releaseR in the history that
contained the word red.
) *&ote: /ress CtrlOM fro! the co!!and pro!pt, which will
display the re(erse#i#search pro!pt as shown "elow,
7re(erse#i#search8Ured]: cat /etc/redhat#release
*&ote: /ress enter when you see your co!!and, which will
e-ecute the co!!and fro! the history,
) cat /etc/redhat#release
Yedora release G 7$ulphur8
&ometimes you want to edit a command from history before e!ecuting
it. Cor e.g. you can search for httpd( which will display ser*ice httpd stop
from the command history( select this command and change the stop to
start and re.e!ecute it again as shown below.
124
) *&ote: /ress CtrlOM fro! the co!!and pro!pt, which will
display the re(erse#i#search pro!pt,
7re(erse#i#search8Uhttpd]: ser(ice httpd stop
*&ote: /ress either left arrow or riht arrow key when you
see your co!!and, which will display the co!!and for you
to edit, "efore e-ecutin it,
) ser(ice httpd start
6epeat pre2ious co##and ;uickly usin 0 different
#ethods
&ometime you may end up repeating the pre*ious commands for *arious
reasons. Collowing are the 4 different ways to repeat the last e!ecuted
command.
1. Hse the up arrow to *iew the pre*ious command and press enter
to e!ecute it.
2. Type cc and press enter from the command line
3. Type c.1 and press enter from the command line.
4. 0ress #ontrol`0 will display the pre*ious command( press enter
to e!ecute it
5xecute a specific co##and fro# history
2n the following e!ample( 2f you want to repeat the command ^4(
e!ecute c4 as shown below.
) history T !ore
1 ser(ice network restart
3 e-it
4 id
5 cat /etc/redhat#release
) A5
cat /etc/redhat#release
125
Yedora release G 7$ulphur8
5xecute pre2ious co##and that starts *ith a specific
*ord
Type c followed by the starting few letters of the command that you
would like to re.e!ecute. 2n the following e!ample( typing cps and enter(
e!ecuted the pre*ious command starting with ps( which is ]ps au! e grep
yp3.
) Aps
ps au- T rep yp
root 1CG5K 0.0 0.1 4C61C 13C5 c $l 14:10 0:00 yp"ind
Clear all the pre2ious history usin option <c
&ometime you may want to clear all the pre*ious history. 'owe*er you
may still want to keep the history mo*ing forward.
) history #c
)ubstitute *ords fro# history co##ands
=hen you are searching through history( you may want to e!ecute a
different command but use the same parameter from the command that
you3*e 6ust searched.
2n the e!ample below( the cc1N ne!t to the *i command gets the
argument from the pre*ious command to the current command.
) ls anaconda#ks.cf
anaconda#ks.cf
) (i AA:;
(i anaconda#ks.cf
126
2n the e!ample below( the cT ne!t to the *i command gets the first
argument from the pre*ious command 9i.e cp command; to the current
command 9i.e *i command;.
) cp anaconda#ks.cf anaconda#ks.cf."ak
anaconda#ks.cf
) (i AN
(i anaconda#ks.cf
)ubstitute a specific aru#ent for a specific co##and
2n the e!ample below( ccp12 searches for the pre*ious command in
history that starts with cp and takes the second argument of cp and
substitutes it for the ls .l command as shown below.
) cp 1/lonna!e.t-t /really/a/(ery/lon/path/lon#
filena!e.t-t
) ls #l Acp:3
ls #l /really/a/(ery/lon/path/lon#filena!e.t-t
2n the e!ample below( ccp1N searches for the pre*ious command in
history that starts with cp and takes the last argument 9in this case(
which is also the second argument as shown abo*e; of cp and
substitutes it for the ls .l command as shown below.
) ls #l Acp:;
ls #l /really/a/(ery/lon/path/lon#filena!e.t-t
12,
Hack 3-. History 6elated 5n2iron#ent
%ariables
"isplay TI&5)TA&/ in history usin HI)TTI&5786&AT
Typically when you type history from command line( it displays the
command^ and the command. Cor auditing purpose( it may be
beneficial to display the timestamp along with the command as shown
below.
) e-port HB$++BSIYLMS%+0^WY W+ ]

) history T !ore
1 300F#0F#06 1G:03:4G ser(ice network restart
3 300F#0F#06 1G:03:4G e-it
4 300F#0F#06 1G:03:4G id
5 300F#0F#06 1G:03:4G cat /etc/redhat#release
5ote1 Aou can also setup the following alias to *iew the recent history
commands.
alias h10Vhistory 10V
Control the total nu#ber of lines in the history usin
HI)T)IC5
"ppend the following two lines to the .bashMprofile and relogin to the
bash shell again to see the change. 2n this e!ample( only 450 command
will be stored in the bash history.
) (i 1/."ash9profile
HB$+$BJI0560
HB$+YBLI$BJI0560
12D
Chane the history file na#e usin HI)T7IL5
8y default( history is stored in LJ.bashMhistory file. "dd the following line
to the .bashMprofile and relogin to the bash shell( to store the history
command in .commandlineMwarrior file instead of .bashMhistory file. 23m
yet to figure out a practical use for this. 2 can see this getting used when
you want to track commands e!ecuted from different terminals using
different history file name.
) (i 1/."ash9profile
HB$+YBLI0/root/.co!!andline9warrior
5li#inate the continuous repeated entry fro# history
usin HI)TC8+T68L
2n the following e!ample pwd was typed three times( when you do
history( you can see all the 3 continuous occurrences of it. To eliminate
duplicates( set '2&T#%5T4% to ignoredups as shown below.
) pwd
) pwd
) pwd
) history T tail #5
55 pwd
56 pwd
5C pwd
5K history T tail #5
*Note: +here are three pwd co!!ands in history, after
e-ecutin pwd 4 ti!es as shown a"o(e,
) e-port HB$+CL&+MLL0inoredups
) pwd
12-
) pwd
) pwd

) history T tail #4
6C e-port HB$+CL&+MLL0inoredups
6K pwd
6F history T tail #5
*Note: +here is only one pwd co!!and in the history, e(en
after e-ecutin pwd 4 ti!es as shown a"o(e,
5rase duplicates across the *hole history usin
HI)TC8+T68L
The ignoredups shown abo*e remo*es duplicates only if they are
consecuti*e commands. To eliminate duplicates across the whole
history( set the '2&T#%5T4% to erasedups as shown below.
) e-port HB$+CL&+MLL0erasedups
) pwd
) ser(ice httpd stop
) history T tail #4
4F pwd
4G ser(ice httpd stop
50 history T tail #4
) ls #ltr
130
) history T tail #C
46 e-port HB$+CL&+MLL0erasedups
4C pwd
4K history T tail #4
4F ls Hltr
4G ser(ice httpd stop
50 history T tail #C
*Note: +he pre(ious ser(ice httpd stop after pwd ot
erased,
7orce history not to re#e#ber a particular co##and
usin HI)TC8+T68L
=hen you e!ecute a command( you can instruct history to ignore the
command by setting '2&T#%5T4% to ignorespace "5) typing a space
in front of the command as shown below. 2 can see lot of 6unior
sysadmins getting e!cited about this( as they can hide a command from
the history.
2t is good to understand how ignorespace works. 8ut( as a best practice(
don3t hide purposefully anything from history.
) e-port HB$+CL&+MLL0inorespace
) ls Hltr
) pwd
*Note: +here is a space at the "einnin of ser(ice, to
inore this co!!and fro! history,
) history T tail #4
131
CK ls Hltr
CF pwd
CG history T tail #4
"isable the usae of history usin HI)T)IC5
2f you want to disable history all together and don3t want bash shell to
remember the commands you3*e typed( set the '2&T&2d: to 0 as shown
below.
) e-port HB$+$BJI00
) history
) *Note: History did not display anythin,
Inore specific co##ands fro# the history usin
HI)TI(+865
&ometimes you may not want to clutter your history with basic
commands such as pwd and ls. Hse '2&T275%4: to specify all the
commands that you want to ignore from the history.
0lease note that adding ls to the '2&T275%4: ignores only ls and not ls
.l. &o( you ha*e to pro*ide the e!act command that you would like to
ignore from the history.
) e-port HB$+BG&LMI0epwd:ls:ls Hltr:e
) pwd
) ls
) ls #ltr
) history T tail #4
KG e-port HB$+BG&LMI0epwd:ls:ls #ltr:e
F0 ser(ice httpd stop
132
F1 history
*Note: History did not display pwd and ls,
Any Questions?
.iscuss it here: 16 I-a!ples +o Saster Linu- Co!!and
Line History
Hack 30. History 5xpansion 5xa#ples
Hsing history e!pansion you can pick a specific command from the
history( e!ecute it as it is( or modify it and e!ecute it based on your
needs. The c starts the history e!pansion.
DD 4epeats the pre*ious command
D10 4epeat the 10th command from the history
D<, 4epeat the 2nd command 9from the last; from the history
Dstrin 4epeat the command that starts with QstringR from the
history
DJstrin 4epeat the command that contains the word QstringR
from the history
Lstr1Lstr,L &ubstitute str1 in the pre*ious command with str2
and e!ecute it
DD.N 7ets the last argument from the pre*ious command.
Dstrin.n 7ets the nth argument from the command that starts
with QstringR from the history.
DJstrin 5xa#ple
et us assume that you>*e e!ecuted the following command at some
point and it is somewhere in the history.
; /usr/local/apache3/"in/apachectl restart
133
ater when you want to e!ecute the same command( if you try the
following it will fail because it is looking for a line that starts with
QapacheR.
; Aapache
#"ash: Aapache: e(ent not found
'owe*er if you do the following( it will look for any command that
contains the string QapacheR and e!ecute it as shown below.
; Acapache
/usr/local/apache3/"in/apachectl restart
Lstr1Lstr,L 5xa#ple
&ometimes you might check whether a file e!ists using a @uick ls
; ls /etc/sysconfi/network
%nce you *erify that the file e!ists( to *iew the content of the file using
*i( you don>t need to type the whole file name again. 2nstead do the
following( which will replace the word >ls> in the pre*ious command with
the word >*i> and e!ecute the command.
; NlsN(i
(i /etc/sysconfi/network
DD.N 5xa#ple
2n this e!ample( the following command takes a copy of the JetcJpasswd
file to the home directory as passwd.bak.
; cp /etc/passwd /ho!e/ra!esh/passwd."ak
%nce you create the backup of the file( if you want to open the backup
file( you don>t need to type the whole backup file name again. 2nstead(
134
you can use the last argument of the pre*ious command along with >*i>
; (i AA:;
(i /ho!e/ra!esh/passwd."ak
0lease note that Qc1NR is e!actly same as Qcc1NR. &o( the abo*e e!ample
can also be e!ecuted as shown below.
; (i A:;
(i /ho!e/ra!esh/passwd."ak
Dstrin.n 5xa#ple
=hen you e!ecute a command that has multiple arguments 9as shown in
the tar command e!ample below;( you can e!tract only a specific
argument from it for later use.
; tar c(fP 1/sysconfi.tar.P /etc/sysconfi/R
5ow if you want to ls the newly created tar.g+ file( you can do the
following( which will take the 2nd argument of the pre*ious tar
command.
; ls #l Atar:3
ls #l 1/sysconfi.tar
Additional !ash 3istory Expansion Examples:
16 Linu- Bash History I-pansion I-a!ples You $hould Qnow
135
Chapter 8. )yste# Ad#inistration
Tasks
Hack 33. /artition 1sin fdisk
"fter you3*e installed brand new disks on your ser*er( you ha*e to use
tools like fdisk to partition it accordingly.
Collowing are the 5 typical actions 9commands; that you can e!ecute
inside fdisk.
n $ 5ew 0artition creation
d $ )elete an e!isting partition
p . 0rint 0artition Table
w $ =rite the changes to the partition table. i.e sa*e.
@ $ iuit the fdisk utility
Create a partition
2n the following e!ample( 2 created a Jde*Jsda1 primary partition.
) dis" 4de54sda
Co!!and 7! for help8: p
.isk /de(/sda: 3FK.0 GB, 3FK006454K55 "ytes
366 heads, C4 sectors/track, 45FG4 cylinders
\nits 0 cylinders of 1C0C6 R 613 0 F3363F0 "ytes
.e(ice Boot $tart Ind Blocks Bd $yste!
Co!!and 7! for help8: n
Co!!and action
e e-tended
136
p pri!ary partition 71#58
p
/artition nu!"er 71#58: .
Yirst cylinder 71#45FG4, default 18:
\sin default (alue 1
Last cylinder or OsiPe or OsiPeS or OsiPeQ 71#45FG4,
default 45FG48:
\sin default (alue 45FG4
Co!!and 7! for help8: %
+he partition ta"le has "een alteredA
Callin ioctl78 to re#read partition ta"le.
$yncin disks.
%erify that the partition ot created successfully
) fdisk /de(/sda
Co!!and 7! for help8: p
.isk /de(/sda: 3FK.0 GB, 3FK006454K55 "ytes
366 heads, C4 sectors/track, 45FG4 cylinders
\nits 0 cylinders of 1C0C6 R 613 0 F3363F0 "ytes
.e(ice Boot $tart Ind Blocks Bd $yste!
/de(/sda1 1 45FG4 3F03KKGG1 F4 Linu-
Co!!and 7! for help8: /
13,
Additional dis" Examples:
K Linu- fdisk Co!!and I-a!ples to Sanae Hard .isk
/artition
Hack 34. 7or#at a /artition 1sin #ke,fsk
"fter partitioning the disks( it is still not ready for usage( as we need to
format the disk. "t this stage( if you try to *iew the disk information( it
will gi*e the following error message indicating that no *alid superblock
is present.
) tune3fs #l /de(/sda1
tune3fs 1.46 73F#Ye"#30058
tune3fs: Bad !aic nu!"er in super#"lock while tryin to
open /de(/sda1
CouldnVt find (alid filesyste! super"lock.
To format the disk( use mke2fs as shown below.
) !ke3fs /de(/sda1
Aou can also pass the following optional parameter to the mke2fs.
.m 0 1 reser*ed.blocks.percentage $ This indicates the
percentage of the filesystem blocks reser*ed for the root user.
)efault is 5\. 2n the following e!ample( it is set to 0.
.b 40-6 1 block.si+e specified in bytes. ?alid *alues are 1024(
204D and 40-6 bytes per block.
) !ke3fs #! 0 #" 50GC /de(/sda1
!ke3fs 1.46 73F#Ye"#30058
13D
Yilesyste! la"el0
L$ type: Linu-
Block siPe050GC 7lo038
Yra!ent siPe050GC 7lo038
306455 inodes, K00CG5GK "locks
0 "locks 70.00W8 reser(ed for the super user
Yirst data "lock00
Sa-i!u! filesyste! "locks0K14041CF
314G "lock roups
43KCF "locks per roup, 43KCF fra!ents per roup
GC inodes per roup
$uper"lock "ackups stored on "locks:
43KCF, GF405, 1C4F50, 33G4KC, 3G5G13, F1G300, FF5K4C,
1C06C43, 3C6530F, 50GC000, KGC3C35, 1134G535, 305F0000,
34FFKFK3
`ritin inode ta"les: done
`ritin super"locks and filesyste! accountin infor!ation:
done
+his filesyste! will "e auto!atically checked e(ery 43
!ounts or 1F0 days, whiche(er co!es first. \se tune3fs #c
or #i to o(erride.
The abo*e command will create an e!t2 filesystem. To create an e!t3 file
system do the following1
) !kfs.e-t4 /de(/sda1
) !ke3fs HE /de(/sda1
13-
Hack 37. &ount a /artition
"fter creating a partition and formatting( you can mount it to a mount
point.
Cirst create a directory where the partition should be mounted.
) !kdir /ho!e/data"ase
/ount the file system.
) !ount /de(/sda1 /ho!e/data"ase

To automatically mount the filesystem after the reboot( add the following
entry to the JetcJfstab
/de(/sda1 /ho!e/data"ase e-t4 defaults 0 3
Hack 38. 7ine Tune a /artition 1sin tune,fs
Hse the tune2fs $l Jde*Jsda1 to *iew the filesystem information as shown
below.
) tune3fs #l /de(/sda1
tune3fs 1.46 73F#Ye"#30058
Yilesyste! (olu!e na!e: /ho!e/data"ase
Last !ounted on: [not a(aila"leZ
Yilesyste! \\B.: f134566C#e134#1345#a"cd#
""""aaaaae11
Yilesyste! !aic nu!"er: 0-IY55
Yilesyste! re(ision ): 1 7dyna!ic8
Yilesyste! features: resiPe9inode filetype
sparse9super
.efault !ount options: 7none8
Yilesyste! state: not clean
140
Irrors "eha(ior: Continue
Yilesyste! L$ type: Linu-
Bnode count: 10G5G13
Block count: 15014FGG5
Meser(ed "lock count: 0
Yree "locks: 1CF5F5F1
Yree inodes: 1015GCG
Yirst "lock: 0
Block siPe: 305F
Yra!ent siPe: 305F
Meser(ed G.+ "locks: 613
Blocks per roup: 1C4F5
Yra!ents per roup: 1C4F5
Bnodes per roup: 13F
Bnode "locks per roup: F
Yilesyste! created: +ue Dul 1 00:0C:04 300F
Last !ount ti!e: +hu %u 31 06:6F:36 300F
Last write ti!e: Yri Dan 3 16:50:4C 300G
Sount count: 3
Sa-i!u! !ount count: 30
Last checked: +ue Dul 1 00:0C:04 300F
Check inter(al: 16663000 7C !onths8
&e-t check after: $at .ec 3K 34:0C:04 300F
Meser(ed "locks uid: 0 7user root8
Meser(ed "locks id: 0 7roup root8
Yirst inode: 11
Bnode siPe: 13F
.efault directory hash: tea
.irectory Hash $eed: 13456F3G#134C#5134#Gaaa#
ccccc1343G3"
141
Aou can also use the tune2fs to tune the e!2Je!t3 filesystem parameter.
Cor e!ample( if you want to change the Cilesystem *olume name( you
can do it as shown below.
) tune3fs #l /de(/sda1 T rep (olu!e
Yilesyste! (olu!e na!e: /ho!e/data"ase
) tune3fs #L data"ase#ho!e /de(/e!cpowera1
tune3fs 1.46 73F#Ye"#30058
) tune3fs #l /de(/sda1 T rep (olu!e
Yilesyste! (olu!e na!e: data"ase#ho!e
Hack 3$. Create a )*ap 7ile )yste#
#reate a file for swap usage as shown below.
) dd if0/de(/Pero of0/ho!e/swap#fs "s01S count0613
613O0 records in
613O0 records out
) ls #l /ho!e/swap#fs
#rw#r##r## 1 root root 64CFK0G13 Dan 3 34:14 /ho!e/swap#
fs
Hse mkswap to setup a inu! swap area in the JhomeJswap.fs file that
was created abo*e.
) !kswap /ho!e/swap#fs
&etting up swapspace *ersion 1( si+e K 536D66 k8
%nce the file is created and has been setup for inu! swap area( it is
time to enable the swap using swapon as shown below.
142
) swapon /ho!e/swap#fs
"dd the following line to JetcJfstab and reboot the system for the swap
to take into effect.
/ho!e/swap#fs swap swap defaults 0 0
Additional S%ap Examples:
3 àys to %dd $wap $pace \sin dd, !kswap and swapon
Hack 40. Create a +e* 1ser
Add a ne* user = 'asic #ethod
&pecify only the user name.
) useradd Es!ith
Add a ne* user *ith additional /ara#eter
Aou can also specify the following parameter to the useradd
.c 1 )escription about the user.
.e 1 e!piry date of the user in mmJddJyy format
) adduser #c 2Dohn $!ith # Lracle .e(eloper2 #e 13/41/0G
Es!ith
?erify that the user got added successfully.
) rep Es!ith /etc/passwd
Es!ith:-:610:610:Dohn $!ith # Lracle
.e(eloper:/ho!e/Es!ith:/"in/"ash
143
Chane the user pass*ord
) passwd Es!ith
Chanin password for user Es!ith.
&ew \&Ba password:
B%. /%$$`LM.: it is "ased on a dictionary word
Metype new \&Ba password:
passwd: all authentication tokens updated successfully.
Ho* to identify the default 2alues used by useraddJ
Collowing are the default *alues that will be used when an user is
created.
) useradd H.
GML\/0100
HLSI0/ho!e
B&%C+B'I0#1
Ia/BMI0
$HILL0/"in/"ash
$QIL0/etc/skel
Additional 6ser #reation Examples:
+he \lti!ate Guide to Create \sers in Linu- / \ni-
+he \lti!ate Guide for Creatin $tron /asswords
144
Hack 41. Create a +e* (roup
Create a ne* de2eloper roup
) roupadd de(elopers
?alidate that the group was created successfully.
) rep de(eloper /etc/roup
de(elopers:-:611:
Add an user to an existin roup
Aou cannot use useradd to modify an e!isting user( as you3ll get the
following error message.
) useradd #G de(elopers Es!ith
useradd: user Es!ith e-ists

