Sunday, March 27, 2022

Zip files using 'find' command

Let's say we want to Zip files which are more than a week time under a folder /dir1/fldr1:

# for i in `find /dir1/fldr1 -mtime +7 -type f -print`; do gzip $i; done

Thursday, December 20, 2018

Monday, August 20, 2018

Remove Old Kernels

# yum install yum-utils -y
# echo Y|package-cleanup --oldkernels --count=2

Monday, May 22, 2017

How to validate the Syntax of /etc/sudoers file ?

In Enterprise environment, the /etc/sudoers file is normally managed from a centralized server. Hence the modification to the files happens even before committing to actual server. We've an option to validate the Syntax before committing : 

# visudo -cf /path_to_folder/sudoers.ver_num
# visudo -cf /etc/sudoers 

Tuesday, September 13, 2016

How to count number of Files and Folders inside a given Directory

root@ashok:/opt # tree -iLf 1 puppetlabs/
puppetlabs
puppetlabs/bin
puppetlabs/facter
puppetlabs/file.txt
puppetlabs/mcollective
puppetlabs/puppet

4 directories, 1 file

root@ashok:/opt #

Tuesday, September 6, 2016

Sending HTML Mail using Mutt utility - Perl Syntax

my $current_date = `date +"%d-%b %H:%M"`;
chomp($current_date);

system("/usr/bin/mutt -e 'set content_type=text/html from=FromAddress\@domain.com realname=\"System Team\"' -s \"Report from $hstname at $current_date\" ToAddress\@domain.com -a FileName -c user1\@domain.com,user2\@domain.com < InputFile")

Wednesday, August 24, 2016

List files that are modified recently with Timestamp

# find <PATH> -type f -printf '%TY-%Tm-%Td %TT %p\n' | sort -r | more

Example :

# find /var/www/html -type f -printf '%TY-%Tm-%Td %TT %p\n' | sort -r | more

Monday, March 2, 2015

Reset only first level folder permissions

I had a requirement to reset all the home folders permission of FTP users to 750 (To disable Read/Browse permission to 'other' users).

Let's assume the FTP home folder structure is as follows: /ftp/home/<ftpusers> and the syntax to reset the folder permission would be :

# find /ftp/home -maxdepth 1 -type d -exec chmod 750 {} \;

Note: Using -maxdepth 1 wouldn't allow the find command to recurse though sub-folders.

Tuesday, December 10, 2013

Some useful SED command syntaxes

To delete trailing whitespaces at the end of each lines:
# sed 's/[ \t]*$//' filename > filename_notrailingspace

To remove all blank lines in a given file:
# sed '/^$/d' filename > filename_noblankspace

To remove all leading and trailing whitespaces of each lines in a given file:
$ cat filename | sed 's/^[ \t]*//;s/[ \t]*$//' > filename_nospace

Wednesday, December 4, 2013

Deleting files with special characters

In Linux, at times certain files are created with some special characters like hypen(-), single-quotes, blank character etc. It can happen either by accident or by some applications. Deleting those files would be difficult using regular 'rm' command options. Hereby am describing certain methods to get rid of those files. For illustration purpose, I have taken 3 files with above mentioned special characters as example:

$ ls -ltr | tail -3
-rw-r--r--  1 root     root           0 Dec  4 05:30 file a
-rw-r--r--  1 root     root           0 Dec  4 05:31 '-fileb'
-rw-r--r--  1 root     root        1070 Dec  4 05:32 -filec
$ rm file a
rm: cannot lstat `file': No such file or directory
rm: cannot lstat `a': No such file or directory
$ rm '-filec'
rm: invalid option -- l
Try `rm ./-filec' to remove the file `-filec'.
Try `rm --help' for more information.
$ rm -filec
rm: invalid option -- l
Try `rm ./-filec' to remove the file `-filec'.
Try `rm --help' for more information.

Method 1 : Delete using inodes
$ ls -litr | tail -3
1511929 -rw-r--r--  1 root     root           0 Dec  4 05:30 file a
1511931 -rw-r--r--  1 root     root           0 Dec  4 05:31 '-fileb'
1511932 -rw-r--r--  1 root     root        1070 Dec  4 05:32 -filec
$ pwd
/opt
$ find /opt -inum 1511929 -exec rm -i {} \;
$ find /opt -inum 1511931 -exec rm -i {} \;
$ find /opt -inum 1511932 -exec rm -i {} \;

Others Methods: Using double-hypen "--" & double-quotes (depends on filenames)

$ rm -- -filec
rm: remove regular file `-filec'? y
$ rm -- file\ a
rm: remove regular empty file `file a'? y
$ file ./'-fileb'
./-fileb: ERROR: cannot open `./-fileb' (No such file or directory)
$ rm "'-fileb'"
rm: remove regular empty file `\'-fileb\''? y

Sunday, December 1, 2013

Rotating tcpdump logs

Syntax:
tcpdump -i <InterfaceName> -C 100 -s0 -W <No of files to rotate> -w  /<tcpdump folderpath>

Option explanation:
-i :  used to specify the Interface or Source IP Address
-C :  specifies in size in MB
-c :  number of count packets
-s :  specifies the packet length to capture
-W :  specifies the number of files to rotate through once the file size specified in -C is reached.
-w :  Path to capture the tcpdump file with the extension .pcap.

Some examples using these options:

# tcpdump -i eth0 -C 100 -s0 -W 4 -w /tcpdumpfolder/filexyz.pcap
# tcpdump -i eth0 -c 1000 -s0 -W 4 -w /tcpdumpfolder/filexyz.pcap
# tcpdump -i eth0 -C 10 -s0 -W 3 -w /dump/server_$(date +%m-%d-%Y-%H:%M).pcap
# tcpdump -i any host 10.10.1.2 or host 10.10.1.5 -C 100 -s0 -W 5 -w /tcpdump/fileabc.pcap

Using RegEx in SUDO Access

We can use 'Regular expression' in Sudoers file !

Let's say we have a Command Alias in '/etc/sudoers' as follows:

Cmnd_Alias      DBTASKS=/sbin/service mysqld start, /sbin/service mysqld stop, /sbin/service mysqld restart, /sbin/service mysqld status, /etc/init.d/mysqld start, /etc/init.d/mysqld stop, /etc/init.d/mysqld status, /etc/init.d/mysqld restart

This can be shrunken using RegEx as follows:
Cmnd_Alias      DBTASKS =/sbin/service mysqld [a-z]*,  /etc/init.d/mysqld [a-z]*
(or)
Cmnd_Alias      DBTASKS =/sbin/service mysqld ?*,  /etc/init.d/mysqld ?* 

Finding last reboot, shutdown time and failed login attempts

Finding last reboot time:
# last reboot
# last -F
# who -b

Finding last shutdown time:
# last -x | grep '^shutdown'

Listing out failed login attempts:
# lastb

The other straight forward way to find the failed login attempts is to analyze the /var/log/secure file. I have written a Perl script exclusively to report the failed login attempts by parsing the /var/log/secure file.