If you want to
know more about your Linux system. Where can you get detailed
information?
The best way to obtain
information about your Linux system is by running the ‘uname’ command with
various options. Here are the details of the available options…
Execute ‘uname’ without
any options to display the kernel name:
# uname -s
Linux
Linux
Execute ‘uname’ with the
-r option to display the kernel release…
# uname -r
3.8.0-23-generic
3.8.0-23-generic
Execute ‘uname’ with the
-v option to display the kernel version:
# uname -v
#34-Ubuntu SMP Wed May 29 20:22:58 UTC 2013
#34-Ubuntu SMP Wed May 29 20:22:58 UTC 2013
Execute ‘uname’ with the
-m option to display the machine hardware:
# uname -m
x86_64
x86_64
Execute ‘uname’ with the
-o option to display the operating system:
# uname -o
GNU/Linux
GNU/Linux
What if you want
to read only the first or last few lines of a file?
You can use ‘head’ and
‘tail’ commands for this.
# tail -5 output
/etc/brltty/en-nabcc.ttb
/etc/brltty/brl-al-abt_small.ktb
/etc/brltty/brl-al-abt_basic.kti
/etc/acpi/mediabtn.sh
/etc/fstab.d
/etc/brltty/en-nabcc.ttb
/etc/brltty/brl-al-abt_small.ktb
/etc/brltty/brl-al-abt_basic.kti
/etc/acpi/mediabtn.sh
/etc/fstab.d
The ‘tail’ command above
displays the last five lines from the file ‘output’.
Through this command,
you can also display the last ‘n’ bytes using the -c option:
#tail -c10 output
c/fstab.d
c/fstab.d
So, you can see that
last 10 bytes were displayed in the output.
Similarly, there is a
‘head’ command to display content from the beginning of a file. Here are some
examples:
#head -10 output
/boot/abi-3.8.0-19-generic
/boot/abi-3.8.0-23-generic
/boot/grub/i386-pc/search_label.mod
/sbin/acpi_available
/sbin/ip6tables
/sbin/e2label
/sbin/ntfslabel
/sbin/swaplabel
/sbin/iptables-save
/sbin/ip6tables-restore
/boot/abi-3.8.0-19-generic
/boot/abi-3.8.0-23-generic
/boot/grub/i386-pc/search_label.mod
/sbin/acpi_available
/sbin/ip6tables
/sbin/e2label
/sbin/ntfslabel
/sbin/swaplabel
/sbin/iptables-save
/sbin/ip6tables-restore
#head -c10 output
/boot/abi-
/boot/abi-
Sometimes you know that you ran a command a while ago and you want to
run it again. You know a bit of the command, but you don’t exactly know all
options, or when you executed the command.
Of
course, you could just keep pressing the Up Arrow until you
encounter the command again, but there is a better way.
You can search the bash history in an interactive mode by pressing Ctrl + r. This will put bash in history mode,
allowing you to type a part of the command you’re looking for. In the
meanwhile, it will show the most recent occasion where the string you’re typing
was used. If it is showing you a too recent command, you can go further back in
history by pressing Ctrl + r again and again. Once you found
the command you were looking for, press enter to run it. If you can’t find what
you’re looking for and you want to try it again or if you want to get out of
history mode for an other reason, just press Ctrl + c. By the way, Ctrl
+ c can be used in many other cases to cancel the current operation
and/or start with a fresh new line.
Friday, December 19, 2014
what is crontab and how to use it?
What is crontab?
The crontab is
a list of commands that you want to run on a regular schedule, and also the
name of the command used to manage that list. In other word, Crontab (CRON
TABle) is a table where we can schedule such kind of
repeated tasks. Dealing a frequent job manually is a daunting task for
system administrator.
you can automate process like backup, schedule updates and synchronization of files and many more. Cron is a daemon to run schedule tasks.
Cron wakes up every minute and checks schedule tasks in crontable.
The command to edit the crontab file for the
current user is crontab -e . By default, this will bring up the crontab
file in the vim editor.