) user!od # de(elopers Es!ith
%alidate the users roup *as #odified successfully
) rep Es!ith /etc/passwd
Es!ith:-:610:611:Lracle .e(eloper:/ho!e/Es!ith:/"in/"ash
) id Es!ith
uid06107Es!ith8 id06117de(elopers8 roups06117de(elopers8
) rep Es!ith /etc/roup
Es!ith:-:610:
de(elopers:-:611:Es!ith
145
Hack 4,. )etup ))H /ass*ordless Loin in
8pen))H
Aou can login to a remote inu! ser*er without entering password in 3
simple steps using ssky.keygen and ssh.copy.id as e!plained in this
e!ample.
ssh.keygen creates the public and pri*ate keys. ssh.copy.id copies the
local.host3s public key to the remote.host3s authori+edMkeys file. ssh.
copy.id also assigns proper permission to the remote.host3s home(
LJ.ssh( and LJ.sshJauthori+edMkeys.
)tep 1. Create public and pri2ate keys usin ssh<key<en
on local<host
Es!ith<local#host; ssh#keyen
Generatin pu"lic/pri(ate rsa key pair.
Inter file in which to sa(e the key
7/ho!e/Es!ith/.ssh/id9rsa8:*Inter key,
Inter passphrase 7e!pty for no passphrase8: */ress enter
key,
Inter sa!e passphrase aain: */ess enter key,
Your identification has "een sa(ed in
/ho!e/Es!ith/.ssh/id9rsa.
Your pu"lic key has "een sa(ed in
/ho!e/Es!ith/.ssh/id9rsa.pu".
+he key finerprint is:
44:"4:fe:af:G6:G6:1F:11:41:d6:de:GC:3f:f3:46:fG
Es!ith<local#host
)tep ,. Copy the public key to re#ote<host usin ssh<
copy<id
Es!ith<local#host; ssh#copy#id #i 1/.ssh/id9rsa.pu"
re!ote#host
Es!ith<re!ote#host^s password:
146
&ow try loin into the !achine, with fssh ]re!ote#
hostê, and check in:
.ssh/authoriPed9keys to !ake sure we ha(en^t added e-tra
keys that you weren^t e-pectin.
+ote. ssh.copy.id appends the keys to the remote.host3s
.sshJauthori+edMkey.
)tep -. Loin to re#ote<host *ithout enterin the
pass*ord
Es!ith<local#host; ssh re!ote#host
Last loin: $un &o( 1C 1K:33:44 300F fro! 1G3.1CF.1.3
*Note: $$H did not ask for password.,
Es!ith<re!ote#host; *Note: You are on re!ote#host here,
Any Questions?
.iscuss it here: 4 $teps to /erfor! $$H Loin ìthout
/assword \sin ssh#keyen = ssh#copy#id
Hack 4-. 1se ssh<copy<id Alon >ith ssh<
aent
1sin ssh<copy<id alon *ith the ssh<addPssh<aent
=hen no *alue is passed for the option .i and 2f LJ.sshJidentity.pub is not
a*ailable( ssh.copy.id will display the following error message.
Es!ith<local#host; ssh#copy#id #i re!ote#host
14,
/usr/"in/ssh#copy#id: IMMLM: &o identities found
2f you ha*e loaded keys to the ssh.agent using the ssh.add( then ssh.
copy.id will get the keys from the ssh.agent to copy to the remote.host.
i.e( it copies the keys pro*ided by ssh.add . command to the remote.
host( when you don3t pass option .i to the ssh.copy.id.
Es!ith<local#host; ssh#aent ;$HILL
Es!ith<local#host; ssh#add #L
+he aent has no identities.
Es!ith<local#host; ssh#add
Bdentity added: /ho!e/Es!ith/.ssh/id9rsa
7/ho!e/Es!ith/.ssh/id9rsa8
Es!ith<local#host; ssh#add #L
ssh#rsa
%%%%B4&PaC1yc3I%%%%BBw%%%bI%sDBIBL-ftEFa$-Sa4dFtCD(SKG.
aHrt/h+Yp_KkBIS\&P%pny-sHpH1tb/Lw00
/ho!e/Es!ith/.ssh/id9rsa
Es!ith<local#host; ssh#copy#id #i re!ote#host
Es!ith<re!ote#host^s password:
&ow try loin into the !achine, with fssh ]re!ote#
hostê, and check in: .ssh/authoriPed9keys to !ake sure we
ha(en^t added e-tra keys that you weren^t e-pectin.
*Note: +his has added the key displayed "y ssh#add #L,
Three &inor Annoyances of ssh<copy<id
Collowing are few minor annoyances of the ssh.copy.id.
1. "efault public key. ssh.copy.id uses LJ.sshJidentity.pub as the
default public key file 9i.e when no *alue is passed to option .i;.
2nstead( 2 wish it uses idMdsa.pub( or idMrsa.pub( or identity.pub as
default keys. i.e 2f any one of them e!ist( it should copy that to
14D
the remote.host. 2f two or three of them e!ist( it should copy
identity.pub as default.
2. The aent has no identities. =hen the ssh.agent is running
and the ssh.add . returns QThe agent has no identitiesR 9i.e no
keys are added to the ssh.agent;( the ssh.copy.id will still copy
the message QThe agent has no identitiesR to the remote.host3s
authori+edMkeys entry.
3. "uplicate entry in authoriBedAkeys. 2 wish ssh.copy.id
*alidates duplicate entry on the remote.host3s authori+edMkeys. 2f
you e!ecute ssh.copy.id multiple times on the local.host( it will
keep appending the same key on the remote.host3s
authori+edMkeys file without checking for duplicates. :*en with
duplicate entries e*erything works as e!pected. 8ut( 2 would like
to ha*e my authori+edMkeys file clutter free.
Hack 40. Crontab 5xa#ples
Hsing cron you can e!ecute a shell.script or inu! commands at a
specific time and date. Cor e!ample a sysadmin can schedule a backup
6ob that can run e*ery day.
Ho* to add a Uob to the cronJ
) cronta" He
0 6 R R R /root/"in/"ackup.sh
This will e!ecute JrootJbinJbackup.sh at 5 a.m e*ery day.
"escription of Cron fields
Collowing is the format of the crontab file.
:!inute@ :hour@ :day#of#!onth@ :!onth@ :day#of#week@
:full#path#to#shell#script@
minute1 "llowed range 0 $ 5-
hour1 "llowed range 0 $ 23
day.of.month1 "llowed range 0 $ 31
14-
month1 "llowed range 1 $ 12. 1 K Sanuary. 12 K )ecember.
)ay.of.week1 "llowed range 0 $ ,. &unday is either 0 or ,.
Crontab exa#ples
1. 4un at 12101 a.m. 1 minute after midnight e*eryday. This is a good
time to run backup when the system is not under load.
1 0 R R R /root/"in/"ackup.sh
2. 4un backup e*ery weekday 9/on $ Cri; at 1115- p.m.
6G 11 R R 1,3,4,5,6 /root/"in/"ackup.sh
Collowing will also do the same.
6G 11 R R 1#6 /root/"in/"ackup.sh
3. :!ecute the command e*ery 5 minutes.
R/6 R R R R /root/"in/check#status.sh
4. :!ecute at 1110 p.m on 1st of e*ery month
10 14 1 R R /root/"in/full#"ackup.sh
5. :!ecute 11 p.m on weekdays.
0 34 R R 1#6 /root/"in/incre!ental#"ackup.sh
Crontab 8ptions
The following are the a*ailable options with crontab1
crontab $e 1 :dit the crontab file. This will create a crontab( if it
doesn3t e!ist
150
crontab $l 1 )isplay the crontab file.
crontab .r 1 4emo*e the crontab file.
crontab .ir 1 This will prompt user before deleting a crontab.
Additional #ron Examples:
Linu- Cronta": 16 %weso!e Cron Do" I-a!ples
How to Mun Cron I(ery 6 Sinutes, $econds, Hours, .ays,
Sonths
Cron 's %nacron: How to $etup %nacron on Linu- 7ìth an
I-a!ple8
Hack 43. )afe 6eboot 8f Linux 1sin &aic
)ys6; Fey
The magic &ys4@ key is a key combination in the inu! kernel which
allows the user to perform *arious low le*el commands regardless of the
system3s state.
2t is often used to reco*er from free+es( or to reboot a computer without
corrupting the filesystem. The key combination consists of
"lt`&ys4@`commandkey. 2n many systems the &ys4@ key is the
printscreen key.
Cirst( you need to enable the &ys4@ key( as shown below.
echo 212 Z /proc/sys/kernel/sysr_
List of )ys6; Co##and Feys
The following are the command keys a*ailable for
"lt`&ys4@`commandkey1
151
]k3 $ _ills all the process running on the current *irtual console.
3s3 $ This will attempt to sync all the mounted file system.
]b3 . 2mmediately reboot the system( without unmounting
partitions or syncing.
]e3 $ &ends &27T:4/ to all process e!cept init.
]m3 $ %utput current memory information to the console.
]i3 . &end the &27_2 signal to all processes e!cept init
]r3 . &witch the keyboard from raw mode 9the mode used by
programs such as I11;( to I"T: mode.
3s3 $ sync all mounted file system.
]t3 . %utput a list of current tasks and their information to the
console.
]u3 . 4emount all mounted filesystems in readonly mode.
]o3 $ &hutdown the system immediately.
]p3 $ 0rint the current registers and flags to the console.
]0.-V . &ets the console log le*el( controlling which kernel
messages will be printed to your console.
]f3 . =ill call oomMkill to kill process which takes more memory.
]h3 $ Hsed to display the help. 8ut any other keys than the abo*e
listed will print help.
=e can also do this by echoing the keys to the JprocJsysr@.trigger file.
Cor e!ample( to re.boot a system you can perform the following.
echo 2"2 Z /proc/sysr_#trier
/erfor# a )afe reboot of Linux usin &aic )ys6; Fey
To perform a safe reboot of a inu! computer which hangs up( do the
following. This will a*oid the fsck during the ne!t re.booting. i.e 0ress
"lt`&ys4@`letter highlighted below.
un6aw 9take control of keyboard back from I11;
t5rminate 9send &27T:4/ to all processes( allowing them to
terminate gracefully;(
152
k2ll 9send &272 to all processes( forcing them to terminate
immediately;(
)ync 9flush data to disk;(
1nmount 9remount all filesystems read.only;(
re'oot.
Any Questions?
.iscuss it here: $afe Me"oot Lf Linu- \sin Saic $ysM_
Qey
Hack 44. Linux /arted Co##and 5xa#ples
0arted is a 75H utility( which is used to manipulate the hard disk
partitions.
Hsing parted( you can add( delete( and edit partitions and the file
systems located on those partitions. Aou can also clone partitions.
This hack e!plains - practical parted command e!amples.
>arnin. 0arted utility manipulates the hard disk partition table and
sa*es the changes immediately. &o( don3t delete( modify( add( or do
anything to your partition( if you don3t know what you are doing. Aou will
lose your datac There is no undo button for your rescuec
)elect the hard disk to be parted
=hen you e!ecute parted command without any argument( by default it
selects the first hard disk dri*e that is a*ailable on your system.
2n the following e!ample( it picked Jde*Jsda automatically as it is the first
hard dri*e in this system.
153
) parted
G&\ /arted 3.4
\sin /de(/sda
èlco!e to G&\ /artedA +ype VhelpV to (iew a list of
co!!ands.
7parted8
+o choose a different hard disk, use the select co!!and as
shown "elow.
7parted8 select /de(/sd"
2t will throw the following error message when it doesn3t find the gi*en
hard disk name.
Irror: Irror openin /de(/sd": &o !ediu! found
Metry/Cancelc y
"isplay all /artitions 1sin print
Hsing the print command( you can *iew all the a*ailable partitions in the
selected hard disk. The print command also displays hard disk properties
such as model( si+e( sector si+e and partition table as shown below.
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
.isk /de(/sda: 600GB
$ector siPe 7loical/physical8: 613B/50GCB
/artition +a"le: !sdos
&u!"er $tart Ind $iPe +ype Yilesyste! Ylas
1 105GkB 10CSB 106SB pri!ary fat1C dia
3 10CSB 16.FGB 16.KGB pri!ary ntfs "oot
4 16.FGB 3CCGB 361GB pri!ary ntfs
5 3CCGB 600GB 345GB e-tended
154
6 3CCGB 3CGGB 3CF3SB loical e-t5
K 3CGGB 3K0GB 635SB loical e-t5
F 3K0GB 4CCGB GC.FGB loical l(!
C 4CCGB 4K0GB 4GGGSB loical linu-#swap7(18
G 4K0GB 600GB 140GB loical e-t5
Create /ri#ary /artition in )elected H"" 1sin #kpart
mkpart command is used to create either primary or logical partition
with the &T"4T and :5) disk locations. The below e!ample creates
partition with si+e around 1578. The &T"4T and :5) points passed to
the mkpart command are in the units of /8s.
7parted8 !kpart pri!ary 10C 1C1KG
Aou can also enable boot option on a partition as shown below. inu!
reser*es 1.4 or 1.3 partition number for primary partition and the
e!tended partition starts from number 5.
7parted8 set 1 "oot on
Create Loical /artition in )elected H"" 1sin #kpart
Hse mkpart command to create a new partition of a specific si+e. This
will create the partition of a specific type such as primary( logical or
e!tended without creating the file system.
8efore creating the partition( e!ecute a print command to *iew the
current layout.
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
155
6 3CCGB 41CGB 60.0GB loical e-t5
C 41CGB 435GB KGGGSB loical linu-#swap7(18
K 435GB 455GB 30.0GB loical e-t5
F 455GB 4C5GB 30.0GB loical e-t3
Hse mkpart to create a new logical partition with 12,78 si+e as shown
below.
7parted8 !kpart loical 4K3K4K 600000
:!ecute the print command to *iew the new layout as shown below.
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
G 4K4GB 600GB 13KGB loical
156
7parted8
Create a 7ile )yste# on /artition 1sin #kfs
2f you use fdisk command to partition your hard disk( you need to e!it
the fdisk utility( and use the mkfs e!ternal program to create a file
system on the partition.
'owe*er using parted utility( you can also create filesystem. Hse the
parted3s mkfs command to create a file system on a partition. Aou
should be careful while doing this( as all the e!isting data in the partition
will be lost during the file system creation. The supported filesystems in
parted are e!t2( mips( fat16( fat32( linu!.swap( reiserfs 9if libreiserfs is
installed;.
et us change the file system of partition number D 9that is shown in the
print output below; from e!t4 to e!t2 file system.
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
15,
G 4C5GB 600GB 14CGB loical e-t5
"s shown below( use the mkfs command to change the file system type
of partition number D. mkfs command will prompt you for partition
number and file system type.
7parted8 !kfs
àrnin: +he e-istin file syste! will "e destroyed and
all data on the partition will "e lost. .o you want to
continuec
Yes/&oc y
/artition nu!"erc F
Yile syste! typec *e-t3,c e-t3
:!ecute the print command again( to *erify that the file system type for
partition number D was changed to e!2.
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
G 4C5GB 600GB 14CGB loical e-t5
15D
7parted8
Create /artition and 7ilesyste# toether 1sin #kpartfs
Hsing mkpartfs parted command( you can also create a partitions with a
specific filesystem. This is similar to mkpart( but with the additional
feature of creating file system on a partition.
8efore mkpartfs following is the layout of the partitions.
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
F 455GB 4C5GB 30.0GB loical
2n the following e!ample( mkpartfs will create a new fat32 partition of
si+e 12,78.
7parted8 !kpartfs loical fat43 4K3K4K 600000
"s you see below( the partition number - is successfully created.
15-
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
G 4K4GB 600GB 13KGB loical fat43 l"a
7parted8
6esiBe /artition fro# 8ne )iBe to Another 1sin resiBe
Hsing resi+e parted command( you can increase or decrease the
partition si+e of a partition as shown in the e!ample below.
7parted8 resiPe G
$tartc *4K4GB,c 4K4GB
Indc *600GB,c 560GB
"s shown abo*e( parted command will always warn whene*er you are
attempting to do something dangerous 9i.e 1 rm( resi+e( mkfs;.
The si+e of partition - is actually reduced from 12,78 to ,,78. ?erify
that the partition is resi+ed properly using the print command as shown
below.
160
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
G 4K4GB 560GB KK.4GB loical fat43 l"a
0arted allows you to type unambiguous abbre*iation for commands like
QpR for print( QselR for select(etc.
Copy "ata fro# 8ne /artition to Another 1sin cp
The entire data from one partition can be copied to another partition
using the cp command. Aou should also remember that the content of
the destination will be deleted before copy starts. /ake sure that the
destination partition has enough si+e to hold the data from the source
partition.
Hsing the QpR command 9print; to display the current partition layout.
7parted8 p
Sodel: %+% `.C `.6000B/'+#K 7scsi8
161
G 4K4GB 560GB KK.4GB loical fat43 l"a
10 5C1GB 600GB 4G.3GB loical e-t3
2t is recommended to unmount both source and destination partition
before doing copy. 2n this e!ample we are going to copy the content
from partition D to partition 10.
The following shows the content of the corresponding partitions before
copy.
) !ount /de(/sdaF /!nt
) cd /!nt
) ls #l
total 63
#rw#r##r## 1 root root 0 3011#0G#3C 33:63 partF
#rw#r##r## 1 root root 30 3011#0G#3C 33:63 test.t-t
) u!ount /!nt
) !ount /de(/sda10 /!nt
) cd /!nt
) ls #l
total 5F
162
#rw#r##r## 1 root root 0 3011#0G#3C 33:63 part10
Hse the parted cp command to copy partition D to partition 10 as shown
below.
7parted8 cp F 10
rowin file syste!... G6W 7ti!e left 00:4F8
The following shows the content of the partition 10 after the copy. "s
you see below( the content of partition D is copied o*er 9o*erwritten; to
the partition 10.
) !ount /de(/sda10 /!nt
) cd /!nt
) ls #l
total 63
#rw#r##r## 1 root root 0 3011#0G#3C 33:63 partF
#rw#r##r## 1 root root 30 3011#0G#3C 33:63 test.t-t
5ote1 =hen you copy across partitions of different filesystem9for
e!ample src 1 e!t2 and dst 1 e!t4;( the destination partition3s file system
is actually con*erted to the file system of source partition 9i.e 1 e!t2; .
6e#o2e /artition fro# a )elected Hard "isk 1sin r#
To delete an unwanted or unused partition( use the parted rm command
and specify the partition number as shown below.
7parted8 r!
/artition nu!"erc G
7parted8
"s you see below( the partition number - is now deleted.
163
7parted8 print
Sodel: %+% `.C `.6000B/'+#K 7scsi8
Any Questions?
.iscuss it here: G Linu- /arted Co!!and I-a!ples H
!kpart, !kpartfs, resiPe partitions
Hack 47. 6sync Co##and 5xa#ples
rsync stands for remote sync.
rsync is used to perform the backup operation in H52I J inu!.
rsync utility is used to synchroni+e the files and directories from one
location to another in an effecti*e way. 8ackup location could be on local
ser*er or on remote ser*er.
164
I#portant features of rsync
)peed1 Cirst time( rsync replicates the whole content between
the source and destination directories. 5e!t time( rsync transfers
only the changed blocks or bytes to the destination location(
which makes the transfer really fast.
)ecurity1 rsync allows encryption of data using ssh protocol
during transfer.
Less 'and*idth1 rsync uses compression and decompression of
data block by block at the sending and recei*ing end
respecti*ely. &o the bandwidth used by rsync will be always less
compared to other file transfer protocols.
/ri2ilees1 5o special pri*ileges are re@uired to install and
e!ecute rsync
&ynta! 1
; rsync options source destination
&ource and destination could be either local or remote. 2n case of
remote( specify the login name( remote ser*er name and location.
)ynchroniBe T*o "irectories in a Local )er2er
To sync two directories in a local computer( use the following rsync .+*r
command.
; rsync #P(r /(ar/opt/installation/in(entory/ /root/te!p
"uildin file list ... done
s(a.-!l
s(B.-!l
.
sent 3C4F6 "ytes recei(ed 10GF "ytes 65GCC.00 "ytes/sec
total siPe is 55FCK speedup is 1.C4
2n the abo*e rsync e!ample1
165
.+ is to enable compression
.* *erbose
.r indicates recursi*e
5ow let us see the timestamp on one of the files that was copied from
source to destination. "s you see below( rsync didn3t preser*e
timestamps during sync.
; ls #l /(ar/opt/installation/in(entory/s(a.-!l
/root/te!p/s(a.-!l
#r##r##r## 1 "in "in G5G Dun 1F 300G
/(ar/opt/installation/in(entory/s(a.-!l
#r##r##r## 1 root "in G5G $ep 3 300G /root/te!p/s(a.-!l
/reser2e ti#esta#ps durin )ync usin rsync <a
rsync option .a indicates archi*e mode. .a option does the following(
4ecursi*e mode
0reser*es symbolic links
0reser*es permissions
0reser*es timestamp
0reser*es owner and group
5ow( e!ecuting the same command pro*ided in e!ample 1 98ut with the
rsync option .a; as shown below1
; rsync #aP( /(ar/opt/installation/in(entory/ /root/te!p/
./
s(a.-!l
s(B.-!l
.
sent 3C5GG "ytes recei(ed 1105 "ytes 6630C.00 "ytes/sec
total siPe is 55FCK speedup is 1.C4
166
"s you see below( rsync preser*ed timestamps during sync.
; ls #l /(ar/opt/installation/in(entory/s(a.-!l
/root/te!p/s(a.-!l
#r##r##r## 1 root "in G5G Dun 1F 300G
/(ar/opt/installation/in(entory/s(a.-!l
#r##r##r## 1 root "in G5G Dun 1F 300G
/root/te!p/s(a.-!l
)ynchroniBe 8nly 8ne 7ile
To copy only one file( specify the file name to rsync command( as shown
below.
; rsync #( /(ar/li"/rp!//u"keys /root/te!p/
/u"keys
sent 53 "ytes recei(ed 134F0 "ytes 465G.15 "ytes/sec
total siPe is 133FF speedup is 0.GG
)ynchroniBe 7iles 7ro# Local to 6e#ote
rsync allows you to synchroni+e filesJdirectories between the local and
remote system.
; rsync #a(P /root/te!p/
theeekstuff<1G3.1CF.300.10:/ho!e/theeekstuff/te!p/
/assword:
./
rp!/
rp!/Basena!es
rp!/Conflictna!e
sent 16F103C1 "ytes recei(ed 513 "ytes 3543511.34
"ytes/sec
16,
total siPe is 56406G6F speedup is 3.FK
=hile doing synchroni+ation with the remote ser*er( you need to specify
username and ip.address of the remote ser*er. Aou should also specify
the destination directory on the remote ser*er. The format is
usernameBmachinename1path
"s you see abo*e( it asks for password while doing rsync from local to
remote ser*er.
&ometimes you don3t want to enter the password while backing up files
from local to remote ser*er. Cor e!ample( 2f you ha*e a backup shell
script( that copies files from local to remote ser*er using rsync( you need
the ability to rsync without ha*ing to enter the password.
To do that( setup ssh password less login as we e!plained earlier.
)ynchroniBe 7iles 7ro# 6e#ote to Local
=hen you want to synchroni+e files from remote to local( specify remote
path in source and local path in target as shown below.
; rsync #a(P theeekstuff<1G3.1CF.300.10:/(ar/li"/rp!
/root/te!p
/assword:
recei(in file list ... done
rp!/
rp!/Basena!es
.
sent 50C "ytes recei(ed 16F10340 "ytes 3543506.65
"ytes/sec
total siPe is 56406G6F speedup is 3.FK
16D
Additional RS2N# Examples:
How to Backup Linu-c 16 rsync Co!!and I-a!ples
C rsync I-a!ples to I-clude Sultiple Yiles and
.irectories usin e-clude#fro!
Hack 48. Chkconfi Co##and 5xa#ples
#hkconfig command is used to setup( *iew( or change ser*ices that are
configured to start automatically during the system startup.
This hack contains , practical e!amples that e!plains how to use the
chkconfig command.
Check )er2ice )tartup status fro# )hell )cript
=hen you e!ecute chkconfig command only with the ser*ice name( it
returns true if the ser*ice is configured for startup. The following code
snippet shows how to check whether a ser*ice is configured for startup
or not from a shell script.
) (i check.sh
chkconfi network == echo 2&etwork ser(ice is confiured2
chkconfi Eunk == echo 2Dunk ser(ice is confiured2
) ./check.sh
&etwork ser(ice is confiured
Aou can also specifically check whether it is configured for a particular
run le*el or not.
) (i check1.sh
chkconfi network ##le(el 4 == echo 2&etwork ser(ice is
confiured for le(el 42
16-
chkconfi network ##le(el 1 == echo 2&etwork ser(ice is
confiured for le(el 12
) ./check1.sh
&etwork ser(ice is confiured for le(el 4
%ie* Current )tatus of )tartup )er2ices
The $list option displays all the ser*ices with the current startup
configuration status.
) chkconfi ##list
a"rtd 0:off 1:off 3:off 4:on 5:off 6:on C:off
acpid 0:off 1:off 3:off 4:off 5:off 6:off C:off
atd 0:off 1:off 3:off 4:on 5:on 6:on C:off
...
To *iew only the ser*ices that are configured to be started during system
startup( do the following. 0lease note that this assumes that your
system startup le*el is 3.
chkconfi ##list T rep 4:on
To *iew the startup configuration of a particular ser*ice( grep the output
of ]chkconfig $list3 for that ser*ice.
chkconfi ##list T rep network
Add a ne* )er2ice to the )tartup
Hse $add option to add a specific ser*ice to the list of ser*ices that will
be started during system reboot.
The following e!ample shows how to add a new ser*ice 9for e!ample(
iptables; to the list of ser*ices that needs to be started. The ]chkconfig $
add3 command will also turn on le*el 2( 3( 4 and 5 automatically as
shown below.
1,0
) chkconfi ##list T rep ipta"les
) chkconfi ##add ipta"les
) chkconfi ##list T rep ipta"les
ipta"les 0:off 1:off 3:on 4:on 5:on
6:on C:off
+ote. Qchkconfig $addR only adds an e!isting ser*ice to the list of
startup. 2f the ser*ice doesn3t e!ist( you should first install it before
adding it to the system startup list. =hile this is pretty ob*ious( it is
worth to mention it( as a newbie might make this mistake.
6e#o2e a )er2ice 7ro# )tartup List
The following e!ample shows that ip6tables ser*ices is configured for
startup.
) chkconfi ##list T rep ipCta"les
ipCta"les 0:off 1:off 3:off 4:on 5:off 6:off C:off
To remo*e it from the startup list( use the $del option as shown below.
) chkconfi ##del ipCta"les
) chkconfi ##list T rep ipCta"les
Turn<on or Turn<off a )er2ice for a )elected 6un Le2el
&ometimes you might not want to delete the whole ser*ice. 2nstead( you
might 6ust want to turn the flag on or off for a particular run le*el 9for a
particular ser*ice;.
The following e!ample will turn off nfser*er ser*ice for le*el 5
) chkconfi ##le(el 6 nfsser(er off
1,1
Aou can also combine multiple le*els. The following e!ample will turn off
nfsser*er for both le*el 3 and 5.
)cript 7iles under rc.d )ubdirectories
=hene*er you add or remo*e a ser*ice from chkconfig control( it does
the following under the JetcJrc.d sub.directories.

