GNU Linux Survival Guide - labcabrera/lab-insurance GitHub Wiki

GNU/Linux Survival Guide

Table of Contents

User management

Users

Display all

cut -d: -f1 /etc/passwd

Create

useradd -G ${g01,g02,g03…​} ${user}

Change password

passwd ${user}
echo user:pass | chpasswd

Display user groups

id ${username}

Add to group

usermod -a -G ${group} ${user}

Logged Users

w

Groups

List

groups

Display all

cut -d: -f1 /etc/group

Create group

groupadd ${group}

Set a memory quote per user

/etc/security/limits.conf
${username}          hard    as              6500000

File system

Permissions

chmod (-R) 400 ${resource}
Octal Binary File mode

0

000

---

1

001

--x

2

010

-w-

3

011

-wx

4

100

r--

5

101

r-x

6

110

rw-

7

111

rwx

Alternative usage: chmod (+|-) (w|r|x) ${resource}

Basic operations

Change file owner

chown (-R) user:group ${resource}

Symbolic link creation

ln -s ${resource} ${link}

Folder size

du -sh ${folder}

Text replace

sed -i 's/xxx/yyy/g' *.txt

File system disk space

df -h

File monitoring

tail -f ${file}

Mount

mount /dev/{sdax} /home/user/folder

Umount

umount /home/user/folder

Mount SSH

sshfs user@host:/home/user /mnt/folder

Safe delete

shred -f -n ${count} -u ${resources}

File search

Find by name

find ${basePath} -name ${filename}

Find by name and execute action

find ${basePath} -name ${filename} -exec rm -r {} +

Find by content (grep)

grep -R ${keyword} ${basePath}

Find by content (find)

find ${basePath} -name ${filename} -exec grep ${keyword} {} +

Count occurrences

grep -R ${keyword} ${basePath} | wc -l

Compress and extract files

Format Compress Extract

gzip/bzip2

tar -cvzf ${target} ${source}

tar -xvzf ${source}

zip

zip ${target} ${source}

unzip -qq ${source}

7z

7z a `${target} ${source}

7z x ${source}

Management

Delete old files

find ${basePath} -mtime +{days} -exec rm {} +

Find duplicates

fdupes ${folder}

Linux structure

/dev

Devices

/etc

Configuration and startup scripts

/lib

System libraries

/opt

Optional applications

/usr

Applications and files shared by users

/var

Variable files such as database records

/srv

Service data

Process management

Process list

ps -fea (| grep ${expression})

Memory usage

free -m

Process resources

lsof -p ${processId}

Force release memory

sync && sysctl -w vm.drop_caches=3

Disk transfer rate

sudo hdparm -t /dev/sda5

Display environment

env

Process monitor

top (use E to cycle memory format)

Remove existing service

update-rc.d -f ${servicename} remove

Package and distribution management

Install package from deb archive

dpkg -i foo.deb

List installed packages

dpkg-query -l 'foo*'

User manual search

apropos ${keyword}

Determine distro and kernel

uname -a ; cat /proc/version

Search program folder

whereis ${programName}

RPM to DEB

alien --to-dev filename.rpm

Networking

Network interfaces

ip addr

Open ports

lsof -i -P

Route table

ip route list

DNS configuration

cat /etc/resolv.conf

SSH file copy

scp file user@host:/home/user/file

SSH tunneling

ssh -L 3307:localhost:3306 [email protected] -N -f

TCP Traceroute

tcptraceroute -i wlan1 -w1 {host}

nmap

Port scan

nmap -p ${portinit}-${portEnd}

Silent port scan

nmap -sS ${host}

IP range scan

nmap -sP ${rango:=192.186.1.1-255}

OS detection

nmap -O ${host}

DNS

/etc/resolv.conf

Date sync

/etc/ntp.conf

Configure proxy

#!/bin/bash

# execute using ". ./set-proxy (enable|disable)"
case "$1" in
  enable)
    export http_proxy="http://{user}:{password}@{host}:{port}" // (1)
    export https_proxy=$http_proxy
    export HTTP_PROXY=$http_proxy
    export HTTPS_PROXY=$http_proxy
    ;;
  disable)
    unset http_proxy
    unset https_proxy
    unset HTTP_PROXY
    unset HTTPS_PROXY
    ;;
  *)
    echo "Usage . $0 (enable|disable)"
    exit 1
esac

  1. user:password is not mandatory on anonymous proxy.