Crontab
file consists of command per line and have six fields actually and separated
either of space or tab. These are following:
#
# Field 1 2 3 4 5
Min Hour Day of month Month of Year Day of Week
0-59 0-23 1-31 1-12 0-6 /path/command
#
# Days of the week: 0=Sun 1=Mon 2=Tues 3=Wed 4=Thu 5=Fri 6=Sat
#
# Field 1 2 3 4 5
Min Hour Day of month Month of Year Day of Week
0-59 0-23 1-31 1-12 0-6 /path/command
#
# Days of the week: 0=Sun 1=Mon 2=Tues 3=Wed 4=Thu 5=Fri 6=Sat
A field may be an asterisk (*), which always stands for "first through
last".
Hyphen (-) between integers specifies a range of integers. For example,
1-3 means the integers 1, 2, and 3.
Special Strings for Common Schedule
|
Strings
|
Meanings
|
|
@reboot
|
Command will run when the system reboot.
|
|
@daily
|
Once per day or may use
@midnight.
|
|
@weekly
|
Once per week.
|
|
@yearly
|
Once per year. we can use @annually keyword also.
|
|
@daily
|
Once per day.
|
Need to replace five fields of
cron command with keyword if you want to use the same.
For More Help Read the following file:
#vim /etc/crontab
The /etc/cron.allow and /etc/cron.deny files control who may use crontab on your
system.
Crontab Command:
For edit your crontab.
#crontab –e
For Display ("list") the contents of your crontab.
#crontab –l
For Remove your crontab, effectively un-scheduling all crontab jobs.
#sudo crontab –u anshuman(user) –e
Edit the crontab of the user named anshuman.
The -u option
requires administrator privileges, so the command is executed using sudo.
#sudo crontab –u anshuman(user) –l
View the crontab of user anshuman:
#sudo crontab –u anshuman –l
Remove the crontab of user anshuman:
#sudo crontab –u anshuman –r
Some useful examples of
crontab:
To run a Linux crontab
command every minute,
use this syntax:
* * * * * /var/www/example.com/bin/check-apache.sh
To run a Linux crontab
command every hour,
use this syntax:
5 * * * * /var/www/example.com/bin/create-all-backups.sh
To run a Linux crontab
command every day,
use this syntax:
30 4 * * * /var/www/devdaily.com/bin/create-all-backups.sh
To run a Linux crontab
command every day,
use this syntax:
*/5 * * * * /var/www/example.com/bin/do-update.sh
Thursday, December 18, 2014
'chkrootkit' tool for scan your system vital files in linux
‘chkrootkit’ Tool:
Attackers install rootkits on a machine to gain root access, while its presence is hidden from the real administrator of the server. A tool that can help you to detect rootkits on your machine is chkrootkit.
Attackers install rootkits on a machine to gain root access, while its presence is hidden from the real administrator of the server. A tool that can help you to detect rootkits on your machine is chkrootkit.
Chkrootkit is a tool to scan your systems vital
files to determine if any of them show signs of known malware. It’s a group of
scripts that use existing system tools and commands to validate your system
files and /proc information.
How to download and use `chkrootkit` tool:
Follow
these steps for installing the ‘chkrootkit’ tool:
1.
Go to the /usr/local/src/
#cd /usr/local/src/
2. Download the chkrootkit.
# wget http://www.spenneberg.org/chkrootkit-mirror/files/chkrootkit.tar.gz
# wget http://www.spenneberg.org/chkrootkit-mirror/files/chkrootkit.tar.gz
3. Unpack the chkrootkit you
just downloaded.
# tar -xvzf chkrootkit.tar.gz
# tar -xvzf chkrootkit.tar.gz
4. Change to new directory
# cd chkrootkit-* (select the version )
# cd chkrootkit-* (select the version )
5. Compile chkrootkit
# make sense
# make sense
6.