=hen chkconfig $add command is e!ecuted( it creates a symbolic link
file to start and stop the ser*ice under corresponding rc directory.
=hen chkconfig $del command is e!ecuted( it remo*es the symbolic link
file from the corresponding rc directory.
The following e!ample shows that !inetd is enabled for both run le*el 3
and 5.
&o( !inetd will ha*e two files under rc3.d directory( and two files under
rc5.d directory. The file that starts with _ is used during shutdown 9_
stands for kill;. The file that starts with & is used during startup 9& stands
for start;.
) chkconfi ##list T rep -inetd
-inetd 0:off 1:off 3:off 4:on 5:off 6:on C:off
-inetd "ased ser(ices:
) cd /etc/rc.d/rc4.d
) ls T rep -inetd
Q0F-inetd
$15-inetd
1,2
) ls T rep -inetd
Q0F-inetd
$15-inetd
rcx.d "irectory Chanes for Add 8peration
=hen you add a new ser*ice to chkconfig control( the default run le*els
for that ser*ice will be turned on automatically( and files will be created
under the corresponding rc! directories.
Cor e!ample( if the nfsser*er ser*ice doesn3t e!ist in the chkconfig
control( no nfsser*er ser*ice startup files would be present under
JetcJrc.dJrcU.d directories as shown below.
) chkconfi ##list T rep nfsser(er
nfsser(er 0:off 1:off 3:off 4:off 5:off 6:off C:off
) ls /etc/rc.d/rc4.d T rep nfsser(er
"fter you add the nfsser*er ser*ice( you3ll see the symbolic links under
these directories.
) chkconfi ##add nfsser(er
nfsser(er 0:off 1:off 3:off 4:on 5:off 6:on C:off
) ls #l T rep nfsser(er
lrw-rw-rw- 1 root root 13 3011#0C#1F 00:63 Q0Fnfsser(er #Z
../nfsser(er
lrw-rw-rw- 1 root root 13 3011#0C#1F 00:63 $15nfsser(er #Z
../nfsser(er
1,3
) ls #l T rep nfsser(er
lrw-rw-rw- 1 root root 13 3011#0C#1F 00:63 Q0Fnfsser(er #Z
../nfsser(er
lrw-rw-rw- 1 root root 13 3011#0C#1F 00:63 $15nfsser(er #Z
../nfsser(er
=hen you turn off the ser*ice either using $del option or $le*el option(
the corresponding symbolic link file under rc!.d directory will be deleted
as shown below.
Any Questions?
.iscuss it here: K Linu- chkconfi Co!!and I-a!ples H
%dd, Me!o(e, 'iew, Chane $er(ices
Hack 4$. Ho* to )etup Anacron
"nacron is the cron for desktops and laptops.
"nacron does not e!pect the system to be running 24 ! , like a ser*er.
=hen you want a background 6ob to be e!ecuted automatically on a
machine that is not running 24 ! ,( you should use anacron.
Cor e!ample( if you ha*e a backup script scheduled e*eryday at 11 0/
as a regular cron 6ob( and if your laptop is not up at 11 0/( your backup
6ob will not be e!ecuted.
1,4
'owe*er( if you ha*e the same 6ob scheduled in anacron( you can be
sure that it will be e!ecuted once the laptop come back up.
Anacrontab 7or#at
Sust like how cron has JetcJcrontab( anacron has JetcJanacrontab.
JetcJanacrontab file has the anacron 6obs mentioned in the following
format.
period delay Eo"#identifier co!!and
7ield 1 is 6ecurrence period. This is a numeric *alue that specifies
the number of days.
1 $ daily
, $ weekly
30 $ monthly
5 $ This can be any numeric *alue. 5 indicates number of days
5ote1 Aou can also use ]Bmonthly3 for a 6ob that needs to be
e!ecuted monthly.
7ield , is "elay. This indicates the delay in minutes. i.e I number of
minutes anacron should wait before e!ecuting the 6ob after the the
machine starts.
7ield - is 9ob identifier. 2t is the name for the 6ob3s timestamp file. 2t
should be uni@ue for each 6ob. This will be a*ailable as a file under the
J*arJspoolJanacron directory. This file will contain a single line that
indicates the last time when this 6ob was e!ecuted.
) ls #1 /(ar/spool/anacron/
test.daily
cron.daily
cron.!onthly
cron.weekly
1,5
) cat /(ar/spool/anacron/test.daily
3011060K
7ield 0 is co##and. #ommand or shell script that needs to be
e!ecuted.
Sust like shell scripts( comments inside anacrontab file starts with ^
Anacron 5xa#ple
The following e!ample e!ecutes the JhomeJsathiyaJbackup.sh script
once in e*ery , days.
%n the day when the backup.sh 6ob is supposed to e!ecuted( if the
system is down for some reason( anacron will e!ecute the backup.sh
script 15 minutes after the system comes back up 9without ha*ing to
wait for another , days;.
) cat /etc/anacronta"
K 16 test.daily /"in/sh
/ho!e/sathiya/"ackup.sh
)TA6TAH816)A6A+(5 and 6A+"8&A"5LA?
The abo*e e!ample indicates that the backup.sh script should be
e!ecuted e*ery day( with a delay of 15 mins. i.e =hen the laptop was
started( e!ecuted it only after 15 minutes.
=hat happens when the laptop or desktop was not shutdownG =hen
does the 6ob gets e!ecutedG This is specified by the
&T"4TM'%H4&M4"57: en*ironment *ariable in the JetcJanacrontab file.
8y default this is set to 3.22 in the file. This indicates the time range
from 3 a.m to 10 p.m.
1,6
) rep $+%M+ /etc/anacronta"
$+%M+9HL\M$9M%&GI04#33
%n top of the user defined delay specified in the 2nd field of the
JetcJanacrontab file( anacron also randomly adds ! number of minutes.
The ! is defined by the 4"5)%/M):"A *ariable in the JetcJanacrontab
file.
8y default this is set to 45 in the file. This means that anacron will add !
minutes 9randomly picked from 0 and 45;( and add this to the user
defined delay.
) rep M%&.LS /etc/anacronta"
M%&.LS9.IL%Y056
Cron %s Anacron
#ron and anacron has its own ad*antages and disad*antages.
)epending on your re@uirement( use one of them.
Cron Anacron
/inimum granularity is
minute 9i.e Sobs can be
scheduled to be e!ecuted
e*ery minute;
/inimum granularity is
only in days
#ron 6ob can be scheduled by
any normal user 9 if not
restricted by super user
"nacron can be used only
by super user 9 but there
are workarounds to make it
usable by normal user ;
#ron e!pects system to be
running 24 ! ,. 2f a 6ob is
scheduled( and system is
down during that time( 6ob is
not e!ecuted.
"nacron doesn3t e!pect
system to be running 24 !
,. 2f a 6ob is scheduled( and
system is down during that
time( it start the 6obs when
the system comes back up.
2deal for ser*ers 2deal for desktops and
laptops
1,,
Hse cron when a 6ob has to be
e!ecuted at a particular hour
and minute
Hse anacron when a 6ob
has to be e!ecuted
irrespecti*e of hour and
minute
Any Questions?
.iscuss it here: Cron 's %nacron: How to $etup %nacron
on Linu- 7ìth an I-a!ple8
Hack 70. I/Tables 6ules 5xa#ples
"elete 5xistin 6ules
8efore you start building new set of rules( you might want to clean.up all
the default rules( and e!isting rules. Hse the iptables flush command as
shown below to do this.
ipta"les #Y
7or8
ipta"les ##flush
)et "efault Chain /olicies
The default chain policy is "##:0T. #hange this to )4%0 for all 250HT(
C%4="4)( and %HT0HT chains as shown below.
ipta"les #/ B&/\+ .ML/
ipta"les #/ YLM`%M. .ML/
ipta"les #/ L\+/\+ .ML/
=hen you make both 250HT( and %HT0HT chain3s default policy as
)4%0( for e*ery firewall rule re@uirement you ha*e( you should define
two rules. i.e one for incoming and one for outgoing.
1,D
2n all our e!amples below( we ha*e two rules for each scenario( as we3*e
set )4%0 as default policy for both 250HT and %HT0HT chain.
2f you trust your internal users( you can omit the last line abo*e. i.e )o
not )4%0 all outgoing packets by default. 2n that case( for e*ery firewall
rule re@uirement you ha*e( you 6ust ha*e to define only one rule. i.e
define rule only for incoming( as the outgoing is "##:0T for all packets.
'lock a )pecific ip<address
8efore we proceed further will other e!amples( if you want to block a
specific ip.address( you should do that first as shown below. #hange the
Q!.!.!.!R in the following e!ample to the specific ip.address that you like
to block.
BLLCQ9+HB$9B/02-.-.-.-2
ipta"les #% B&/\+ #s 2;BLLCQ9+HB$9B/2 #E .ML/
This is helpful when you find some strange acti*ities from a specific ip.
address in your log files( and you want to temporarily block that ip.
address while you do further research.
Aou can also use one of the following *ariations( which blocks only T#0
traffic on eth0 connection for this ip.address.
ipta"les #% B&/\+ #i eth0 #s 2;BLLCQ9+HB$9B/2 #E .ML/
ipta"les #% B&/\+ #i eth0 #p tcp #s 2;BLLCQ9+HB$9B/2 #E
.ML/
Allo* ALL Inco#in ))H
The following rules allow " incoming ssh connections on eth0
interface.
ipta"les #% B&/\+ #i eth0 #p tcp ##dport 33 #! state
##state &I`,I$+%BLB$HI. #E %CCI/+
ipta"les #% L\+/\+ #o eth0 #p tcp ##sport 33 #! state
##state I$+%BLB$HI. #E %CCI/+
1,-
Allo* Inco#in ))H only fro# a )pecific +et*ork
The following rules allow incoming ssh connections only from
1-2.16D.100.I network.
ipta"les #% B&/\+ #i eth0 #p tcp #s 1G3.1CF.100.0/35
##dport 33 #! state ##state &I`,I$+%BLB$HI. #E %CCI/+
ipta"les #% L\+/\+ #o eth0 #p tcp ##sport 33 #! state
##state I$+%BLB$HI. #E %CCI/+
2n the abo*e e!ample( instead of J24( you can also use the full subnet
mask. i.e Q1-2.16D.100.0J255.255.255.0f.
Additional 701a$les Examples:
36 Sost Yre_uently \sed Linu- B/+a"les Mules I-a!ples
B/+a"les +a"les, Chains, Mules Yunda!entals
How to %dd Yirewall Mules
Bnco!in and Lutoin Mule I-a!ples
1D0
Chapter $. Install /ackaes
Hack 71. ?u# Co##and 5xa#ples
2nstalling( remo*ing( and updating packages is a typical acti*ity on
inu!. /ost of the inu! distributions pro*ides some kind of package
manager utility. Cor e!ample( apt.get( dpkg( rpm( yum( etc.
%n some inu! distributions( yum is the default package manager.
Aum stands for Aellowdog Hpdater /odified.
Install a packae usin yu# install
To install a package( do ]yum install packagename3. This will also identify
the dependencies automatically and install them.
The following e!ample installs postgres@l package.
) yu! install postres_l.-FC9C5
Mesol(in .ependencies
Bnstall 3 /ackae7s8
Bs this ok *y/&,: y
Munnin +ransaction
Bnstallin : postres_l#li"s#G.0.5#6.fc16.-FC9C5 1/3
Bnstallin : postres_l#G.0.5#6.fc16.-FC9C5 3/3
8y default ]yum install3( will prompt you to accept or decline before
installing the packages. 2f you want yum to install automatically without
prompting( use .y option as shown below.
) yu! #y install postres_l.-FC9C5
1D1
1ninstall a packae usin yu# re#o2e
To remo*e a package 9along with all its dependencies;( use ]yum remo*e
package3 as shown below.
) yu! re!o(e postres_l.-FC9C5
/ackae postres_l.-FC9C5 0:G.0.5#6.fc16 will "e erased
Bs this ok *y/&,: y
Munnin +ransaction
Irasin : postres_l#G.0.5#6.fc16.-FC9C5 1/1
1prade an existin packae usin yu# update
2f you ha*e a older *ersion of a package( use ]yum update package3 to
upgrade it to the latest current *ersion. This will also identify and install
all re@uired dependencies.
) yu! update postres_l.-FC9C5
)earch for a packae to be installed usin yu# search
2f you don3t know the e!act package name to be installed( use ]yum
search keyword3( which will search all the packages that matches the
]keyword3 and display it.
The following e!amples searches the yum repository for all the packages
that matches the keyword ]firefo!3 and lists the a*ailable packages.
) yu! search firefo-
Loaded pluins: lanpacks, presto, refresh#packaekit
00000000000000 &/$ Satched: firefo- 0000000000000000000000
firefo-.-FC9C5 : SoPilla Yirefo- è" "rowser
no!e#do#pluins#firefo-.-FC9C5
!oPilla#firetray#firefo-.-FC9C5
!oPilla#ad"lockplus.noarch : SoPilla Yirefo- e-tension
!oPilla#noscript.noarch : SoPilla Yirefo- e-tension
1D2
5ame and summary matches only( use Fsearch allF for e*erything.
"isplay additional infor#ation about a packae usin yu#
info
%nce you search for a package using yum search( you can use ]yum info
package3 to *iew additional information about the package.
The following e!amples displays additional information about the
samba.common package.
) yu! info sa!"a#co!!on.iCFC
Loaded pluins: lanpacks, presto, refresh#packaekit
%(aila"le /ackaes
&a!e : sa!"a#co!!on
%rch : iCFC
Ipoch : 1
'ersion : 4.6.11
Melease : K1.fc16.1
$iPe : G.G S
Mepo : updates
$u!!ary : Yiles used "y "oth $a!"a ser(ers and clients
\ML : http://www.sa!"a.or/
License : G/L(4O and LG/L(4O
.escription : $a!"a#co!!on pro(ides files necessary for
"oth the ser(er and client
Additional 26& Examples:
16 Linu- Yu! Co!!and I-a!ples H Bnstall, \ninstall,
\pdate /ackaes
1D3
Hack 7,. 6/& Co##and 5xa#ples
40/ command is used for installing( uninstalling( upgrading( @uerying(
listing( and checking 40/ packages on your inu! system.
40/ stands for 4ed 'at 0ackage /anager.
=ith root pri*ilege( you can use the rpm command with appropriate
options to manage the 40/ software packages.
et us take an rpm of /ys@l #lient and run through all our e!amples.
Installin a 6/& packae 1sin rp# <i2h
40/ filename has packagename( *ersion( release and architecture
name.
Cor e!ample( 2n the /y&i.client.3.23.5,.1.i3D6.rpm file1
/y&i.client $ 0ackage 5ame
3.23.5, $ ?ersion
1 $ 4elease
i3D6 $ "rchitecture
=hen you install a 40/( it checks whether your system is suitable for
the software the 40/ package contains( figures out where to install the
files located inside the rpm package( installs them on your system( and
adds that piece of software into its database of installed 40/ packages.
The following rpm command installs /ys@l client package.
) rp! #i(h Sy$bL#client#4.34.6K#1.i4FC.rp!
/reparin...))))))))))))))))))))))))))))))))))) *100W,
1:Sy$bL#client)))))))))))))))))))))))))))))) *100W,
1D4
rpm command and options
.i 1 install a package
.* 1 *erbose
.h 1 print hash marks as the package archi*e is unpacked.
Aou can also use dpkg on )ebian( pkgadd on &olaris( depot on '0.HI to
install packages.
Guery all the 6/& /ackaes usin rp# <;a
Aou can use rpm command to @uery all the packages installed in your
system.
) rp! #_a
cdrecord#3.01#10.K.el6
"lueP#li"s#4.K#1.1
setarch#3.0#1.1
.
.
.@ @uery operation
.a @ueries all installed packages
To identify whether a particular rpm package is installed on your system(
combine rpm and grep command as shown below. Collowing command
checks whether cdrecord package is installed on your system.
) rp! #_a T rep VcdrecordV
Guery a /articular 6/& /ackae usin rp# <;
The abo*e e!ample lists all currently installed package. "fter installation
of a package to check the installation( you can @uery a particular
package and *erify as shown below.
) rp! #_ Sy$bL#client
Sy$bL#client#4.34.6K#1
1D5

