Linux Commands

This page contains a list of shell commands and code snippets that Linux sysadmins will possibly find useful. They have been tested in a bash environment and require some extra CLI tools.

Creating (temporary) files

Clean up a file named 'file' or create it if not existent

: > file -or- > file # doesn't fork a new command (':' is builtin)

cat /dev/null > file # this forks a new command

# NOTE: > file does not work with some shells

: >> file # same as touch (update access/modification time or create)

# only for regular files (not symlinks, nor pipes)

Safely creating temporary files in world/group writable directories

A little theory

The main security vulnerability related to the creation of temporary files is known as "symlink exploit" or "symlink race". The basic idea is to predict where an application will create its temporary file and put a symbolic link (symlink) at that place. When the application now tries to work with a tempfile it will actually work with the file that the symlink point to. This will cause the program (assuming it has root privileges) to overwrite sensible files with its temporary data, making the system unusable or possibible gain complete root privileges.

So it's necessary not to use predictable filenames.

tmp_dir=`mktemp -d /tmp/myprog.XXXXXXXXXX` || exit 1

tmp_file=`env TMPDIR="" mktemp -q -p $tmp_dir tmpfile.XXXXXXXXXX` || exit 1

# or

tmp_file=`mktemp --tmpdir=/tmp myprog.XXXXXXXXXX` || exit 1

# a portable solution (working also on platforms not providing "mktemp")

if type -p mktemp >/dev/null 2>/dev/null; then

temp=`mktemp /tmp/$$.myprog.XXXXXXXXXX` || exit 1

else

temp=/tmp/$$.myprog

rm -f $temp*

Text (file) parsing

Parses the output of a command and sets positional paramethers

IFS_save="$IFS"; IFS=":"

set -- $(grep "^users:" /etc/group 2>/dev/null)

IFS="$IFS_save"

gid=$3

secgroups="$4"

Another example

for planet in "Mercury 36" "Venus 67" "Earth 93" "Mars 142" "Jupiter 483"; do

set -- $planet # parses 'planet' and sets positional paramethers

echo -e "$1\t\t$2,000,000 miles from the sun"

done

Text (file) searching

Extract all lines from a file that are not blank and not commented out

grep -v "^#\|^[[:space:]]*$" /etc/postfix/main.cf

Upload a file to a ftp site

Using an ftp client

server="ftpsite.org"

directory="/pub/linux"

username="anonymous"

password="your@email-address"

filename="archive.tar.gz"

# Set the "ftp_proxy" variable when needed:

# ftp_proxy=http://[domain\\user:password@]proxy.example.com:8080

# -n option inhibit auto-login

ftp -n $server <<_EOS

user "$username" "$password"

binary

bell

cd $directory

put $filename

bye

_EOS

Using curl

cURL is a command line tool for transferring files with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS and FILE.

cURL supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks.

See the cURL man page for more informations.

server="ftpsite.org"

directory="/pub/linux"

username="anonymous"

password="your@email-address"

filename="archive.tar.gz"

# proxy_opts="--proxy your_proxy --proxy-user your_proxy_user"

net_opts="--connect-timeout 15 --retry 3 --limit-rate 250k"

curl --user "$username:$password" $net_opts $proxy_opts --progress-bar \

--upload-file $HOME/$filename $server:21/$directory/$filename \

--fail --write-out [%{url_effective}]\\n -o /dev/null $server