After successfully compiling, the tool is ready to be used. To
check for rootkits, simply run chkrootkit as the root user:
# ./chkrootkit
# ./chkrootkit
scalepel - A recovery tool for linux
Scalepel:
This is a filesystem-independent recovery tool for Linux and
Mac OS, which you can also run on Windows by compiling it with MinGW. Scalpel based on Foremost an open source
application developed to recover deleted information, Scalpel is significantly
more Fast and efficient by reading database of header and footer definitions
and extracts matching files or data fragments from a set of image files or raw
device files. Scalpel is file-system-independent and can recover files from
FATx, NTFS, ext2/3/4, HFS+, or raw partitions. It is useful for both digital
forensics investigation and file recovery.
How to
install scalpel recovery tool on LINUX
To install scalpel recovery tool on linux, you need to first and type following command:
#yum install scalpel* -y
How to use scalpel recovery tool
Before we can use Scalpel, we must define some file types that Scalpel should
search for in/etc/scalpel/scalpel.conf. By default, all file types are commented out. In
this example, I want to search for deleted jpg files, so uncomment the
following lines:
#scalpel /dev/vda3 –o /home/anshuman/Desktop/output
Wednesday, December 17, 2014
record whatever you do in terminal in linux
Record
whatever you do in the terminal.
Have you ever felt that you should record everything you do in the terminal in a file?
Then try out the following tip. In this tip we will see how to record all commands executed in the terminal along with returned outputs to a text file automatically. This may help you better troubleshoot your problems.
Have you ever felt that you should record everything you do in the terminal in a file?
Then try out the following tip. In this tip we will see how to record all commands executed in the terminal along with returned outputs to a text file automatically. This may help you better troubleshoot your problems.
How
to start the recording session:
Open the terminal and run this command to start a session that
will record or store every commands we will type on the Terminal.
#script recordterminal.txt
‘recordterminal’ is the file where All commands entered and
returned outputs will now be recorded into the text file automatically. You can create a file with name to whatewere you want. This
file will be saved in the current working directory.
How to stop the
recording session:
To stop recording, press CTRL+d.
How to view the
recording session:
To view the recording
session read the file by using ‘cat’ command.
#cat recordterminal.txt
How to start the
recording session in the same file:
if you want to continue the session in that same text file.
It’s easy go to terminal and type:
#script –a recordterminal.txt
Tuesday, December 16, 2014
basic but amazing Linux tips
Best Linux Tips, Tricks And Command
Lines
1.
Find out the elapsed time of a running
process
There are a lot of processes running on your Linux system. Here is a command that will let you know how long the process has been running:
#ps -eo "%p %c %t"|grep "sshd"
In the above command %p is pid, %c is command and %t is elapsed time.
In response to the above command, you will get the following output:
2850 sshd 172-01:37:22
29532 sshd 125-09:07:10
There are a lot of processes running on your Linux system. Here is a command that will let you know how long the process has been running:
#ps -eo "%p %c %t"|grep "sshd"
In the above command %p is pid, %c is command and %t is elapsed time.
In response to the above command, you will get the following output:
2850 sshd 172-01:37:22
29532 sshd 125-09:07:10
2.
Changing file names from upper case to
lower
To manually change the case (upper to lower or vice versa) of a large number of files can be tedious. So, here is a script that can make life easy:
#to change uppercase filenames to lowercase
#!/bin/sh
if [ $# -eq 0 ] ; then
echo Usage: $0 Files
exit 0
fi
for f in $* ; do
g=`echo $f | tr "[A-Z]" "[a-z]"`
echo mv -i $f $g
mv -i $f $g
done
If you want to change the case from lower to upper, replace
g=`echo $f | tr "[A-Z]" "[a-z]"`
with
g=`echo $f | tr "[a-z]" "[A-Z]"` in the script.
To manually change the case (upper to lower or vice versa) of a large number of files can be tedious. So, here is a script that can make life easy:
#to change uppercase filenames to lowercase
#!/bin/sh
if [ $# -eq 0 ] ; then
echo Usage: $0 Files
exit 0
fi
for f in $* ; do
g=`echo $f | tr "[A-Z]" "[a-z]"`
echo mv -i $f $g
mv -i $f $g
done
If you want to change the case from lower to upper, replace
g=`echo $f | tr "[A-Z]" "[a-z]"`
with
g=`echo $f | tr "[a-z]" "[A-Z]"` in the script.