) rp! #_ Sy$bL
packae Sy$bL is not installed
5ote1 To @uery a package( you should specify the e!act package name. 2f
the package name is incorrect( then rpm command will report that the
package is not installed.
Guery 6/& /ackaes in a 2arious for#at usin rp# =
;ueryfor#at
4pm command pro*ides an option $@ueryformat( which allows you to
gi*e the header tag names( to list the packages. :nclose the header tag
with in ab.
) rp! #_a ##_ueryfor!at VW:na!e#W:(ersion@#W:release@ W
:siPe@>nV
cdrecord#3.01#10.K 13435
"lueP#li"s#4.K#1.1 6C45
setarch#3.0#1.1 3466C4
.
.
>hich 6/& packae does a file belon toJ = 1se rp# <;f
et us say( you ha*e list of files and you would want to know which
package owns all these files. rpm command has options to achie*e this.
The following e!ample shows that JusrJbinJmys@laccess file is part of the
/y&i.client.3.23.5,.1 rpm.
) rp! #_f /usr/"in/!ys_laccess
Sy$bL#client#4.34.6K#1
1D6
Locate docu#entation of a packae that o*ns file usin
rp# <;df
Hse the following to know the list of documentations( for a package that
owns a file. The following command( gi*es the location of all the manual
pages related to mys@l package.
) rp! #_df /usr/"in/!ys_laccess
/usr/share/!an/!an1/!ys_l.1.P
/usr/share/!an/!an1/!ys_laccess.1.P
/usr/share/!an/!an1/!ys_lad!in.1.P
/usr/share/!an/!an1/!ys_ldu!p.1.P
/usr/share/!an/!an1/!ys_lshow.1.P
.d 1 refers documentation.
Infor#ation about Installed 6/& /ackae usin rp# <;ip
rpm command pro*ides a lot of information about the installed
packages.
) rp! #_ip Sy$bL#client#4.34.6K#1.i4FC.rp!
&a!e : Sy$bL#client Melocations: 7not relocata"le8
'ersion : 4.34.6K 'endor: Sy$bL %B
Melease : 1 Build .ate: Son 0G Dun 3004
Bnstall .ate: Build Host: "uild.!ys_l.co!
Group : %pplications/.ata"ases
$iPe : 640610G License: G/L / LG/L
$inature : 7none8
/ackaer : LenP Gri!!er
\ML : http://www.!ys_l.co!/
$u!!ary : Sy$bL # Client
.escription : +his packae is a standard Sy$bL client.
.i 1 *iew information about an rpm
.p 1 specify a package name
1D,
List all the 7iles in a /ackae usin rp# <;lp
To list the content of a 40/ package( use the following command( which
will list out the files without e!tracting into the local directory folder.
; rp! #_lp o(pc#3.1.10.rp!
/usr/"in/!ys_laccess
/usr/"in/!ys_ldata
/usr/"in/!ys_lper!
.
.
/usr/"in/!ys_lad!in
@ 1 @uery the rpm file
l 1 list the files in the package
p 1 specify the package name
List the "ependency /ackaes usin rp# <;6/
To *iew the list of packages on which this package depends(
) rp! #_Mp Sy$bL#client#4.34.6K#1.i4FC.rp!
/"in/sh
/usr/"in/perl
Additional R0& Examples:
M/S Co!!and: 16 I-a!ples to Bnstall, \ninstall, \prade,
buery M/S /ackaes
Hack 7-. apt<E Co##and 5xa#ples
)ebian based systems 9including Hbuntu; uses apt.U commands for
managing packages from the command line.
1DD
This hack( using "pache 2 installation as an e!ample( e!plains how to
use apt.U commands to *iew( install( remo*e( or upgrade packages.
apt<cache search. )earch 6epository 1sin /ackae +a#e
2f you are installing "pache 2( you may guess that the package name is
apache2. To *erify whether it is a *alid package name( you may want to
search the repository for that particular package name as shown below.
The following e!ample shows how to search the repository for a specific
package name.
; apt#cache search Napache3;
apache3 # %pache H++/ $er(er !etapackae
dpk <l. Is the /ackae Already InstalledJ
8efore installing a package( you may want to make sure it is not already
installed as shown below using dpkg .l command.
; dpk #l T rep #i apache
apt<et install. Install a /ackae
Cinally( install the package using Qapt.get installR as shown below.
; sudo apt#et install apache3
*sudo, password for ra!esh:
+he followin &I` packaes will "e installed:
apache3 apache3#!p!#worker apache3#utils
apache3.3#co!!on li"apr1 li"aprutil1 li"p_6
0 upraded, K newly installed, 0 to re!o(e and 3C not
upraded.
1D-
apt<et re#o2e. "elete a /ackae
Hse Qapt.get purgeR or Qapt.get remo*eR to delete a package as shown
below.
; sudo apt#et pure apache3
7or8
; sudo apt#et re!o(e apache3
Additional apt-8 #ommand Examples:
How +o Sanae /ackaes \sin apt#et, apt#cache, apt#
file and dpk Co!!ands 7 ìth 14 /ractical I-a!ples 8
Hack 70. Install fro# )ource
&ometimes you might ha*e to download the source code of an
application and install it from the source.
This hack e!plains how to install from source. Aou should always refer to
the 25&T" or 4:")/: file that is located in the downloaded application
package for any application specific installation instructions.
"o*nload and unBip the packae
Typically the source code you download will be compressed in a U.tar.g+
or U.tar.b+2 format.
2f the source code you>*e downloaded is in the format application.tar.g+(
use the following command to uncompress it .
tar -(fP application.tar.P

1-0
2f the source code you>*e downloaded is in the format
application.tar.b+2( use the following command to uncompress it.
tar -(fE application.tar."P3
Confiure
%nce you uncompress the source tar file( it will create a subdirectory in
the name of the application. #) to this directory.
cd application
)o a .Jconfigure ..help which will display all application specific
configuration options that are a*ailable to you.
./confiure ##help
2n most cases( you can 6ust do .Jconfigure which will use all default
*alues to perform the configuration. This will perform necessary pre.re@
checks. This will also generate the /akefile re@uired for the installation.
./confiure
&ake and Install
/ake command will use the /akefile created from the abo*e step and
create the application binary e!ecutable.
!ake
Cinally( do >make install> which will install the application in the
appropriate location.
!ake install
1-1
Chapter 10. LA&/ )tack
Hack 73. Install Apache , *ith ))L
This hack pro*ides step by step instructions on how to install "pache 2
with modMssl.
2 prefer to install "pache from source( as it gi*es me more fle!ibility on
e!actly what modules 2 want to enable or disable( and 2 can also upgrade
or apply patch immediately after it is released by the "pache
foundation.
"o*nload Apache
)ownload "pache from httpd.apache.org. The current stable release is
2.2.1,.
%nce you get the direct H4 to download the latest stable *ersion of
"pache( use wget as shown below to download it directly to you ser*er.
cd 1
wet http://www.en.lsu.edu/!irrors/apache//httpd/httpd#
3.3.1K.tar.P
tar -(fP httpd#3.3.1K.tar.P
Install Apache *ith ))LPTL)
?iew all a*ailable "pache installation and configuration options as shown
below.
cd httpd#3.3.1K
./confiure ##help
To install an "pache module( you would typically say $enable.amodule.
nameb. Cor e!ample( to install && with "pache( it is $enable.ssl. To
install ldap module( it is $enable.ldap.
1-2

To uninstall any default module that comes with "pache( you would
typically say $disable.amodule.nameb. Cor e!ample( to disable basic
authentication in "pache( it is $disable.auth.basic
2n this e!ample( we will install "pache with all default modules( with
addition of $enable.ssl 9to install modMssl for && support;( and $enable.
so( which helps to load modules in "pache during run.time *ia the
)ynamic &hared %b6ect 9)&%; mechanism( rather than re@uiring a
recompilation.
./confiure ##ena"le#ssl ##ena"le#so
!ake
!ake install
+ote. 8y default the abo*e installs "pache under JusrJlocalJapache2. 2f
you like to change this location( use $prefi! option in the .Jconfigure.
5nable ))L in httpd.conf
"pache configuration file httpd.conf is located under
JusrJlocalJapache2Jconf.
Hncomment the httpd.ssl.conf 2nclude line in the
JusrJlocalJapache2JconfJhttpd.conf file.
) (i /usr/local/apache3/conf/httpd.conf
Bnclude conf/e-tra/httpd#ssl.conf
?iew the httpd.ssl.conf to re*iew all the default && configurations. Cor
most cases( you don3t need to modify anything in this file.
(i /usr/local/apache3/conf/e-tra/httpd#ssl.conf
The && certificate and key are re@uired before we start the "pache. The
ser*er.crt and ser*er.key file mentioned in the httpd.ssl.conf needs to be
created before we mo*e forward.
1-3
) erep Vser(er.crtTser(er.keyV httpd#ssl.conf
$$LCertificateYile 2/usr/local/apache3/conf/ser(er.crt2
$$LCertificateQeyYile 2/usr/local/apache3/conf/ser(er.key2
Create ser2er.crt and ser2er.key file
Cirst( 7enerate the ser*er.key using openssl.
cd 1
openssl enrsa #des4 #out ser(er.key 1035
The abo*e command will ask for the password. /ake sure to remember
this password. Aou need this while starting your "pache later.
2f you don3t pro*ide a password( you3ll get the following error message.
3516:error:3F0CG0C6:li"7508:\B9set9result:result too
s!all:ui9li".c:F5G:You !ust type in 5 to F1G1 characters
5e!t( generate a certificate re@uest file 9ser*er.csr; using the abo*e
ser*er.key file.
openssl re_ #new #key ser(er.key #out ser(er.csr
Cinally( generate a self signed ssl certificate 9ser*er.crt; using the abo*e
ser*er.key and ser*er.csr file.
openssl -60G #re_ #days 4C6 #in ser(er.csr #sinkey
ser(er.key #out ser(er.crt
Cor more details refer to1 'ow To 7enerate && _ey( #&4 and &elf &igned
#ertificate Cor "pache
1-4
Copy the ser2er.key and ser2er.crt
#opy the ser*er.key and ser*er.crt file to appropriate "pache
configuration directory location.
cd 1
cp ser(er.key /usr/local/apache3/conf/
cp ser(er.crt /usr/local/apache3/conf/
)tart the apache and 2erify ))L
&tart the "pache as shown below.
/usr/local/apache3/"in/apachectl start
This will prompt you to enter the password for your pri*ate key.
%pache/3.3.1K !od9ssl/3.3.1K 7/ass /hrase .ialo8
$er(er www.e-a!ple.co!:554 7M$%8
Inter pass phrase:
LQ: /ass /hrase .ialo successful.
8y default "pache && runs on 443 port. %pen a web browser and *erify
that you can access your "pache using https1JJayour.ip.addressb
Any Questions?
.iscuss it here: How +o Bnstall %pache 3 with $$L on
Linu- 7with !od9ssl, openssl8
Additional Apache 7nstall Examples:
How +o Generate $$L Qey, C$M and $elf $ined Certificate
Yor %pache
1-5

Bnstall %pache 3 fro! $ource on Linu-
Hack 74. Install /H/ fro# )ource
"ll inu! distributions comes with 0'0. 'owe*er( it is recommended to
download latest 0'0 source code( compile and install on inu!. This will
make it easier to upgrade 0'0 on an ongoing basis immediately after a
new patch or release is a*ailable for download from 0'0. This hack
e!plains how to install 0'05 from source on inu!.
/rere;uisites
"pache web ser*er should already be installed. 4efer to my pre*ious
post on 'ow to install "pache 2 on inu!. 2f you are planning to use 0'0
with /y&i( you should ha*e /y &i already installed.
"o*nload /H/
)ownload the latest source code from 0'0 )ownload page. #urrent
stable release is 5.2.6. /o*e the source to JusrJlocalJsrc and e!tract is as
shown below.
) "Pip3 #d php#6.3.C.tar."P3
) tar -(f php#6.3.C.tar
Install /H/
?iew all configuration options a*ailable for 0'0 using .Jconfigure $.help
9two hyphen in front of help;. The most commonly used option is $.
prefi!Kainstall.dir.nameb to install 0'0 on a user defined directory.
) cd php#6.3.C
) ./confiure ##help
2n the following e!ample( 0'0 will be compiled and installed under the
default location JusrJlocalJlib with "pache configuration and /y&i
support.
1-6
) ./confiure ##with#ap-s30/usr/local/apache3/"in/ap-s
##with#!ys_l
) !ake
) !ake install
) cp php.ini#dist /usr/local/li"/php.ini
Confiure httpd.conf for /H/
/odify the JusrJlocalJapache2JconfJhttpd.conf to add the following1
[YilesSatch 2>.ph7p*3#C,cTt!l8;2Z
$etHandler application/-#httpd#php
[/YilesSatchZ
/ake sure the httpd.conf has the following line that will get
automatically inserted during the 0'0 installation process.
LoadSodule php69!odule !odules/li"php6.so
4estart the apache as shown below1
) /usr/local/"in/apache3/apachectl restart
%erify /H/ Installation
#reate a test.php under JusrJlocalJapache2Jhtdocs with the following
content
) (i test.php
[cphp phpinfo78? cZ
7o to http1JJlocal.hostJtest.php ( which will show a detailed information
about all the 0'0 configuration options and 0'0 modules installed on the
system.
1-,
Trouble shootin durin installation
5rror 1. configure1 error1 !ml2.config not found1
=hile performing the .Jconfigure during 0'0 installation( you may get
the following error1
##with#!ys_l
Confiurin e-tensions
checkin whether to ena"le LBBaSL support... yes
checkin li"-!l3 install dir... no
checkin for -!l3#confi path...
confiure: error: -!l3#confi not found. /lease check your
li"-!l3 installation.
2nstall thelib!ml2.de*el and +lib.de*el as shown below to the fi! this
issue.
) rp! #i(h /ho!e/downloads/linu-#iso/li"-!l3#de(el#3.C.3C#
3.1.3.0.1.i4FC.rp! /ho!e/downloads/linu-#iso/Pli"#de(el#
1.3.4#4.i4FC.rp!
/reparin...))))))))))))))))))))))))))))))))))))) *100W,
1:Pli"#de(el))))))))))))))))))))))))))))))))))))) * 60W,
3:li"-!l3#de(el)))))))))))))))))))))))))))))))))) *100W,
5rror ,. configure1 error1 #annot find /y&i header files.
=hile performing the .Jconfigure during 0'0 installation( you may get
the following error1
##with#!ys_l
checkin for Sy$bL \&Ba socket location...
/(ar/li"/!ys_l/!ys_l.sock
confiure: error: Cannot find Sy$bL header files under
yes. &ote that the Sy$bL client li"rary is not "undled
any!oreA
1-D
2nstall the /y&i.de*el.community package as shown below to fi! this
issue.
) rp! #i(h /ho!e/downloads/Sy$bL#de(el#co!!unity#6.1.36#
0.rhel6.i4FC.rp!
/reparin...)))))))))))))))))))))))))))))))))))))) *100W,
1:Sy$bL#de(el#co!!unity))))))))))))))))))))))))))) *100W,
Any Questions?
.iscuss it here: Bnstruction Guide to Bnstall /H/6 fro!
$ource on Linu-
Hack 77. Install &y)GL
/ost of the inu! distro comes with /y&i. 2f you want use /y&i( my
recommendation is that you download the latest *ersion of /y&i and
install it yourself. ater you can upgrade it to the latest *ersion when it
becomes a*ailable. This hack e!plains how to install the latest free
community edition of /y&i on inu! platform.
"o*nload the latest stable release of &y)GL
)ownload my&i from mys@l.com . 0lease download the community
edition of /y&i for your appropriate inu! platform. 2 downloaded the
Q4ed 'at :nterprise inu! 5 40/ 9!D6;R. /ake sure to download /y&i
&er*er( #lient and Q'eaders and librariesR from the download page.
/y&i.client.community.5.1.25.0.rhel5.i3D6.rpm
/y&i.ser*er.community.5.1.25.0.rhel5.i3D6.rpm
/y&i.de*el.community.5.1.25.0.rhel5.i3D6.rpm
2f you want to remo*e the e!isting default /y&i that came with the
inu! distro ( do the following.
)o not perform this on an system where the /y&i database is getting
used by some application.
1--
*local#host,) rp! #_a T rep #i !ys_l
!ys_l#6.0.33#3.1.0.1
!ys_lclient10#4.34.6F#5.MHIL5.1
*local#host,) rp! #e !ys_l ##nodeps
warnin: /etc/!y.cnf sa(ed as /etc/!y.cnf.rp!sa(e
*local#host,) rp! #e !ys_lclient10
Install the do*nloaded &y)GL packae
2nstall the /y&i &er*er and #lient packages as shown below.
*local#host,) rp! #i(h Sy$bL#ser(er#co!!unity#6.1.36#
0.rhel6.i4FC.rp! Sy$bL#client#co!!unity#6.1.36#
0.rhel6.i4FC.rp!
/reparin...))))))))))))))))))))))))))))))))))))))) *100W,
1:Sy$bL#client#co!!unity))))))))))))))))))))))))))) * 60W,
3:Sy$bL#ser(er#co!!unity))))))))))))))))))))))))))) *100W,
This will also display the following output and start the /y&i daemon
automatically.
/LI%$I MISISBIM +L $I+ % /%$$`LM. YLM +HI Sy$bL root \$IMA
+o do so, start the ser(er, then issue the followin
co!!ands:
/usr/"in/!ys_lad!in #u root password Vnew#passwordV
/usr/"in/!ys_lad!in #u root #h !edica3 password Vnew#
passwordV