Utilities and apps

General

JSON pretty print file

cat unformatted.json | python -m json.tool > formatted.json

JSON pretty print curl

curl -s http://host/resource | python -m json.tool

Eclipse cleanup

find . \( -name ".settings" -or -name ".project" -or -name ".classpath" \) -exec rm -rI {} +

Red color bash prompt

bashrc
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '

git

Update

git fetch; git pull

Local commit

git commit (-a|${fileFilter}) -m "Comments"

List branches

git branch -a

Create local branch

git checkout -b branchName

Switch branch

git checkout branchName

Override local changes

git fetch --all; git reset --hard origin/master

Initialize local repo

git init

Create patch

git diff > name.patch

Apply patch

git apply name.patch

Export master

git archive master | gzip > latest.tgz

Determine URL

git remote show origin

Determine URL (broken ref)

git config --get remote.origin.url

Create tag

git tag -a 1.0.0 -m "Version 1.0.0"

Push tag

git push origin 1.0.0

Merge and push (fast-fwd)

git fetch . develop:integration; git push origin integration:integration

Recursive folder pull

find . -type d -name .git -exec sh -c "cd \"{}\"/../ && pwd && git pull" \;

git flow

git flow init -d
git flow feature start foo
git commit ...
git flow feature finish foo
git flow release start 0.1.0
git commit ...
git flow release finish 0.1.0
git flow release publish 0.1.0

docker

Install image

docker pull ${imageName:version}

Run image

docker run ${options} image

Run image

docker run -i --name ${name} -p

Stop container

docker stop ${containerId}

Stop all containers

docker stop $(docker ps -a -q)

Display all images

docker images

Display running containers

docker ps

Display all containers

docker ps -a

Docker compose start

docker-compose up

Open container bash console

docker exec -it ${containerName} bash

Remove image

docker rmi (-f) ${imageId}

Remove images

docker rmi $(docker images -q labcabrera/*)

Cleanup images

docker rmi -f $(docker images | grep "<none>" | awk "{print \$3}")

Remove all containers

docker rm $(docker ps -a -q)

Push private server

docker tag ${image} ${host}/username/name:tag
docker login ${host}
docker push name:tag

Export and import

docker save -o imageName.tar imagename:version
docker load < imageName.tar

 
docker run -i -t
  --name {name} -h {hostName}
  -p 1234:1234 -p 5678:5678
  -v ${source}/${target
  ${imageName}:${imageVersion}

-i

interactive

--name

container name

-h

container host name

-t

allocate a pseudo-TTY

-v

volumes

Docker using proxy

docker-proxy-enable.sh
#!/bin/bash
# Check root user
if [ "$EUID" -ne 0 ] ; then
  echo "Please run as root"
  exit 1
fi
CONFIG_FILE=/etc/systemd/system/docker.service.d/http-proxy.conf
USERNAME=*****
PASSWORD=*****
if [ ! -f $CONFIG_FILE ] ; then
  echo "[Service]" > $CONFIG_FILE
  echo "Environment=\"HTTP_PROXY=http://$USERNAME:$PASSWORD@host:80\"" >> $CONFIG_FILE
  echo "Environment=\"HTTPS_PROXY=http://$USERNAME:$PASSWORD@host:80\"" >> $CONFIG_FILE
  echo "Created file $CONFIG_FILE"
  cat $CONFIG_FILE
fi
echo "Restarting docker service"
systemctl daemon-reload
systemctl restart docker
docker-proxy-disable.sh
#!/bin/bash
CONFIG_FILE=/etc/systemd/system/docker.service.d/http-proxy.conf
if [ -f $CONFIG_FILE ] ; then
  echo "Moving file $CONFIG_FILE"
  cat $CONFIG_FILE
  mv $CONFIG_FILE $CONFIG_FILE.exclude
fi
systemctl daemon-reload
systemctl restart docker

mysql

Execute SQL

-u root -proot --execute="show databases"