3.
Counting the number of files in a directory.
Here is a simple command that can count the number of files in a directory (not the hidden Counting the number of files in a directory
ones):
#echo * | wc –w
Here is a simple command that can count the number of files in a directory (not the hidden Counting the number of files in a directory
ones):
#echo * | wc –w
4.
How to check the date and time the
system was rebooted and booted.
Here is a simple command to check the system's reboot date and time:
#last reboot
reboot system boot 2.6.18-53.el5 Sat Aug 6 18:02 (8+04:45)
wtmp begins Sat Aug 6 18:02:07 2011
The command below will give you the date and time the system was booted:
#who -b
system boot 2011-08-24 09:43
Here is a simple command to check the system's reboot date and time:
#last reboot
reboot system boot 2.6.18-53.el5 Sat Aug 6 18:02 (8+04:45)
wtmp begins Sat Aug 6 18:02:07 2011
The command below will give you the date and time the system was booted:
#who -b
system boot 2011-08-24 09:43
5.
For Securing files.
Here is a simple tip to password protect your files:
#vi -x test
This command will ask for an encryption key. You have to type the key twice. Then save and quit the opened file.
Now, whenever you open this file, it will ask for that password first.
Here is a simple tip to password protect your files:
#vi -x test
This command will ask for an encryption key. You have to type the key twice. Then save and quit the opened file.
Now, whenever you open this file, it will ask for that password first.
6.
Finding the full path of the shell
command.
There is a command named which that takes one or more arguments as input. It prints to standard output the full path of the shell command. It does this by searching for an executable or script in the directories listed in the environment variable PATH:
#which poweroff
/usr/bin/poweroff
If the command is not found, it gives the output shown below:
#which moodule
/usr/bin/which: no moodule in (/usr/lib/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/lib/ccache:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/aarsh/bin)
There is a command named which that takes one or more arguments as input. It prints to standard output the full path of the shell command. It does this by searching for an executable or script in the directories listed in the environment variable PATH:
#which poweroff
/usr/bin/poweroff
If the command is not found, it gives the output shown below:
#which moodule
/usr/bin/which: no moodule in (/usr/lib/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/lib/ccache:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/aarsh/bin)
7.
Power yourself with Netstat
Here are a few uses of the netstat command that can help you.
Here are a few uses of the netstat command that can help you.
To display the kernel interface
table:
#netstat -i
#netstat -i
To display the kernel routing table:
#netstat -rn
To display all open network sockets:
#netstat -uta
To display network statistics:
#netstat -s
8. Print a file with line numbers
If you want a file with line numbers (say for printing), you can use the 'nl' command in Linux:
#nl file.c
This prints the file with line numbers to standard output or this can be even redirected to afile as shown below:
#nl file.c > output.txt
Here, output.txt will have the codes of file.c with each line having a line number.
#netstat -rn
To display all open network sockets:
#netstat -uta
To display network statistics:
#netstat -s
8. Print a file with line numbers
If you want a file with line numbers (say for printing), you can use the 'nl' command in Linux:
#nl file.c
This prints the file with line numbers to standard output or this can be even redirected to afile as shown below:
#nl file.c > output.txt
Here, output.txt will have the codes of file.c with each line having a line number.
9.
Search and delete files from a folder.
If you want to delete all the .lock files from a folder, use the following command:
#find -name *.lock | xargs rm -rf
This will find all the files with the .lock extension and delete them. This can be done for any files that you need to delete.
If you want to delete all the .lock files from a folder, use the following command:
#find -name *.lock | xargs rm -rf
This will find all the files with the .lock extension and delete them. This can be done for any files that you need to delete.
10. Scan open ports
The command given below will scan all the open TCP ports on the loopback interface:
#nmap -sS -O 127.0.0.1
In general, you can use the following:
#nmap -sS -O
To scan open UDP ports in the system, use the command given below:
#nmap -sU -O
Comments