%lternati(ely you can run:
/usr/"in/!ys_l9secure9installation
200
$tartin Sy$bL.* LQ ,
Gi(in !ys_ld 3 seconds to start
2nstall the Q'eader and ibrariesR that are part of the /y&i.de*el
packages.
*local#host,) rp! #i(h Sy$bL#de(el#co!!unity#6.1.36#
0.rhel6.i4FC.rp!
/reparin...))))))))))))))))))))))))))))))))))))))) *100W,
1:Sy$bL#de(el#co!!unity )))))))))))))))))))))))))) *100W,
5ote1 =hen 2 was compiling 0'0 with /y&i option from source on the
inu! system( it failed with the following error. 2nstalling the /y&i.
de*el.community package fi!ed this problem in installing 0'0 from
source.
confiure: error: Cannot find Sy$bL header files under
yes.
5ote that the /y&i client library is not bundled anymorec
/erfor# post<install security acti2ities on &y)GL.
"t a bare minimum you should set a password for the root user as shown
below1
*local#user,) /usr/"in/!ys_lad!in #u root password
VSy3$ecure;/asswordV
The best option is to run the mys@lMsecureMinstallation script that will
take care of all the typical security related items on the /y&i as shown
below. %n a high le*el this does the following items1
#hange the root password
4emo*e the anonymous user
)isallow root login from remote machines
201
4emo*e the default sample test database
*local#host,) /usr/"in/!ys_l9secure9installation
&L+I: M\&&B&G %LL /%M+$ LY +HB$ $CMB/+ B$ MICLSSI&.I. YLM
%LL Sy$bL $IM'IM$ B& /ML.\C+BL& \$IA /LI%$I MI%. I%CH
$+I/ C%MIY\LLYA
Inter current password for root 7enter for none8:
LQ, successfully used password, !o(in on...
Chane the root passwordc *Y/n, Y
&ew password:
Me#enter new password:
/assword updated successfullyA
Meloadin pri(ilee ta"les.. ... $uccessA
Me!o(e anony!ous usersc *Y/n, Y
.isallow root loin re!otelyc *Y/n, Y
Me!o(e test data"ase and access to itc *Y/n, Y
Meload pri(ilee ta"les nowc *Y/n, Y
installation should now "e secure.
+hanks for usin Sy$bLA
%erify the &y)GL installation.
Aou can check the /y&i installed *ersion by performing mys@l .? as
shown below1
*local#host,) !ys_l #'
202
!ys_l 'er 15.15 .istri" 6.1.36#rc, for redhat#linu-#nu
7iCFC8 usin readline 6.1
#onnect to the /y&i database using the root user and make sure the
connection is successful.
*local#host,) !ys_l #u root #p
Inter password:
!ys_lZ
Collows the steps below to stop and start /y&i
*local#host,) ser(ice !ys_l status
Sy$bL runnin 7136FF8 * LQ ,
*local#host,) ser(ice !ys_l stop
$huttin down Sy$bL. * LQ ,
*local#host,) ser(ice !ys_l start
$tartin Sy$bL. * LQ ,
Any Questions?
.iscuss it here: Howto Bnstall Sy$bL on Linu-
Additional &ySQ( 7nstall Examples:
How to Bnstall Sy$bL .ata"ase \sin Yu! roupinstall
203
Hack 78. Install LA&/ )tack
2nstalling "/0 stack using yum is *ery easy and takes only minutes.
This is a good option for beginners who don3t feel comfortable installing
from source. "lso( 2nstalling "/0 stack using yum is a good choice( if
you want to keep things simple and 6ust use the default configuration.
Install Apache usin ?u#
) rp! #_a T rep httpd
2f the abo*e command did not return anything( install apache as shown
below
) yu! install httpd
?erify that "pache got installed successfully
) rp! #_a T rep #i http
httpd#tools#3.3.G#1.fcG.i4FC
httpd#3.3.G#1.fcG.i4FC
:nable httpd ser*ice to start automatically during system startup using
chkconfig. &tart the "pache as shown below.
) chkconfi httpd on
) ser(ice httpd start
$tartin httpd: * LQ ,
Install &y)GL usin ?u#
Aum is *ery smart to identify all the dependencies and install those
automatically. Cor e!ample( while installing mys@l.ser*er using yum( it
also automatically installs the depended mys@l.libs( perl.)82( mys@l(
perl.)8)./y&i packages as shown below.
204
) yu! install !ys_l#ser(er
0artial output of the abo*e yum install mys@l.ser*er command1
.ependencies Mesol(ed
+ransaction $u!!ary
00000000000000000000000000000000000000000000000000000000
Bnstall 6 /ackae7s8
\pdate 0 /ackae7s8
Me!o(e 0 /ackae7s8
+otal download siPe: 16 S
Bs this ok *y/&,: y
Munnin +ransaction
Bnstallin : !ys_l#li"s *1/6,
Bnstallin : perl#.BB *3/6,
Bnstallin : !ys_l *4/6,
Bnstallin : perl#.B.#Sy$bL *5/6,
Bnstallin : !ys_l#ser(er *6/6,
Co!pleteA
?erify whether /y&i got installed properly.
) rp! #_a T rep #i !ys_l
php#!ys_l#6.3.C#3.fcG.i4FC
!ys_l#li"s#6.0.61a#1.fcG.i4FC
!ys_l#ser(er#6.0.61a#1.fcG.i4FC
perl#.B.#Sy$bL#5.006#F.fcG.i4FC
!ys_l#6.0.61a#1.fcG.i4FC
205

) !ys_l #'
!ys_l 'er 15.13 .istri" 6.0.61a, for redhat#linu-#nu
7i4FC8 usin readline 6.0
#onfigure /y&i to start automatically during system startup.
) chkconfi !ys_ld on
&tart /y&i ser*ice.
) ser(ice !ys_ld start
The first time when you start mys@ld( it will gi*e additional information
message indicating to perform post.install configuration as shown below.
BnitialiPin Sy$bL data"ase:
Bnstallin Sy$bL syste! ta"les... LQ
Yillin help ta"les... LQ
+o start !ys_ld at "oot ti!e you ha(e to copy
support#files/!ys_l.ser(er to the riht place for your
syste!
/LI%$I MISISBIM +L $I+ % /%$$`LM. YLM Sy$bL root \$IM A
$tart the ser(er, then issue the followin co!!ands:
/usr/"in/!ys_lad!in #u root password Vnew#passwordV
/usr/"in/!ys_lad!in #u root #h de(#d" password Vnew#
passwordV
%lternati(ely you can run:
/usr/"in/!ys_l9secure9installation
206
$tartin Sy$bL:
* LQ ,
/erfor# &y)GL post<installation acti2ities
"fter the mys@l installation( you can login to mys@l root account without
pro*iding any password as shown below.
) !ys_l #u root
!ys_lZ
To fi! this problem( you need to assign a password to mys@l root account
as shown below. :!ecute mys@lMsecureMinstallation script( which
performs the following acti*ities1
"ssign the root password
4emo*e the anonymous user
)isallow root login from remote machines
4emo*e the default sample test database
) /usr/"in/!ys_l9secure9installation
0artial output of mys@lMsecureMinstallation script1
Inter current password for root 7enter for none8:
LQ, successfully used password, !o(in on...
$et root passwordc *Y/n, Y
&ew password: *&ote: Inter the !ys_l root password here,
Me#enter new password:
/assword updated successfullyA
Me!o(e anony!ous usersc *Y/n, Y
.isallow root loin re!otelyc *Y/n, Y
Me!o(e test data"ase and access to itc *Y/n, Y
20,
Meload pri(ilee ta"les nowc *Y/n, Y
... $uccessA
?erify the /y&i post.install acti*ities. 5ow root access without
password is denied.
) !ys_l #u root
IMMLM 1056 73F0008:%ccess denied for user
VrootV<VlocalhostV7usin password:&L8
Test database is not a*ailable anymore.
) !ys_l #u root #p
Inter password:
!ys_lZ show data"ases?
O####################O
T .ata"ase T
O####################O
T infor!ation9sche!a T
T !ys_l T
O####################O
3 rows in set 70.00 sec8
Install /H/ usin ?u#
) yu! install php
0artial output of yum install php1
+ransaction $u!!ary
20D
00000000000000000000000000000000000000000000000000000000
Bnstall 4 /ackae7s8
\pdate 0 /ackae7s8
Me!o(e 0 /ackae7s8
+otal download siPe: 4.F S
Bs this ok *y/&,: y
Munnin +ransaction
Bnstallin : php#co!!on *1/4,
Bnstallin : php#cli *3/4,
Bnstallin : php *4/4,
Co!pleteA
?erify that php got installed successfully.
) rp! #_a T rep #i php
php#cli#6.3.C#3.fcG.i4FC
php#6.3.C#3.fcG.i4FC
php#co!!on#6.3.C#3.fcG.i4FC
2nstall /y&i module for 0'0.
) yu! install php#!ys_l
0artial output of yum install php.mys@l1
+ransaction $u!!ary
0000000000000000000000000000000000000000000000000000
Bnstall 3 /ackae7s8
20-
\pdate 0 /ackae7s8
Me!o(e 0 /ackae7s8
+otal download siPe: 154 k
Bs this ok *y/&,: y
Munnin +ransaction
Bnstallin : php#pdo *1/3,
Bnstallin : php#!ys_l *3/3,
Co!pleteA
2f you need additional 0'0 modules( install them using yum as shown
below.
) yu! install php#co!!on php#!"strin php#!crypt php#de(el
php#-!l php#d
Any Questions?
.iscuss it here: How +o Bnstall Lr \prade L%S/ \sin
Yu!
Hack 7$. Install :A&//
To run *arious open source applications you might ha*e to install
"pache( /y&i( 0'0( and 0erl 9or some combination of these;. Cor those
who ha*e difficulties installing and configuring these separately( I"/00
might be helpful.
I"/00 is "pache distribution that contains /y&i( 0'0 and 0erl. Aou
really don3t need to worry about configuring /y&i( 0'0( or 0erl for
"pache. Sust install I"/00( and e*erything is already pre.built and ready
to go. 2t is that easyc
210

"lso( I"/00 is a*ailable for inu!( =indows( /ac %&( and &olaris.
"o*nload :A&//
)ownload I"/00 from !ampp in sourceforge.
Install :A&//
:!tract the tar file under Jopt directory.
) cd /opt
) tar -(Pf -a!pp#linu-#1.K.4a.tar.P
)tart or stop :A&//
&tart !ampp. 2t starts all the !ampp ser*ices.
) /opt/la!pp/la!pp start
&top !ampp. 2t stops all the !ampp ser*ices.
) /opt/la!pp/la!pp stop
)tart particular :A&// ser2ice
&tart a particular ser*ice by specifying the name of the ser*ice along
with start. Cor e!ample( following starts only "pache 9along with 0'0;.
) /opt/la!pp/la!pp startapache
a%S//: $tartin %pache with $$L 7and /H/68...
&ote: \se start!ys_l in the aru!ent to start only !ys_l
)top particular ser2ice
&imilar to start( you can also stop a particular ser*er. Cor e!ample(
following stops only /y&i.
211
) /opt/la!pp/la!pp stop!ys_l
a%S//: $toppin Sy$bL...
:A&// Confiuration file
#onfiguration files are a*ailable under JoptJlamppJetcJ. &ome of the
!ampp config files are httpd.conf( my.cnf( php.ini.
Any Questions?
.iscuss it here: a%S//: Iasy %pache, Sy$bL, /H/, /erl
Bnstall
Hack 80. )ecure ?our Apache >eb )er2er
2f you are a sysadmin( you should secure your "pache web ser*er by
following the tips mentioned in this hack.
6un Apache as separate user and roup
8y default( apache might run as nobody or daemon. 2t is good to run
apache in its own non.pri*ileged account. Cor e!ample1 apache.
#reate apache group and user.
roupadd apache
useradd #d /usr/local/apache3/htdocs # apache #s
/"in/false apache
/odify the httpd.conf( and set Hser and 7roup appropriately.
) (i httpd.conf
\ser apache
Group apache
212
"fter this( if you restart apache( and do ps .ef( you3ll see that the apache
is running as QapacheR 9:!cept the 1st httpd process( which will always
run as root;.
) ps #ef T rep #i http T awk V:print ;1@V
root
apache
apache
apache
apache
apache
6estrict access to root directory K1se Allo* and "enyM
&ecure the root directory by setting the following in the httpd.conf
[.irectory /Z
Lptions &one
Lrder deny,allow
.eny fro! all
[/.irectoryZ
2n the abo*e1
%ptions 5one $ &et this to 5one( which will not enable any
optional e!tra features.
%rder deny(allow $ This is the order in which the Q)enyR and
Q"llowR directi*es should be processed. This processes the
QdenyR first and QallowR ne!t.
)eny from all $ This denies re@uest from e*erybody to the root
directory. There is no "llow directi*e for the root directory. &o(
nobody can access it.
213
)et appropriate per#issions for conf and bin directory
bin and conf directory should be *iewed only by authori+ed users. 2t is
good idea to create a group( and add all users who are allowed to
*iewJmodify the apache configuration files to this group.
et us call this group1 apacheadmin
#reate the group.
roupadd apachead!in
"llow access to bin directory for this group.
chown #M root:apachead!in /usr/local/apache3/"in
ch!od #M KK0 /usr/local/apache3/"in
"llow access to conf directory for this group.
chown #M root:apachead!in /usr/local/apache3/conf
ch!od #M KK0 /usr/local/apache3/conf
"dd appropriate members to this group. 2n this e!ample( both ramesh
and 6ohn are part of apacheadmin
) (i /etc/roup
apachead!in:-:1131:ra!esh,Eohn
"isable "irectory 'ro*sin
2f you don3t do this( users will be able to see all the files 9and directories;
under your root 9or any sub.directory;.
Cor e!ample( if they go to http1JJayour.ipbJimagesJ and if you don3t ha*e
an inde!.html under images( they3ll see all the image files 9and the sub.
directories; listed in the browser 96ust like a ls .1 output;. Crom here( they
214
can click on the indi*idual image file to *iew it( or click on a sub.
directory to see its content.
To disable directory browsing( you can either set the *alue of %ptions
directi*e to Q5oneR or Q.2nde!esR. " $ in front of the option name will
remo*e it from the current list of options enforced for that directory.
2nde!es will display a list of a*ailable files and sub.directories inside a
directory in the browser 9only when no inde!.html is present inside that
folder;. &o( 2nde!es should not be allowed.
[.irectory /Z
Lptions &one
Lrder allow,deny
%llow fro! all
[/.irectoryZ
7or8
[.irectory /Z
Lptions #Bnde-es
Lrder allow,deny
%llow fro! all
[/.irectoryZ
"onVt allo* .htaccess
Hsing .htaccess file inside a specific sub.directory under the htdocs 9or
anywhere outside;( users can o*erwrite the default apache directi*es.
%n certain situations( this is not good( and should be a*oided. Aou
should disable this feature.
Aou should not allow users to use the .htaccess file and o*erride apache
directi*es. To do this( set Q"llow%*erride 5oneR in the root directory.
[.irectory /Z
215
Lptions &one
%llowL(erride &one
Lrder allow,deny
%llow fro! all
[/.irectoryZ
Additional Apache 3ardening Examples:
10 +ips to $ecure Your %pache è" $er(er on \&Ba / Linu-
Hack 81. Apachectl and Httpd Tips
"fter you ha*e installed "pache2( if you want to use apachectl and httpd
to it3s ma!imum potential( you should go beyond using start( stop and
restart. The - practical e!amples pro*ided in this hack will help you to
use apachectl and httpd *ery effecti*ely.
"pachectl acts as &ys? init script( taking arguments like start( stop(
restart and status. 2t also acts as front.end to httpd command( by simply
passing the command line arguments to httpd. &o( all the commands
you e!ecute using apachectl( can also be e!ecuted directly by calling
httpd.
/ass different httpd.conf filena#e to apachectl
Typically you3ll modify the original httpd.conf to try out different "pache
directi*es. 2f something doesn3t work out( you3ll re*ert back the changes.
2nstead of playing around with the original httpd.conf( copy it to a new
httpd.conf.debug and use this new httpd.conf.debug file with "pache for
testing purpose as shown below using option .f.
) apachectl #f conf/httpd.conf.de"u
) httpd #k start #f conf/httpd.conf.de"u
216
*&ote: you can use either apachectl or httpd as shown
a"o(e,
) ps #ef T rep http
root 360F0 1 0 34:3C 00:00:00 /usr/s"in/httpd #f
conf/httpd.conf.de"u
apache 360GG 360F0 0 34:3F 00:00:00 /usr/s"in/httpd #f
conf/httpd.conf.de"u
*&ote: ps shows the httpd runnin with httpd.conf.de"u
file,
%nce you are satisfied with the changes and "pache runs without any
problem with httpd.conf.debug( you can copy the changes to httpd.conf
and start the "pache normally as shown below.
) cp httpd.conf.de"u httpd.conf
) apachectl stop
) apachectl start
) ps #ef T rep httpd
root 36115 1 0 34:3F 00:00:00 /usr/s"in/httpd #k
start
dae!on 36116 36115 0 34:3F 00:00:00 /usr/s"in/httpd #k
start
*&ote: ps indicates that the httpd is runnin usin the
default confi file,
1se a te#porary "ocu#ent6oot *ithout #odifyin
httpd.conf
This is *ery helpful( when you are trying out different layout for your
website and don3t want to modify the original files under the default
)ocument4oot. Take a copy of your original )ocument4oot directory
9J*arJwwwJhtml; to a new temporary )ocument4oot directory
9J*arJwwwJhtmlMdebug;. /ake all your changes under this temporary
)ocument4oot directory 9J*arJwwwJhtmlMdebug; and start the "pache
with this temporary directory as shown below using option .c.
21,
) httpd #k start #c 2.ocu!entMoot /(ar/www/ht!l9de"u/2
2f you want to go back to original configuration using the default
)ocument4oot 9J*arJwwwJhtml;( simply restart the "pache as shown
below.
) httpd #k stop
) apachectl start
Increase the LoLe2el te#porarily
=hile you are debugging an issue( you can change the oge*el of the
"pache temporarily( without modifying the oge*el directi*e in the
httpd.conf as shown below using option .e. 2n this e!ample( the oge*el
is set to debug.
) httpd #k start #e de"u
*$un %u 1K 14:64:0C 300F, *de"u, !od9so.c735C8: loaded
!odule auth9"asic9!odule
*$un %u 1K 14:64:0C 300F, *de"u, !od9so.c735C8: loaded
!odule auth9diest9!odule
0ossible *alues you can pass to option .e are1 debug( info( notice( warn(
error( crit( alert( emerg
"isplay the #odules co#piled inside Apache usin option
<l
) httpd #l
Co!piled in !odules:
core.c
prefork.c
http9core.c
!od9so.c
21D
"isplay both static and dyna#ic #odule loaded by Apache
=hen you pass option .l( to httpd( it will display only the static modules.
0assing option ./( will display both static and shared modules as shown
below.
) httpd #S
Loaded Sodules:
core9!odule 7static8
!p!9prefork9!odule 7static8
http9!odule 7static8
so9!odule 7static8
auth9"asic9!odule 7shared8
auth9diest9!odule 7shared8
authn9file9!odule 7shared8
authn9alias9!odule 7shared8
$ynta- LQ
)ho* all accepted directi2es inside httpd.conf
This is like an e!tended help for httpd( which will display all the
httpd.conf directi*es and the places where they are *alid. Cor a specific
directi*e( it tells all the possible *alues and where it can be used inside
the httpd.conf. This can be *ery helpful( when you want to @uickly know
about a particular "pache directi*e.
) httpd #L
Hostna!eLookups 7core.c8
2on2 to ena"le, 2off2 to disa"le re(erse .&$ lookups, or
2dou"le2 to ena"le dou"le#re(erse .&$ lookups
%llowed in R.conf anywhere
$er(erLi!it 7prefork.c8
Sa-i!u! (alue of Sa-Clients for this run of %pache
%llowed in R.conf only outside [.irectoryZ, [YilesZ or
[LocationZ
21-
Qeep%li(e 7http9core.c8
`hether persistent connections should "e Ln or Lff
[LocationZ
LoadSodule 7!od9so.c8
a !odule na!e and the na!e of a shared o"Eect file to load
it fro!
[LocationZ
%alidate the httpd.conf after #akin chanes
Hse option .t to *alidate whether there are any issues with a specific
"pache configuration file. 2n the e!ample shown below( it displays that
there is a problem at line 14D in the httpd.conf.debug.
modMauthMbasicso is missing a . 9period; before the so.
) httpd #t #f conf/httpd.conf.de"u
httpd: $ynta- error on line 15F of
/etc/httpd/conf/httpd.conf.de"u:
Cannot load /etc/httpd/!odules/!od9auth9"asicso into
ser(er:
/etc/httpd/!odules/!od9auth9"asicso: cannot open shared
o"Eect file: &o such file or directory
Lnce you fi- the issue, it will display $ynta- LQ.
) httpd #t #f conf/httpd.conf.de"u
$ynta- LQ
"isplay the httpd build para#eters
Hse option .? 9upper.case ?;( to display "pache *ersion number and all
the parameters that are used while building the "pache.
) httpd #'
$er(er (ersion: %pache/3.3.G 7\ni-8
220
$er(er "uilt: Dul 15 300F 16:4C:6C
$er(erVs Sodule Saic &u!"er: 30061116:16
$er(er loaded: %/M 1.3.13, %/M#\til 1.3.13
Co!piled usin: %/M 1.3.13, %/M#\til 1.3.13
%rchitecture: 43#"it
$er(er S/S: /refork
threaded: no
forked: yes 7(aria"le process count8
$er(er co!piled with....
#. %/%CHI9S/S9.BM02ser(er/!p!/prefork2
#. %/M9H%$9$I&.YBLI
#. H++/.9MLL+02/etc/httpd2
#. $\IaIC9BB&02/usr/s"in/sue-ec2
#. .IY%\L+9/B.LLG02los/httpd.pid2
#. .IY%\L+9$CLMIBL%M.02los/apache9runti!e9status2
#. .IY%\L+9LLCQYBLI02los/accept.lock2
#. .IY%\L+9IMMLMLLG02los/error9lo2
#. %/9+Y/I$9CL&YBG9YBLI02conf/!i!e.types2
#. $IM'IM9CL&YBG9YBLI02conf/httpd.conf2
...
2f you want display only the "pache *ersion number( use the option .*
9lower.case *; as shown below.
) httpd #(
$er(er (ersion: %pache/3.3.G 7\ni-8
$er(er "uilt: Dul 15 300F 16:4C:6C
Load a specific #odule only on de#and.
&ometimes you may not want to load all the modules in the "pache. Cor
e.g. Aou may want to load ldap related modules to "pache( only when
you are testing )"0. This can be achie*ed as shown below.
221
/odify the httpd.conf and add 2f)efine directi*e called load.ldap 9you
can name this anything you want;.
[Bf.efine load#ldapZ
LoadSodule ldap9!odule !odules/!od9ldap.so
LoadSodule authnP9ldap9!odule !odules/!od9authnP9ldap.so
[/Bf.efineZ
=hen you are testing ldap and would like to oad the ldap related
modules( pass the load.ldap to %ption .)( as shown below1
) httpd #k start #e de"u #.load#ldap #f
/etc/httpd/conf/httpd.conf.de"u
*$un %u 1K 15:15:6F 300F, *de"u, !od9so.c735C8: loaded
!odule ldap9!odule
*$un %u 1K 15:15:6F 300F, *de"u, !od9so.c735C8: loaded
!odule authnP9ldap9!odule
*&ote: /ass #.load#ldap, to load the ldap !odules into
%pache,
) apachectl start
*&ote: $tart the %pache nor!ally, if you donVt want to
load the ldap !odules.,
Any Questions?
.iscuss it here: G +ips to \se %pachectl and Httpd like
a /ower \ser
222
Hack 8,. )etup Apache %irtual Host
Confiuration
1nco##ent httpd<2hosts.conf in httpd.conf
2f you3*e installed "pache 2 from source( by default( the following line
will be commented in the httpd.conf file. Hncomment this line.
) (i /usr/local/apache3/conf/httpd.conf
Bnclude conf/e-tra/httpd#(hosts.conf
)etup 2irtual hosts
/odify the httpd.*hosts.conf as shown below to setup named.based
*irtual host setting for two hosts.
5ame?irtual'ost U1D0 $ 2ndicates that all the name.based *irtual
hosts will be listening on the default port D0
W?irtual'ost U1D0X WJ?irtual'ostX $ :nclose all the apache
configuration parameters for each and e*ery *irtual host
between these ?irtual'ost tags. "ny apache directi*es can be
used within the *irtualhost container.
2n the following e!ample( we are setting up *irtual host for
thegeekstuff.com and top5freeware.com listening on the same
port D0. &o( there will be two W?irtual'ost U1D0X WJ?irtual'ostX(
one for each website.
=hen you go to thegeekstuff.com( the files under
JusrJlocalJapache2JdocsJthegeekstuff will be ser*ed by "pache[
and the accessMlog and errorMlog for this site will go under
JusrJlocalJapache2JlogsJthegeekstuff
) (i /usr/local/apache3/conf/e-tra/httpd#(hosts.conf
&a!e'irtualHost R:F0