Backup

mysqldump -u {user} -p{password} schemaName > file.sql

Restore / execute script

mysqldump -u {user} -p{password} schemaName < file.sql

vi

Exit

:q

Exit !save

:q!

Exit and save

:wq

Undo

<esc>+u

Delete curred line

dd

Insert new line

<ctrl>+j

Search

/ {key}

Search backward

? {key}

Replace first

:s/OLD/NEW

Globally (all) on current line

:s/OLD/NEW/g

Between two lines

:#,#s/OLD/NEW/g

Every ocurrence in file

:%s/OLD/NEW/g

Wireshark

ip link set ${interface} promisc on sudo chmod +x /usr/bin/dumpcap

Configure defaults applications

#!/bin/bash

# Use this command to query media type:
# xdg-mime query filetype ${file}

DEFAULT_TEXT_EDITOR=code.desktop

xdg-mime default firefox.desktop text/xml
xdg-mime default ${DEFAULT_TEXT_EDITOR} text/plain
xdg-mime default ${DEFAULT_TEXT_EDITOR} application/xml
xdg-mime default ${DEFAULT_TEXT_EDITOR} application/json
xdg-mime default ${DEFAULT_TEXT_EDITOR} text/x-java
xdg-mime default ${DEFAULT_TEXT_EDITOR} application/x-shellscript
xdg-mime default ${DEFAULT_TEXT_EDITOR} text/x-python
xdg-mime default ${DEFAULT_TEXT_EDITOR} text/markdown

echo "Default applications:"

cat ~/.local/share/applications/mimeapps.list

SSH login without password prompt

Option 1: edit ~/.netrc with following format:

machine ${host}
login ${username}
password ${password}

Option 2:

#!/usr/bin/expect
spawn scp ${source} user@host:${target}
expect "*password:"
send "changeit\r"
interact

PostgreSQL

backup-restore-script.sh
#!/usr/bin/env bash

echo "PostGree backup helper"

DATABASE='performance'
SCHEMA_NAME='public'
SYS_USER='postgres'
HOST='localhost'
USER='performance'
FILE='dump-performance-postgresql'

read -p "Options: (C)reate; (R)estore: " OPTION

if [ $OPTION = "C" ]
then
    echo "Creating backup"
    rm $FILE
    pg_dump $DATABASE -h $HOST -U $USER -W > $FILE
elif [ $OPTION = "R" ]
then
    echo "Restoring backup"
    echo "DROP SCHEMA public CASCADE;"
    psql $DATABASE -h $HOST -U $SYS_USER -c 'DROP SCHEMA public CASCADE;'
    echo "CREATE SCHEMA public AUTHORIZATION performance;"
    psql $DATABASE -h $HOST -U $SYS_USER -c 'CREATE SCHEMA public AUTHORIZATION performance;'
    psql $DATABASE -h $HOST -U $USER -W < $FILE
    rm -r /KISS/performance/local
else
    echo "Invalid option"
fi

Common configuration preferences

~/.vimrc

color slate

syntax on

set paste
set hlsearch
set mouse=v
set ruler

Root prompt

bashrc
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '

Root autocomplete

bashrc
if [ -f /etc/bash_completion ]; then
  . /etc/bash_completion
fi

Download x509 untrusted certificate

openssl s_client -connect $HOST:$PORT | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $FILE
openssl x509 -in $FILE -text
update-ca-certificates
⚠️ **GitHub.com Fallback** ⚠️