Linux Commands
This page contains a list of shell commands and code snippets that Linux sysadmins will possibly find useful. They have been tested in a bash environment and require some extra CLI tools.
Creating (temporary) files
Clean up a file named 'file' or create it if not existent
: > file -or- > file # doesn't fork a new command (':' is builtin)
cat /dev/null > file # this forks a new command
# NOTE: > file does not work with some shells
: >> file # same as touch (update access/modification time or create)
# only for regular files (not symlinks, nor pipes)
Safely creating temporary files in world/group writable directories
A little theory
The main security vulnerability related to the creation of temporary files is known as "symlink exploit" or "symlink race". The basic idea is to predict where an application will create its temporary file and put a symbolic link (symlink) at that place. When the application now tries to work with a tempfile it will actually work with the file that the symlink point to. This will cause the program (assuming it has root privileges) to overwrite sensible files with its temporary data, making the system unusable or possibible gain complete root privileges.
So it's necessary not to use predictable filenames.
tmp_dir=`mktemp -d /tmp/myprog.XXXXXXXXXX` || exit 1
tmp_file=`env TMPDIR="" mktemp -q -p $tmp_dir tmpfile.XXXXXXXXXX` || exit 1
# or
tmp_file=`mktemp --tmpdir=/tmp myprog.XXXXXXXXXX` || exit 1
# a portable solution (working also on platforms not providing "mktemp")
if type -p mktemp >/dev/null 2>/dev/null; then
temp=`mktemp /tmp/$$.myprog.XXXXXXXXXX` || exit 1
else
temp=/tmp/$$.myprog
rm -f $temp*
fi
Text (file) parsing
Parses the output of a command and sets positional paramethers
IFS_save="$IFS"; IFS=":"
set -- $(grep "^users:" /etc/group 2>/dev/null)
IFS="$IFS_save"
gid=$3
secgroups="$4"
Another example
for planet in "Mercury 36" "Venus 67" "Earth 93" "Mars 142" "Jupiter 483"; do
set -- $planet # parses 'planet' and sets positional paramethers
echo -e "$1\t\t$2,000,000 miles from the sun"
done
Text (file) searching
Extract all lines from a file that are not blank and not commented out
grep -v "^#\|^[[:space:]]*$" /etc/postfix/main.cf
Upload a file to a ftp site
Using an ftp client
server="ftpsite.org"
directory="/pub/linux"
username="anonymous"
password="your@email-address"
filename="archive.tar.gz"
# Set the "ftp_proxy" variable when needed:
# ftp_proxy=http://[domain\\user:password@]proxy.example.com:8080
# -n option inhibit auto-login
ftp -n $server <<_EOS
user "$username" "$password"
binary
bell
cd $directory
put $filename
bye
_EOS
Using curl
cURL is a command line tool for transferring files with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS and FILE.
cURL supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks.
See the cURL man page for more informations.
server="ftpsite.org"
directory="/pub/linux"
username="anonymous"
password="your@email-address"
filename="archive.tar.gz"
# proxy_opts="--proxy your_proxy --proxy-user your_proxy_user"
net_opts="--connect-timeout 15 --retry 3 --limit-rate 250k"
curl --user "$username:$password" $net_opts $proxy_opts --progress-bar \
--upload-file $HOME/$filename $server:21/$directory/$filename \
--fail --write-out [%{url_effective}]\\n -o /dev/null $server