['irtualHost R:F0Z
$er(er%d!in ra!esh<theeekstuff.co!
.ocu!entMoot 2/usr/local/apache3/docs/theeekstuff2
$er(er&a!e theeekstuff.co!
223
$er(er%lias www.theeekstuff.co!
IrrorLo 2los/theeekstuff/error9lo2
Custo!Lo 2los/theeekstuff/access9lo2 co!!on
[/'irtualHostZ
['irtualHost R:F0Z
$er(er%d!in ra!esh<top6freeware.co!
.ocu!entMoot 2/usr/local/apache3/docs/top6freeware2
$er(er&a!e top6freeware.co!
$er(er%lias www.top6freeware.co!
IrrorLo 2los/top6freeware/error9lo2
Custo!Lo 2los/top6freeware/access9lo2 co!!on
[/'irtualHostZ
Check %irtualHost Confiuration )yntax
?erify *irtual configuration synta! using Qhttpd .&R as shown below.
=hen e*erything is setup properly( it 6ust displays Q&ynta! %_R.
) /usr/local/apache3/"in/httpd #$
'irtualHost confiuration:
$ynta- LQ
=hen something is not configured properly( it will display warning
message( including Qdirectory does not e!itR message as shown below.
) /usr/local/apache3/"in/httpd #$
àrnin: .ocu!entMoot
*/usr/local/apache3/docs/top6freeware, does not e-ist
àrnin: IrrorLo */usr/local/apache3/los/theeekstuff,
does not e-ist
$ynta- LQ
224
6estart the Apache and test
) /usr/local/apache3/"in/apachectl restart
5ow( when you go to thegeekstuff.com 9or www.thegeekstuff.com;( the
apache will ser*e the files from JusrJlocalJapache2JdocsJthegeekstuff
directory.
=hen you go to top5freeware.com 9or www.top5freeware.com;( the
same apache running on the same ser*er will ser*e the files from
JusrJlocalJapache2JdocsJtop5freeware directory.
Sust to reiterate( for the name.based *irtual host to work properly( the
)5& entry for both these websites should be pointing to the same
e!ternal ip.address of the physical ser*er where the "pache webser*er
is running.
Any Questions?
.iscuss it here: How +o $etup %pache 'irtual Host
Confiuration 7ìth I-a!ples8
Hack 8-. 6otate Apache Los 7iles
This hack e!plains how to rotate the apache accessMlog and errorMlog
files.
"dd the following file to JetcJlogrotate.d directory.
) (i /etc/lorotate.d/apache
/usr/local/apache3/los/access9lo
/usr/local/apache3/los/error9lo :
siPe 100S
co!press
225
datee-t
!a-ae 40
postrotate
/usr/"in/killall #H\/ httpd
ls #ltr /usr/local/apache3/los T !ail #s
2;HL$+&%SI: %pache restarted and lo files rotated2
ra!esh<theeekstuff.co!
endscript
@
5ote1 4efer to our logrotate tutorial 9with 15 e!amples; that e!plains
more details about how to use logrotate options.
2n the abo*e JetcJlogrotate.dJapache e!ample1
si+e 100/ $ %nce the accessMlog( and errorMlog reaches 100/( it
will be rotated. Aou can also use 100k 9for _b;( 1007 9for 78;.
2nstead of si+e( you can also rotate apache logs using fre@uency
9daily( weekly( monthly;.
compress $ 2ndicates that the rotated log file will be compressed.
8y default this uses g+ip. &o( the rotated file will ha*e .g+
e!tension.
datee!t . "ppends the date in AAAA//)) format to the rotated
log files. i.e 2nstead of accessMlog.1.g+( it creates accessMlog.
20110616.g+
ma!age . 2ndicates how long the rotated log files should be kept.
2n this e!ample( it will be kept for 30 days.
postrotate and endscript $ "ny commands enclosed between
these two parameter will be e!ecuted after the log is rotated.
I#portant. %nce you rotate the log files( you want apache to write the
new log messages to the newly created accessMlog and errorMlog. &o(
you need to send the 'H0 signal to the apache as shown here. /ake
sure to do JusrJbinJkillall .'H0 httpd( which will restart the apache after
rotating the log files 94ead more about kill;.
226
"lso( you might want to send an email to yourself indicating that the log
file is rotated( along with the output of ls .ltr command as the body of
the email. i.e "dd the following between QpostrotateR and QendscriptR
option 9after the killall command;.
ls #ltr /usr/local/apache3/los T !ail #s 2;HL$+&%SI:
%pache restarted and lo files rotated2
ra!esh<theeekstuff.co!
The JetcJcron.dailyJlogrotate script runs e*eryday that will perform log
rotate of all the files as specified in the JetcJlogrotate.conf and all the file
under JetcJlogrotate.d directory.
"fter adding the abo*e JetcJlogrotate.dJapache file( for testing purpose(
you can manually call the logrotate script as shown below.
) /etc/cron.daily/lorotate
%nce the log files are rotated( do a ls to *erify them. "s we e!plained
abo*e( the rotated log files will be kept for 30 days.
) ls /usr/local/apache3/los
access9lo
error9lo
access9lo#30110K1C.P
error9lo#30110K1C.P
Any Questions?
.iscuss it here: How to Motate %pache Lo Yiles in Linu-
Additional (ogrotate Examples:
+he \lti!ate Lorotate Co!!and +utorial with 10 I-a!ples
22,
Chapter 11. 'ash )criptin
Hack 80. 5xecution )e;uence of .bashAE files
This hack e!plains the se@uence in which the following files are
e!ecuted1
JetcJprofile
LJ.bashMprofile
LJ.bashrc
LJ.bashMlogin
LJ.profile
LJ.bashMlogout
5xecution se;uence for interacti2e loin shell
Collowing pseudo code e!plains the se@uence of e!ecution of these files.
e-ecute /etc/profile
BY 1/."ash9profile e-ists +HI&
e-ecute 1/."ash9profile
IL$I
BY 1/."ash9loin e-ist +HI&
e-ecute 1/."ash9loin
IL$I
BY 1/.profile e-ist +HI&
e-ecute 1/.profile
I&. BY
I&. BY
I&. BY
=hen you logout of the interacti*e shell( following is the se@uence of
e!ecution1
22D
BY 1/."ash9loout e-ists +HI&
e-ecute 1/."ash9loout
I&. BY
0lease note that JetcJbashrc is e!ecuted by LJ.bashrc as shown below1
) cat 1/."ashrc
if * #f /etc/"ashrc ,? then
. /etc/"ashrc
fi
5xecution se;uence for interacti2e non<loin shell
=hile launching a non.login interacti*e shell( following is the se@uence
of e!ecution1
BY 1/."ashrc e-ists +HI&
e-ecute 1/."ashrc
I&. BY
5ote1 =hen a non.interacti*e shell starts up( it looks for :5?
en*ironment *ariable( and e!ecute the file.name *alue mentioned in the
:5? *ariable.
Test the se;uence of execution
%ne of the ways to test the se@uence of e!ecution is by adding different
0&1 *alues to these files and re.login to the shell and see which 0&1
*alue got picked up by the inu! prompt. "lso( earlier we discussed
about how to use 0&1 to make your inu! prompt both functional and
stylish.
1. JetcJprofile gets e!ecuted. "dd following 0&1 line to JetcJprofile and re.
login to make sure the inu! prompt changes to the 0&1 *alue set inside
the JetcJprofile.
22-
) rep /$1 /etc/profile
/$102/etc/profileZ 2
*&ote: re#loin to see the pro!pt chane as shown "elow,
Last loin: $at $ep 3K 1C:54:6K 300F fro! 1G3.1CF.1.3
/etc/profileZ
0lease make sure LJ.bashMprofile doesn3t ha*e any 0&1 for the abo*e to
work properly.
2. LJ.bashMprofile gets e!ecuted1 "dd following 0&1 to LJ.bashMprofile(
LJ.bashMlogin( LJ.profile and LJ.bashrc. 4e.login to make sure the inu!
prompt changes to the 0&1 *alue set inside the LJ.bashMprofile as
shown below.
/etc/profileZ rep /$1 1/."ash9profile
e-port /$1021/."ash9profileZ 2
/etc/profileZ rep /$1 1/."ash9loin
e-port /$1021/."ash9loinZ 2
/etc/profileZ rep /$1 1/.profile
e-port /$1021/.profileZ 2
/etc/profileZ rep /$1 1/."ashrc
e-port /$1021/."ashrcZ 2
*&ote: \pon re#loin, it e-ecuted /etc/profile first and
1/."ash9profile ne-t. $o, it took the /$1 fro!
1/."ash9profile as shown "elow. Bt also did not e-ecute
1/."ash9loin, as 1/."ash9profile e-ists,
Last loin: $at $ep 3K 1C:5F:11 300F fro! 1G3.1CF.1.3
1/."ash9profileZ
230
3. LJ.bashMlogin gets e!ecuted. 4ename the .bashMprofile to something
else. 4e.login to make sure the inu! prompt changes to the 0&1 *alue
set inside the LJ.bashMlogin as shown below.
1/."ash9profileZ !( ."ash9profile "ash9profile9not9used
*&ote: \pon re#loin, it e-ecuted /etc/profile first.
$ince it cannot find 1/."ash9profile, it e-ecuted
1/."ash9loin,
Last loin: $at $ep 3K 1C:60:66 300F fro! 1G3.1CF.1.3
1/"ash9loinZ
4. LJ.profile gets e!ecuted. 4ename the .bashMlogin to something else.
4e.login to make sure the inu! prompt changes to the 0&1 *alue set
inside the LJ.profile as shown below.
1/."ash9loinZ !( ."ash9loin "ash9loin9not9used
*&ote: \pon re#loin, it e-ecuted /etc/profile first.
$ince it cannot find 1/."ash9profile and 1/."ash9loin, it
e-ecuted 1/.profile,
Last loin: $at $ep 3K 1C:6C:4C 300F fro! 1G3.1CF.1.3
1/.profileZ
5. LJ.bashrc gets e!ecuted for non.login shell testing. :!ecuting QbashR
at the command prompt will gi*e another non.login shell( which will
in*oke .bashrc as shown below.
1/.profileZ "ash
*&ote: +his displays /$1 fro! ."ashrc as shown "elow.,
1/."ashrcZ e-it
*&ote: %fter e-itin fro! non#loin shell, we are "ack to
loin shell,
231
1/.profileZ
Any Questions?
.iscuss it here: I-ecution se_uence for
."ash9profile, ."ashrc, ."ash9loin, .profile and
."ash9loout
Hack 83. 'ash 786 Loops 1sin C Like )yntax
The second form of bash for loop is similar to the ]#3 programming
language for loop( which has three e!pressions 9initiali+ation( condition
and update;.
for 77 e-pr1? e-pr3? e-pr4 88
do
co!!ands
done
8efore the first iteration( e!pr1 is e*aluated. This is usually used
to initiali+e *ariables for the loop.
"ll the statements between do and done are e!ecuted repeatedly
as long as the *alue of e!pr2 is T4H:.
"fter each loop iteration( e!pr3 is e*aluated. This is usually used
to increment a loop counter.
The following e!amples show how to use this synta! in the bash for loop.
Loop usin C<)tyle
7enerate and display 5 random numbers using the bash #.style for loop1
; cat for10.sh
for 77 i01? i [0 4? iOO 88
do
232
echo 2Mando! nu!"er ;i: ;M%&.LS2
done
; ./for10.sh
Mando! nu!"er 1: 34430
Mando! nu!"er 3: 60K0
Mando! nu!"er 4: 16303
Infinite Loop 1sin 'ash 7or
=hen you don>t pro*ide the start( condition( and increment in a #.style
for loop( it will e!ecute fore*er. Aou need to press #trl.# to stop the loop.
; cat for11.sh
i01?
for 77 ? ? 88
do
sleep ;i
echo 2&u!"er: ;77iOO882
done
5ote1 )on3t forget you will need to press #trl.# to break from this
e!ample1
; ./for11.sh
&u!"er: 1
&u!"er: 3
&u!"er: 4
Incre#ent T*o %alues 1sin Co##a in C<style for loop
2n the bash c.style loop( in addition to incrementing the *alue that is
used in the condition( you can also increment some other *alue or
perform some other action. 2n both the initiali+ation section and the
increment section of the #.style for loop( you can use multiple
statements separated with a comma. This e!ample uses i for control and
manipulates 6 separately1
233
; cat for13.sh
for 77i01, E010? i [0 6 ? iOO, E0EO688
do
echo 2&u!"er ;i: ;E2
done
; ./for13.sh
&u!"er 1: 10
&u!"er 3: 16
&u!"er 4: 30
&u!"er 5: 36
&u!"er 6: 40
Additional !ash For (oop Examples:
13 Bash Yor Loop I-a!ples for Your Linu- $hell $criptin
Hack 84. "ebu a )hell )cript
To debug a shell script use set $!* inside the shell script at the top.
)hell script *ith no debu co##and.
; cat filesiPe.sh
)A/"in/"ash
do
done
echo 2+otal file siPe in current directory: ;totalsiPe2
234
8utput of )hell script *ith no debu co##and.
; ./filesiPe.sh
+otal file siPe in current directory: C63
)hell script *ith "ebu co##and inside.
"dd set $!* inside the shell script now to debug the output as shown
below.
; cat filesiPe.sh
)A/"in/"ash
set #-(
do
done
echo 2+otal file siPe in current directory: ;totalsiPe2
8utput of )hell script *ith "ebu co##and inside.
; ./fs.sh
OO ls #l .
OO rep VN#V
OO awk V:print ;6@V
O for filesiPe in V;7ls #l . T rep 2N#2 T awk V>VV:print
;6@V>VV8V
O let totalsiPe0O1KF
;6@V>VV8V
O let totalsiPe01KFO3F6
;6@V>VV8V
O let totalsiPe05C4O1FG
O echo V+otal file siPe in current directory: C63V
235
+otal file siPe in current directory: C63
5xecute )hell script *ith debu option.
2nstead of gi*ing the set $!* inside the shell script( you can also pro*ide
that while e!ecuting the shell script as shown below.
; "ash #-( filesiPe.sh
Hack 87. Guotin
echo statement without any special character.
; echo +he Geek $tuff
+he Geek $tuff
:cho statement with a special character [ . semi.colon is a command
terminator in bash. 2n the following e!ample( QThe 7eekR works for the
echo and Q&tuffR is treated as a separate inu! command and gi*es
command not found.
; echo +he Geek? $tuff
+he Geek
#"ash: $tuff: co!!and not found
To a*oid this you can add a O in front of semi.colon( which will remo*e
the special meaning of semi.colon and 6ust print it as shown below.
; echo +he Geek>? $tuff
+he Geek? $tuff
)inle Guote
Hse single @uote when you want to literally print e*erything inside the
single @uote. :*en the special *ariables such as N'%&T5"/: will be
print as N'%&T5"/: instead of printing the name of the inu! host.
236
; echo VHostna!e0;HL$+&%SI ? Current \ser0Uwhoa!iU ?
Sessae0>; is \$.V
Hostna!e0;HL$+&%SI ? Current \ser0Uwhoa!iU ? Sessae0>;
is \$.
"ouble Guote
Hse double @uotes when you want to display the real meaning of special
*ariables.
; echo 2Hostna!e0;HL$+&%SI ? Current \ser0Uwhoa!iU ?
Sessae0>; is \$.2
Hostna!e0de(#d" ? Current \ser0ra!esh ? Sessae0; is \$.
)ouble @uotes will remo*e the special meaning of all characters e!cept
the following1
N 0arameter &ubstitution.
Z 8ack@uotes
ON iteral )ollar &ign.
Oj iteral 8ack@uote.
OF :mbedded )ouble@uote.
OO :mbedded 8ackslashes.
Hack 88. 6ead "ata 7ile 7ields Inside a )hell
)cript
This e!ample shows how to read a particular field from a data.file and
manipulate it inside a shell.script. Cor e!ample( let us assume the
employees.t!t file is in the format of aemployee.nameb1aemployee.idb1
adepartment.nameb( with colon delimited file as shown below.
; cat e!ployees.t-t
23,
The following shell script e!plains how to read specific fields from this
employee.t!t file.
; (i read#e!ployees.sh
)A/"in/"ash
BY$0:
echo 2I!ployee &a!es:2
echo 2###############2
while read na!e e!pid dept
do
echo 2;na!e is part of ;dept depart!ent2
done [ 1/e!ployees.t-t
"ssign e!ecute pri*ilege to the shell script and e!ecute it.
; ch!od uO- read#e!ployees.sh
; ./read#e!ployees.sh
I!ployee &a!es:
###############
I!!a +ho!as is part of Sarketin depart!ent
%le- Dason is part of $ales depart!ent
Sadison Mandy is part of /roduct .e(elop!ent depart!ent
$anEay Gupta is part of $upport depart!ent
&isha $inh is part of $ales depart!ent
23D
Chapter 1,. )yste# &onitorin and
/erfor#ance
Hack 8$. 7ree Co##and
free command displays all the necessary information about system
physical 94"/; and swap memory.
$ynta-: free *options,
>hat is the total 6A& on #y syste#J
2n the e!ample below( the total physical memory on this system is 178.
The *alues displayed below are in _8.
) free
total used free shared "uffers cached
Se!: 1045C35 100CCGC 3KG3F 0 1K514C C16FG3
#/O "uffers/cache: 31CCCF F1KG6C
$wap:3041C0F 0 3041C0F
>hat is the total #e#ory on #y syste# includin 6A&
and )*apJ
2n the following command1
option m displays the *alues in /8
option t displays the QTotalR line( which is sum of physical and
swap memory *alues
option o is to hide the buffersJcache line from the abo*e
e!ample.
) free H!to
total used free shared "uffers cached
Se!: 1010 GF4 3K 0 1K0 C01
23-
$wap: 1GF4 0 1GF4
+otal: 3GG5 GF4 3011
Hack $0. Top Co##and
top command displays real time information about *arious performance
metrics of the system such as #0H oad( /emory Hsage( 0rocesses list
etc.
$ynta-: top *options,
Ho* to 2ie* #y current syste# status includin C/1
usaeJ
:!ecute top without any option from the command line( which will
display the output shown below. The top command output will keep
displaying the real.time *alues( until you press Q#ontrol ` cR or @ to e!it
from the command output.
) top
top # 14:10:14 up 1K1 days, 30:31, 4 users, load
a(erae: 0.01, 0.06, 0.00
+asks: 1G5 total, 1 runnin, 1G4 sleepin, 0 stopped,
0 Po!"ie
Cpu7s8: 0.CW us, 0.KW sy, 0.0W ni, GF.KW id, 0.0W wa,
0.0W hi, 0.0W si
Se!: 1045C35k total, 100K530k used, 3K305k free,
1K5650k "uffers
$wap: 3041C0Fk total, 0k used, 3041C0Fk
free, C16G05k cached
/B. \$IM /M &B 'BM+ MI$ $HM $ WC/\ WSIS +BSIO
CLSS%&.
11G13 apache 16 0 41F3F 14! 4G1C $ 1
0.3 0:5C.46 httpd
240
1G3GG oracle 1G 0 3KG! 1F! 1K! $ 1
0.3 0:00.04 oracle
114GF Es!ith 1C 0 10K! 3F! C505 $ 0
0.5 0:04.0K perl
Ho* to read the output of the top co##and sho*n abo2eJ
ine 1 QtopR( indicates that the system has been up and running
for 1,1 days.
ine 2 QTasksR( displays the total number of processes along with
a breakdown of running( sleeping( stopped and +ombie processes
count.
ine 3 Q#pu9s;R displays the current #0H utili+ation of the system.
2n this e!ample( #0H is -D.,\ idle
ine 4 Q/emR and line 5 Q&wapR pro*ides the memory
information. This is the same information from the free
command.
The rest of the lines display all the acti*e processes on the
system( sorted default by #0H usage 9\#0H column;. i.e the
most #0H intensi*e processes will be displayed on the top by
default.
There are se*eral command line options and interacti*e options
a*ailable for top commands. et us re*iew couple of essential options for
top command.
Ho* to identify the #ost #e#ory intensi2e processesJ
=hile the output of the top command displayed( press C( which will
display the following message and show all fields a*ailable for sorting(
press n 9which is for sorting the processes by /emory; and press enter.
This will display the processes in the top output sorted by memory
usage.
Current $ort Yield: Q for window 1:.ef
&elect sort field *ia field letter( type any other key to return
241
Ho* to add additional fields Kfor e.. C/1 Ti#eM to the top
outputJ
=hile the top command is running( press f( which will display the
following message and show all fields a*ailable for display( press l(
which will add the #0H Time to the display columns in the top output.
Current Yields: %IHBLb+`Q&S"cdfEplrsu(yPa for window
1:.ef
Toggle fields *ia field letter( type any other key to return
Ho* to et the full path na#e and para#eters of the
runnin processesJ
=hile the top command is running( press c( which will display full
pathname of running processes as shown below in the command
column. i.e 2nstead of httpd( it displays JusrJlocalJapache2JbinJhttpd.
/B. \$IM /M &B 'BM+ MI$ $HM $ WC/\ WSIS +BSIO
CLSS%&.
11G13 apache 16 0 41F3F 14! 4G1C $ 1
0.3 0:5C.46 /usr/local/apache3/"in/httpd
Ho* to 2ie* the indi2idual C/1s in the top co##andJ
=hile the top command is running( press 1 9number one;( which will
display the performance data of the indi*idual #0Hs on that machine as
shown below.
top # 14:10:14 up 1K1 days, 30:31, 4 users, load
a(erae: 0.01, 0.06, 0.00
+asks: 1G5 total, 1 runnin, 1G4 sleepin, 0 stopped,
0 Po!"ie
Cpu0 : 10.3W us, 3.CW sy, 0.0W ni, FC.FW id, 0.4W wa,
0.0W hi, 0.0W si
Cpu1 : G.CW us, F.0W sy, 0.0W ni, F3.5W id, 0.0W wa,
0.0W hi, 0.0W si
Cpu3 : 1.4W us, 1.4W sy, 0.0W ni, G6.0W id, 3.4W wa,
0.0W hi, 0.0W si
242
Cpu4 : 0.0W us, 0.0W sy, 0.0W ni, 100.0W id, 0.0W wa,
0.0W hi, 0.0W si
Se!: 1045C35k total, 100K530k used, 3K305k free,
1K5650k "uffers
$wap: 3041C0Fk total, 0k used, 3041C0Fk
free, C16G05k cached
Additional 1op #ommand Examples:
16 /ractical Linu- +op Co!!and I-a!ples
+op on $teroids H 16 /ractical Linu- H+L/ I-a!ples
How +o Capture \ni- +op Co!!and Lutput to a Yile in
Meada"le Yor!at
BY+L/ Guide: .isplay &etwork Bnterface Bandwidth \sae
on Linu-
Hack $1. "f Co##and
df command 9disk free; displays the amount of total and free disk space
a*ailable on the mounted filesystems.
$ynta-: df *options, *na!e,
Ho* #uch (' of disk space is free on #y syste#J
Hse df .h as shown below. %ption .h displays the *alues in human
readable format 9for e!ample1 _ for _b( / for /b and 7 for 7b;. 2n the
sample output below( J filesystem has 1,78 of disk space a*ailable
and JhomeJuser filesystem has ,078 a*ailable.
) df Hh
Yilesyste! $iPe \sed %(ail \seW Sounted on
243
/de(/sda1 C5G 55G 1KG K4W /
/de(/sd"1 14KG CKG K0G 5GW /ho!e/user
>hat type of filesyste# do I ha2e on #y syste#J
%ption .T will display the information about the filesystem Type. 2n this
e!ample J and JhomeJuser filesystems are e!t2. %ption .a will display all
the filesystems( including the 0 si+e special filesystem used by the
system.
) df #+ha
Yilesyste! +ype $iPe \sed %(ail \seW Sounted on
/de(/sda1 e-t3 C5G 55G 1KG K4W /
/de(/sd"1 e-t3 14KG CKG K0G 5GW /ho!e/user
none proc 0 0 0 # /proc
none sysfs 0 0 0 # /sys
none de(pts 0 0 0 # /de(/pts
none t!pfs 3.0G 0 3.0G 0W /de(/sh!
Hack $,. "u Co##and
du command 9disk usage; will print the file space usage for a particular
directory and its subdirectories.
Ho* #uch space is taken by #y ho#e directory and all its
subdirectoriesJ
2n the following e!ample( option .s stands for summary only. i.e it
displays only the total si+e of JhomeJ6smith and not the indi*idual si+es
of all the subdirectories inside the JhomeJ6smith. %ption .h displays the
information in a human readable format. i.e _ for _8( / for /8 and 7 for
78. The L indicates the user home directory. This command is same as
Qdu .sh JhomeJ6smithR
) du #sh 1
430S /ho!e/Es!ith
244
To get the subdirectories under JhomeJ6smith listed( e!ecute the abo*e
command without the s option.
Hack $-. Lsof Co##ands
sof stands for ls open files( which will list all the open files in the
system. The open files include network connection( de*ices and
directories. The output of the lsof command will ha*e the following
columns1
#%//"5) process name.
02) process 2)
H&:4 Hsername
C) file descriptor
TA0: node type of the file
):?2#: de*ice number
&2d: file si+e
5%): node number
5"/: full path of the file name.
%ie* all open files of the syste#
:!ecute the lsof command without any parameter as shown below.
) lsof T !ore
CLSS%&. /B. \$IM Y. +Y/I .I'BCI $BJI &L.I &%SI
init 1 root cwd .BM F,1 50GC 3 /
init 1 root rtd .BM F,1 50GC 3 /
init 1 root t-t MIG F,1 43CF5 GF4101
/s"in/init
init 1 root !e! MIG F,1 10C4GK 1CCKGF
/li"/ld#3.4.5.so
init 1 root !e! MIG F,1 1565F03 1CCKGG
/li"/tls/li"c#3.4.5.so
245
init 1 root !e! MIG F,1 64K4C 1C4GC5
/li"/li"sepol.so.1
init 1 root !e! MIG F,1 6C43F 1CCF11
/li"/li"selinu-.so.1
skippedd

The lsof command by itself without may return lot of records as output(
which may not be *ery meaningful e!cept to gi*e you a rough idea
about how many files are open in the system at any gi*en point of *iew
as shown below.
) lsof T wc #l
40G4
%ie* open files by a specific user
Hse lsof $u option to display all the files opened by a specific user.
) lsof Hu ra!esh
(i K1G0 ra!esh t-t MIG F,1 5K5C0F
5K61GC /"in/(i
sshd K1C4 ra!esh 4u B/(C 160FF3C4
+C/ de(#d":ssh#Za"c#13#13#13#13.socal.res.rr.co!:3C41
7I$+%BLB$HI.8
" system administrator can use this command to get some idea on what
users are e!ecuting on the system.
List 1sers of a particular file
2f you like to *iew all the users who are using a particular file( use lsof as
shown below. 2n this e!ample( it displays all users who are currently
using *i.
) lsof /"in/(i
CLSS%&. /B. \$IM Y. +Y/I .I'BCI $BJI &L.I &%SI
(i K36F root t-t MIG F,1 5K5C0F 5K61GC /"in/(i
246
(i K400 ra!esh t-t MIG F,1 5K5C0F 5K61GC /"in/(i
Hack $0. %#stat Co##and
Cor a typical performance monitoring all you need is only *mstat
command. This display memory( swap( 2%( system and cpu performance
information.
The following command e!ecutes *mstat e*ery 1 second for 100 times.
) (!stat 1 100
procs ###########!e!ory########## ###swap## #####io####
##syste!## ####cpu####
r " swpd free "uff cache si so "i "o
in cs us sy id wa
0 0 0 3F3130 14510F 6KGK013 0 0 0 3
0 0 0 0 100 0
0 0 0 3F3130 14510F 6KGK013 0 0 0 0
100K 46G 0 0 100 0
0 0 0 3F3130 14510F 6KGK013 0 0 0 0
111K 6KK 0 0 100 0
0 0 0 3F3130 14510F 6KGK013 0 0 0 0
100K 4CC 0 0 100 0
%#stat procs )ection
r field1 Total number of runnable process
b field1 Total number of blocked process
&e#ory section
&wpd field1 Hsed swap space
Cree field1 "*ailable free 4"/
8uff field1 4"/ used for buffers
#ache field1 4"/ used for filesystem cache
24,
)*ap )ection
&i field1 "mount of memory swapped from disk per second
&o field1 "mount of memory swapped to disk per second
I8 )ection
8i field1 8locks recei*ed from disk
8o field1 8locks sent to disk.
)yste# )ection
2n field1 5umber of interrupts per second.
#s field1 5umber of conte!t switches per second.
C/1 )ection
Hs field1 Time spend running user code. 9non.kernel code;
&y field1 Time spent running kernel code.
2d field1 2dle time.
=a field1 Time spent waiting for the 2%
Additional 5mstat Examples:
35 iostat, (!stat and !pstat I-a!ples for Linu-
/erfor!ance Sonitorin
Hack $3. +etstat Co##and
5etstat command displays the network related information such as
network connections( routing tables( interface statistics. Collowing are
few e!amples on how to use netstat command.
24D
"isplay Acti2e Internet Connections and do#ain sockets
usin netstat
) netstat Han
%cti(e Bnternet connections 7ser(ers and esta"lished8
/roto Mec(#b $end#b Local %ddress Yorein %ddress $tate
tcp 0 0 0.0.0.0:6CCC 0.0.0.0:R LB$+I&
tcp 0 0 0.0.0.0:111 0.0.0.0:R LB$+I&
tcp 0 0 0.0.0.0:50FC 0.0.0.0:R LB$+I&
skipped..
%cti(e \&Ba do!ain sockets 7ser(ers and esta"lished8
/roto MefCnt Ylas +ype $tate B#&ode
/ath
uni- 3 * %CC , $+MI%S LB$+I&B&G KFG5
/t!p/.font#uni-/fsK100
uni- 3 * %CC , $+MI%S LB$+I&B&G GCC3
/t!p/.d!9socket
uni- 3 * %CC , $+MI%S LB$+I&B&G 10FGK
</t!p/fa!#root#
"isplay Acti2e Connections *ith /rocess I" and /rora#
+a#e
This could be *ery helpful to identify which program has initiated a
specific network connection.
) netstat #tap
%cti(e Bnternet connections 7ser(ers and esta"lished8
/roto Mec(#b $end#b Local %ddress Yorein %ddress
$tate /B.//rora! na!e
tcp 0 0 R:nrpe R:R
LB$+I& 1C3KK/-inetd
tcp 0 0 localhost.localdo!ain:s!tp R:R
LB$+I& K3C4/send!ail: acce
24-
tcp 45 0 localhost.localdo!ain:65331
localhost.localdo!ain:50FG CLL$I9`%B+ 3GFF1/httpd
tcp 0 431C de(#d":ssh cpe#KC#G5#
316#165.soca:5CF3 I$+%BLB$HI. 11K1K/sshd: ra!esh
"isplay 6outin Table
) netstat H#route
Qernel B/ routin ta"le
.estination Gateway Gen!ask Ylas S$$ irtt Bface
1G3.1CF.1.0 R 366.366.366.0 \ 0 0 eth0
1C3.355.0.0 R 366.366.0.0 \ 0 0 eth0
default 1G3.1CF.1.1 0.0.0.0 \G 0 0 eth0
"isplay 6A> net*ork statistics
) netstat ##statistics ##raw
Bp:
110F0454 total packets recei(ed
0 forwarded
1 with unknown protocol
0 inco!in packets discarded
1104KK55 inco!in packets deli(ered
111GGKC4 re_uests sent out
Bc!p:
6KK146 BCS/ !essaes recei(ed
C5 input BCS/ !essae failed.
BCS/ input histora!:
destination unreacha"le: 64K
ti!eout in transit: C6
source _uenches: 3
echo re_uests: 6KC5KC
echo replies: 13
250
ti!esta!p re_uest: 4
address !ask re_uest: 4
6F166F BCS/ !essaes sent
0 BCS/ !essaes failed
BCS/ output histora!:
destination unreacha"le: 60KG
echo replies: 6KC5KC
ti!esta!p replies: 4
&isc +etstat Co##ands
^ netstat $.tcp $.numeric ist of T#0 connection to and from the
machine.
^ netstat ..tcp ..listening $.programs )isplay T#0 port that the
ser*er is listening on along with the program that is listening on
that particular port.
^ netstat $rn# )isplay the routing cache
Additional Netstat Examples:
10 &etstat Co!!and I-a!ples
Hack $4. )ysctl Co##and
inu! kernel parameter can be changed on the fly using sysctl
command. &ysctl helps to configure the inu! kernel parameters during
runtime.
) sysctl Ha
de(.cdro!.autoclose 0 1
fs._uota.writes 0 0
kernel.ctrl#alt#del 0 0
kernel.do!ainna!e 0 7none8
251
kernel.e-ec#shield 0 1
net.core.so!a-conn 0 13F
net.ip(5.tcp9window9scalin 0 1
net.ip(5.tcp9w!e! 0 50GC 1C4F5 1410K3
net.ip(C.route.!tu9e-pires 0 C00
sunrpc.udp9slot9ta"le9entries 0 1C
(!."lock9du!p 0 0
&odify Fernel para#eter in PetcPsysctl.conf for per#anent
chane
"fter modifying the kernel parameter in the JetcJsysctl.conf( e!ecute
sysctl $p to commit the changes. The changes will still be there after the
reboot.
) (i /etc/sysctl.conf
) sysctl Hp
&odify kernel para#eter te#porarily
To temporarily modify a kernel parameter( e!ecute the following
command. 0lease note that after reboot these changes will be lost.
) sysctl Hw :(aria"le#na!e0(alue@
Hack $7. +ice Co##and
_ernel decides how much processor time is re@uired for a process based
on the nice *alue. 0ossible nice *alue range is1 .20 to 20. " process that
has a nice *alue of .20 is *ery high priority. The process that has a nice
*alue of 20 is *ery low priority.
Hse ps a!l to display the nice *alue of all running process as shown
below.
) ps a-l
252
Y \B. /B. //B. /MB &B '$J M$$ `CH%& $+%+ ++Y
+BSI CLSS%&.
5 0 1 0 1C 0 31K3 663 # $ c
0:1K init *6,
1 0 4 1 45 1G 0 0 ksofti $& c
4:1F *ksoftir_d/0,
1 0 10 1 6 #10 0 0 worker $[ c
0:01 *e(ents/0,
5 0 6156 1 36 10 43135 1F6G3 # $&s c
0:0F /usr/"in/python /usr/"in/rhn#applet#ui ##s!#client#
id default5
5 0 615K 6153 1C 0 463F C05 # $ c
0:00 /s"in/pa!9ti!esta!p9check #d root
1 604 1K663 51F0 1C 0 1530F 4G30 # $ c
0:01 /ho!e/www/apache3/"in/httpd #f
/ho!e/www/apache3/conf/httpd.conf #k start
Ho* to assin a lo* priority to a shell<scriptJ Khiher nice
2alueM
2n the e!ample below( when 2 started the nice.test.sh script in the
background( it took the nice *alue of 0.
; ./nice#test.sh =
*4, 1400G
; ps a-l T rep nice#test
0 60G 1400G 13FC4 1K 9 5C63 GK3 wait $ pts/1
0:00 /"in/"ash ./nice#test.sh
*Note: Cth colu!n with (alue 0 is the nice.,
5ow( let us e!ecute the same shell script with a different nice *alue as
shown below.
; nice #10 ./nice#test.sh =
*1, 1401C
253
0 60G 1401C 13FC4 40 .9 534C GCF wait $& pts/1
*Note: Cth colu!n with (alue 10 is the nice (alue for the
shell#script.,
Ho* to assin a hih priority to a shell<scriptJ KLo*er nice
2alueM
2n the following e!ample( let us assign a nice *alue of .10 9minus 10; to
the nice.test.sh shellscript.
; nice ##10 ./nice#test.sh =
*1, 14031
; nice: cannot set priority: /er!ission denied
5ote1 %nly root user can set a negati*e nice *alue. ogin as root and try
the same. 0lease note that there is a double dash before the 10 in the
nice command below.
) nice ##10 ./nice#test.sh =
*1, 140C0
) ps a-l T rep nice#test
5 0 140C0 14035 10 #10 64FF GC5 wait $[ pts/1
*Note: Cth colu!n with (alue #10 is the nice (alue of the
shell#script.,
Hack $8. 6enice Co##and
4enice alters the scheduling priority of a running process.
254
Ho* to decrease the priority of a runnin processJ
KIncrease niceM
2n the e!ample below( an e!isting shell.script is running at nice *alue of
10. 96th column in the ps output;
0 60G 14356 1431C 40 .9 6355 GCF wait $& pts/1
To increase the nice *alue 9thus reducing the priority;( e!ecute the
renice command as shown below.
; renice 1C #p 14356
14356: old priority 10, new priority 1C
0 60G 14356 1431C 4C .: 6355 GCF wait $& pts/1
*Note: &ow, the Cth colu!n of the nice#test.sh 7/B. 143568
shows the new nice (alue of 1C.,
Ho* to increase the priority of a runnin processJ
K"ecrease niceM
2n the e!ample below( an e!isting shell.script is running at a nice *alue
of 10. 96th column in the ps output;
0 60G 14365 1431C 40 10 5513 GCF wait $& pts/1
2n increase the priority( gi*e a lower nice *alue as shown below.
'owe*er( only root can increase the priority of a running process( else
you3ll get the following error message.
; renice 6 #p 14365
255
renice: 14365: setpriority: /er!ission denied
Loin as root to increase the priority of a runnin
process
; su #
) renice 6 #p 14365
14365: old priority 10, new priority 6
) ps a-l T rep nice#test
0 60G 14365 1431C 36 ; 5513 GCF wait $& pts/1
*Note: +he Cth colu!n now shows a lower nice (alue of 6
7increased priority8,
Hack $$. Fill Co##and
kill command can be used to terminate a running process. Typically this
command is used to kill processes that are hanging and not responding.
$ynta-: kill *options, *pidsTco!!ands,
Ho* to kill a hanin processJ
Cirst( identify the process id of the particular process that you would like
to kill using the ps command. %nce you know the process id( pass it as a
parameter to the kill command. The e!ample below shows how to kill
the hanging apache httpd process. 0lease note that typically you should
use Qapachectl stopR to stop apache.
) ps au- T rep httpd
\$IM /B. WC/\ WSIS '$J M$$ ++Y $+%+ $+%M+
+BSI CLSS%&.
apache 411FC 0.0 1.C 34K4C 1K66C c
$ Dul3C 0:50 /usr/local/apache3/"in/httpd
256
apache 411FK 0.0 1.4 30C50 15555 c
$ Dul3C 0:4K /usr/local/apache3/"in/httpd
) kill 411FC 411FK

0lease note that the abo*e command tries to terminate the process
graciously by sending a signal called &27T:4/. 2f the process does not
get terminated( you can forcefully terminate the process by passing a
signal called &27_2( using the option .- as shown below. Aou should
either be the owner of the process or a pri*ileged user to kill a process.
) kill #G 411FC 411FK
"nother way to kill multiple processes easily is by adding the following
two functions to the .bashMprofile.
function psrep 78
:
ps au- T rep 2;12 T rep #( VrepV
@
function pster! 78
:
* ;:)@ #e_ 0 , == echo 2usae: ;Y\&C&%SI $+MB&G2 ==
return 0
local pid
pid0;7ps a- T rep 2;12 T rep #( rep T awk V: print
;1 @V8
echo #e 2ter!inatin V;1V / process7es8:>n;pid2
kill #$BG+IMS ;pid
@
5ow do the following( to identify and kill all httpd processes.
) psrep http
25,
\$IM /B. WC/\ WSIS '$J M$$ ++Y $+%+ $+%M+
+BSI CLSS%&.
apache 411FC 0.0 1.C 34K4C 1K66C c
$ Dul3C 0:50 /usr/local/apache3/"in/httpd
apache 411FK 0.0 1.4 30C50 15555 c
$ Dul3C 0:4K /usr/local/apache3/"in/httpd
) pster! httpd
ter!inatin VhttpdV / process7es8:
411FC
411FK
Additional <ill Examples:
5 àys to Qill a /rocess H kill, killall, pkill, -kill
Hack 100. /s Co##and
ps command 9process status; will display snapshot information of all
acti*e processes.
$ynta-: ps *options,
Ho* to display all the processes runnin in the syste#J
Hse Fps au!F( as shown below.
) ps au- T !ore
\$IM /B. WC/\ WSIS '$J M$$ ++Y $+%+ $+%M+
+BSI CLSS%&.
root 1 0.0 0.0 3055 6FF c $s
Dun3K 0:00 init *6,
apache 411FC 0.0 1.C 34K4C 1K66C c $
Dul3C 0:50 /usr/local/apache3/"in/httpd
25D
apache 411FK 0.0 1.4 30C50 15555 c $
Dul3C 0:4K /usr/local/apache3/"in/httpd
Aou can also use Fps .ef e moreF( to get a similar output
/rint the /rocess Tree
Aou can use either ps a!uf or ps $e6' to display processes in a tree
format. The tree structure will help to *isuali+e the process and it3s
parent process immediately. Cor clarity purpose( few columns ha*e been
cut.off in the output below.
) ps a-uf
root Lct15 0:00 /opt/'M+$ralus/"in/"ere!ote
root Lct15 0:00 >9 /opt/'M+$ralus/"in/"ere!ote
root Lct 15 0:00 >9 /opt/'M+$ralus/"in/"ere!ote
root .ec04 0:01 /usr/local/s"in/sshd
root .ec33 1:0F /usr/local/s"in/sshd
root 34:46 0:00 >9 /usr/local/s"in/sshd
611 34:46 0:00 >9 #"ash
611 >9 ps a-uf
5ote1 Aou can also use pstree command to display process in tree
structure.
%ie* /rocesses 8*ned by a /articular 1ser
The following command displays all the process owned by inu! user.
name1 oracle.
; ps \ oracle
/B. ++Y $+%+ +BSI CLSS%&.
25-
6015 c $s 0:01 /oracle/"in/tnslsnr
K135 c $s 0:00 ora9_0039!ed
F30C c $s 0:00 ora9cE_09!ed
FF63 c $s 0:01 ora9p!on9!ed
FF65 c $s 0:00 ora9psp09!ed
FG11 c $s 0:03 oracle!ed 7LLC%L0&L8
%ie* /rocesses 8*ned by Current 1ser
Collowing command displays all the process owned by the current user.
; ps \ ;\$IM
/B. ++Y $+%+ +BSI CLSS%&.
1043G c $ 0:00 sshd: ra!esh<pts/1,pts/3
10440 pts/1 $s 0:00 #"ash
10465 pts/3 $sO 0:00 #"ash
10640 pts/1 MO 0:00 ps \ ra!esh
Additional 0S Examples:
K /ractical /$ Co!!and I-a!ples for /rocess Sonitorin
Hack 101. )ar Co##and
&ar commands comes with the sysstat package. /ake sure sysstat is
installed. 2f you don3t ha*e sar installed on your system( get it from
&ysstat pro6ect.
&ar is an e!cellent monitoring tool that displays performance data of
pretty much e*ery resource of the system including #0H( memory( 2%(
paging( networking( interrupts etc.(
260
&ar #ollects( 4eports 9displays; and &a*es the performance data. et us
look at all the three aspects separately
)adc < )yste# acti2ity data collector
JusrJlibJsadc 9&ystem acti*ity data collector; command collects the
system data at a specified time inter*al. This uses the daily acti*ity data
file that is located under J*aJlogJsaJsagddh( where dd is the current day.
)a1 shell<script
JusrJlibJsa1 in.turn calls the JusrJlibJsadcs. sa1 is in*oked from the
crontab as shown below. 4un this e*ery 5 minutes or 15 minutes
depending on your need. 2 prefer to schedule it for e*ery 5 minutes in
the cron tab as shown below.
R/6 R R R R root /usr/li"/sa/sa1 1 1
)a, shell<script
JusrJlibJsa2 is a shell script that will write a daily report in the
J*arJlogJsaJsagddh file( where dd is the current day. 2n*oke the sa2 from
the crontab once a day at midnight.
) 6G 34 R R R root /usr/li"/sa/sa3 H%
5ote1 JetcJcron.dJsysstat files comes with the sysstat package that
includes some default *alue for the sa1 and sa2( which you can change
accordingly.
"isplay C/1 )tatistics usin )ar Co##and
) sar Hu
Linu- 3.C.G#53.ILs!p 7de(#d"8 01/01/300G
13:00:01 %S C/\ Wuser Wnice Wsyste! Wiowait
Widle
13:06:01 %S all 4.K0 0.00 0.F6 0.00
G6.56
261
13:10:01 %S all 5.6G 0.00 1.1G 0.0C
G5.1C
13:16:01 %S all 4.G0 0.00 0.G6 0.05
G6.11
13:30:01 %S all 5.0C 0.00 1.00 0.01
G5.G4
13:36:01 %S all 4.FG 0.00 0.FK 0.00
G6.34
13:40:01 %S all 4.FG 0.00 0.FK 0.00
G6.34

$kipped..
%(erae: all 5.6C 0.00 1.00 0.16
G5.3G
5ote1 2f you need a break down of the performance data for the
indi*idual #0H3s( e!ecute the following command.
) sar #u #/ %LL
"isplay "isk I8 )tatistics usin sar co##and
) sar Hd
Linu- 3.C.G#53.ILs!p 7de(#d"8 01/01/300G
13:00:01 %S .I' tps rd9sec/s wr9sec/s
13:06:01 %S de(3#0 1.C6 1.3F 56.54
13:10:01 %S de(F#1 5.0F F.11 31.F1
$kipped..
%(erae: de(3#0 5.CC 130.KK CG.56
%(erae: de(F#1 1.FG 4.1K F.03
262
"isplay net*orkin )tatistics usin sar co##and
) sar #n .I' T !ore
Linu- 3.C.G#53.ILs!p 7de(#d"8 01/01/300G
13:00:01 %S BY%CI r-pck/s t-pck/s r-"yt/s
t-"yt/s r-c!p/s t-c!p/ s r-!cst/s
13:06:01 %S lo 0.1K 0.1C 36.41
34.44 0.00 0.0 0 0.00
13:10:01 %S eth0 63.G3 64.C5 101CG.K5
131KF.6K 0.00 0.00 0.00

) sar #n $LCQ T!ore
Linu- 3.C.G#53.ILs!p 7de(#d"8 01/01/300G
13:00:01 %S totsck tcpsck udpsck rawsck ip#fra
13:06:01 %S 60 14 4 0 0
13:10:01 %S 60 14 5 0 0
13:16:01 %S 64 14 6 0 0
Additional SAR Examples:
10 \seful $ar 7$ysstat8 I-a!ples for Linu- /erfor!ance
Sonitorin
263
?our )upport is Appreciated
2f you liked this inu! 101 hacks free ebook( and would like to thank me
and support The 7eek &tuff blog( purchase the following e8ooks1
'ash 101 Hacks
8ash is the default shell on inu!. 2f you are
spending lot of time on inu! en*ironment( you
should master the 8ash command line features to
become efficient. "part from being an interacti*e
shell( 8ash is also a scripting language( which
allows you to automate your tasks using 8ash shell
scripting.
8ash 101 'acks is a downloadable e8ook that
contains 101 practical e!amples on both 8ash
command line and shell scripting.
Get Your Copy of: Bash 101 Hacks eBook
)ed and A*k 101 Hacks
2f you are spending lot of time on H52I J inu!( you3ll
be manipulating te!t files fre@uently. Aou may be
making the similar edits on multiple configuration
files on one or more ser*ers. Aou may be digging
huge log files 9or data files; looking for certain
information.
&ed and "wk 101 'acks is a downloadable e8ook
that contains 101 practical e!amples on *arious
ad*anced &ed and "wk features( that will help you
understand e*erything you need to know about &ed
and "wk.
Get Your Copy of: $ed and %wk 101 Hacks eBook
264
+aios Core -
Aou should implement a robust monitoring solution
that will notify you when there is an issue. 2t should
also notify the right people at the right time about a
potential issue( e*en before it becomes critical.
5agios #ore 3 e8ook is the only guide you3ll e*er
need to get your 2T infrastructure monitored using
5agios #ore( and it will help you to understand
e*erything you need to know to implement 5agios
#ore 3.
Get Your Copy of: &aios Core 4 eBook
%i# 101 Hacks
?im editor is *ery powerful editor that will make you
e!tremely producti*e once you take some time to
learn and understand its features. 2f you are like
most people( you would like to ha*e a structured
way of learning this powerful editor and take
ad*antage of all its features.
?im 101 'acks is a downloadable e8ook that
contains 101 practical e!amples on *arious
ad*anced ?im features that will make you fast and producti*e in the ?im
editor.
Get Your Copy of: 'i! 101 Hack s eBook
265
10 A#aBin and 5ssential Linux
'ooks
Cor further reading on inu!( 2 recommend the following books. The 10
inu! books mentioned here by no means are comprehensi*e or
authoritati*e list. 8ut( these 10 8ooks are few of my fa*orites that 2
en6oyed reading o*er the years and 2 strongly belie*e will enhance your
technical abilities on inu!( if you ha*e not read them yet.
1. ))H@ The )ecure )hell @ by "aniel 9. 'arrett@ 6ichard 5.
)il2er#an and 6obert (. 'yrnes. This is hands.down the
best book on &&'. This book e!plains both theoretical and
practical aspects of &&'. Hsing &&' as an end.user is fairly
straight forward . 8ut( configuring &&' as an administrator is
comple! and in*ol*es a detailed understanding of &&'. This
is a must read for any system administrator. The e!amples in
this book show e!actly what needs to be done differently for
the different fla*ors of &&' such as &&'1( &&'2 and
%pen&&'.
2. 5ssential )yste# Ad#inistration @ by Wleen 7risch. This
is an e!cellent book for those who like to become a Hni!
&ystem "dministrator. This book co*ers all the typical system
administration tasks. This is a perfect companion when you
are dealing with multiple fla*ors of Hni!( as it has e!amples
for "2I( Cree8&)( '0.HI( inu!( &olaris and Tru64. 23*e used
the pocket *ersion of this book < :ssential &ystem
"dministration 0ocket 4eference( when 2 was managing
multiple fla*ors of Hni! systems at the same time.
3. Linux )er2er Hacks @ %olu#e 8ne@ by 6ob 7lickener.
100 awesome practical hacks packed in one book. &etup a
inu! test bed and try out all these hacks. These hacks are
neatly grouped into different sections < &er*er 8asics(
4e*ision #ontrol( 8ackups( 5etworking( /onitoring( &&'(
&cripting( and 2nformation &er*ers. %nce you3*e mastered
these hacks( you should absolutely read inu! &er*er 'acks(
?olume Two( by =illiam *on 'agen and 8rian Sones( which has
100 inu! hacks focused on authentication( monitoring(
security( performance and connecti*ity.
4. "+) and 'I+" @ by Cricket Liu and /aul AlbitB. &e*eral
years ago( 2 configured my first )5& by reading online
documentation. 2 brought this book to understand how )5&
266
and 825) works. 23*e already upgraded this book twice when
a newer edition was released. This should definitely be in your
library( if you are a serious system administrator.
5. 1nderstandin the Linux Fernel @ by "aniel 'o2et and
&arco Cesati. 2f you are a serious de*eloper on inu!
en*ironment or a sysadmin( this is a must read. This books
e!plains the inner workings of the inu! _ernel 2.6 in a
structured and logical way. This talks about how _enel
handles the /emory /anagement( 0rocess scheduling( 2J%
architecture and 8lock de*ices. %*erall this book is a treat for
geeks who are curious to e!plore what is under the hood of
inu!.
6. The A>F /rora##in Lanuae @ by Alfred %. Aho@
'rian >. Fernihan@ /eter 9. >einberer. This is a classic
book written written by the authors of "wk. 2f you are dealing
with te!t based data files on inu! en*ironment( mastering
"wk will help you to @uickly create scripts to automate your
data file manipulation 6obs.
,. Linux Cookbook @ by Carla )chroder. This book co*ers
inu! features from both users and system administrators
point of *iew. There are two chapters dedicated for installing
and managing software on 40/.based system and )ebian. 2f
you use 4ed'at( the inu! 0ocket 7uide( by )aniel S. 8arrett is
an e!cellent addition to your library( which co*ers all the
essential inu! command with a sample usage.
D. Linux 7ire*alls @ by &ichael 6ash. To build a secure inu!
system( you must read this book. There are @uiet few books
out there for iptables. 8ut( this one talks specifically about the
fundamentals of how to configure an 2ntrusion )etection
&ystem using iptables( psad and fwsnort. 2f you want a
comprehensi*e handy reference of all the things iptables can
do with specific e!amples( inu! 2ptables 0ocket 4eference(
by 7regor 5. 0urdy is the best.
-. Linux Ad#inistration Handbook @ by 52i +e#eth@ (arth
)nyder and Trent 6. Hein. )uring my early days of system
administration( 23*e referred this book fre@uently. This is
pretty detailed book with close to 1000 pages and 30
chapters that are nicely grouped together in three high le*el
sections < 8asic "dministration( 5etworking and 8unch %3
&tuff.
10. 'einnin 1buntu Linux @ by Feir Tho#as and 9ai#e
)ica#. Cor those who like to transition from =indows to
26,
inu!( install Hbuntu inu! on one of your old laptop or
desktop and get this book. 2 strongly belie*e in spreading the
news about inu! to those who don3t use it. 2f you want any of
your lo*ed ones or friends to learn inu!( install Hbuntu on an
old laptop and gi*e this book as a gift to them. They3ll
definitely be *ery thankful to you.
&ore Recommended !oo"s:
Yor %dditional Linu- and Lpen $ource Melated Books that
B reco!!end, (isit +he Geek $tuff Book $tore at %!aPon
26D
5xtended 6eadin
Collowing are few articles from the The 7eek &tuff blog for your
e!tended reading. #heck out The 7eek &tuff "rchi*es section for more
articles.
1. 50 inu! &ysadmin Tutorials
2. 50 /ost Cre@uently Hsed inu! #ommands 9=ith :!amples;
3. Hni! & #ommand1 15 0ractical :!amples
4. Turbocharge 0uTTA with 12 0owerful "dd.%ns
5. wget Tutorial1 15 "wesome :!amples to )ownload Ciles from
2nternet
6. 0ing Tutorial1 15 :ffecti*e 0ing #ommand :!amples
,. 5agios . :nterprise /onitoring &olution
5agios Sumpstart 7uide
/onitor =indow &er*er
/onitor inu! &er*er
/onitor 5etwork &witch
/onitor ?05 )e*ice
D. 0erform &&' and &#0 without entering password1
Crom open&&' to open&&'
Crom open&&' to &&'2
Crom &&'2 to &&'2
-. 'ello =orld :!amples 9earn a programming language;
10. H52I &ed Tips and Tricks
11. Hbuntu Tips and Tricks
12. /y&i Tutorials
13. 0ostgre&i Tutorials
14. ?i J ?im Tips and Tricks
?im /acro Tutorial1 'ow To 4ecord and 0lay
'ow To Hse ?im as 0erl 2): and #J#`` 2):
"utomatic =ord #ompletion in ?im
26-
15. 3 &teps to "dd #ustom 'eader to a Cile Hsing ?im
16. The Hltimate 7uide for #reating &trong 0asswords
1,. 6 &teps to &ecure Aour 'ome =ireless 5etwork
1D. Cirefo! "dd.%n1 'ire , 0ersonal 8odyguards to 8rowse 2nternet
&ecurely
1-. Tripwire Tutorial1 inu! 'ost 8ased 2ntrusion )etection &ystem
20. /idnight #ommander 9mc; 7uide1 0owerful Te!t based Cile
/anager for Hni!
&ore Linux Articles
2 publish inu! and %pen &ource articles on an on.going basis on The
7eek &tuff blog.
To get inu! Tips( 'owTos( 7uides and Tutorials on an on.going basis(
subscribe to The 7eek &tuff blog. 2f you subscribe( you will get new
articles posted on T7& website directly to your inbo! or to your 4&&
reader.
$u"scri"e to recei(e free Linu- tutorials directly to
your e!ail in"o- reularly.
2,0
Thank ?ou
2 hope you found the Linux 101 Hacks e8ook
helpful.
2 sincerely appreciate all the support gi*en by
you and other regular readers of my
thegeekstuff.com blog.
Aou ha*e encouraged me in more ways than you know.
2f you liked this e8ook( and would like to support me( consider buying
my other e8ooks1
8ash 101 'acks
&ed and "wk 101 'acks
?im 101 'acks
5agios #ore 3
2f you ha*e any suggestions( or feedback( or @uestions while reading this
ebook( don>t hesitate to reach out to me. Aou can connect with me on
the following1
Twitter 9Bt hegeekstuff ;
Cacebook page
2f you want to write to me directly( you can use this contact form to
reach out to me.
6a#esh +ataraUan
rameshBthegeekstuff.com
2,1

Linux 101 Hacks

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Linux 101 Hacks

Uploaded by

Copyright:

Available Formats

Linux 101 Hacks www.thegeekstuff.

You might also like