How to reset the permissions of installed RPM packages ?

Situation:  

One of our Developer has changed the permission of all the files under /etc to 777 by inadvertently executing the chmod command with 777 permission. Due to this, the system went into non-usable state.

Resolution: 

The Linux 'rpm' command  comes with an interesting switch known as '--setperms' using which we can restore the file-permissions of either one or more packages. 

Syntax:  

# rpm --setperms [package name]

To reset one specific RPM package:  

# for pkg in $(rpm -qa | grep -w pkgname); do rpm --setperms $pkg; done
Example:  
To reset the 'zip' package.
# rpm -qa | grep zip                           <-- Check to see if the package exists
# for pkg in $(rpm -qa | grep -w zip); do rpm --setperms $pkg; done

To reset the entire packages installed ( applicable in the situation I mentioned above):

# for allpkg in $(rpm -qa); do rpm --setperms $allpkg; done

Note:  To restore the Group permission, we need to use the switch "--setugids".

Linux system info script - latest version

Whenever I work on Performance issue of a Linux server or when I do any Server Audit, I used to wonder how great it would be if I have a script that will give me all the vital information about the system including the Health status and Security settings. I put my thought into action and this Perl script is a result of it.

Upon execution with the syntax "perl sysinfo.pl", it will display all the vital System parameter details, Health Status and the Security Information on ONE screen.

Supported Platform :  Any Physical or VMware Server running on Linux OS with Perl installed.

Packages required : The Linux machine should contain 'sysstat' and 'dmidecode-2.xx' package,

URL to download the script: https://tinyurl.com/yb97snab
Once you download, please run the following command to convert the script into Unix format: # dos2unix sysinfo.pl

SAMPLE OUTPUT

Note: I shall keep adding new features to this script. Hence please use the given download link to get the latest version.

PS: The Logics used in this script are chosen based on appropriate theory on Linux to ensure the accuracy of output.
Any feedback or suggestions are most welcome!! 

Automatically logout inactive SSH sessions

Typically in an Enterprise setup, we would see Users login from various terminals via SSH but never bother to disconnect the established session. This might cause a slight overload on the Network, since these Established sessions have to maintain their connections by sending Alive packets. So I guess it would be appropriate if we make these Users automatically Logout after a certain period of Inactivity (say 1 hour).

Solution 1:

Create a file called "autologout.sh" under /etc/profile.d with execute permission.

# touch /etc/profile.d/autologout.sh

# chmod 711 /etc/profile.d/autologout.sh

Add the following entries to it (Assuming we have to automatically Logout the users after 1 hour, which is 3600 seconds).

TMOUT=3600

readonly TMOUT

export TMOUT

Solution 2:

Enable the following directives in SSH config file (/etc/ssh/sshd_config) and reload the 'sshd' service.

ClientAliveInterval 3600

ClientAliveCountMax 0

# service sshd reload  (or)  # service sshd restart

Few useful Bash Shell shortcuts

Ctrl + l       # Clear the screen
Ctrl + u      # Delete backward from the cursor position
Ctrl + k      # Delete till End of Line
Ctrl + r      # Search the History from backwards
Ctrl + e     # Move the cursor to end of line


Alt + Back-space      # Delete backwards word by word
Alt + t                      # Shuffle words
Alt + b                     # Move backwards
Alt + f                      # Move forwards


Press 2 times Tab key       # Lists all available commands on the server
$ with 2 times Tab key       # Display all system variables
Some string followed by 2 times Tab key     # All available commands starting with that string  


Refer: http://wiki.bash-hackers.org/syntax/shellvars

Analyzing past System performance of a Linux server

Assumption: 

Today's date is 13th Aug, 2011.  You are asked to check the System performance of a Linux server on 7th Aug,2011 between 3 AM to 5 AM.

Solution: 

Run the 'sar' command on the respective 'sa' (System Activity) file created for the date "7th Aug,2011" with specifying the Starting and End time.

Illustration:

Go to /var/log/sa

[root@hostxyz sa]# ls -ltr sa??

-rw-r--r-- 1 root root 481776 Aug 5 23:50 sa05
-rw-r--r-- 1 root root 481776 Aug 6 23:50 sa06
-rw-r--r-- 1 root root 481776 Aug 7 23:50 sa07       # File that belongs to 7th Aug,2011
-rw-r--r-- 1 root root 481776 Aug 8 23:50 sa08
-rw-r--r-- 1 root root 481776 Aug 9 23:50 sa09
-rw-r--r-- 1 root root 481776 Aug 10 23:50 sa10
-rw-r--r-- 1 root root 481776 Aug 11 23:50 sa11
-rw-r--r-- 1 root root 481776 Aug 12 23:50 sa12
-rw-r--r-- 1 root root 287824 Aug 13 14:10 sa13

[root@hostxyz sa]#
[root@hostxyz sa]# sar -u -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01   # To check CPU utilization
Linux 2.6.18-92.el5 (hostxyz) 08/07/2011

03:00:01 AM CPU %user %nice %system %iowait %steal %idle
03:10:01 AM all 24.57 0.00 5.16 6.04 0.00 64.23
03:20:01 AM all 24.57 0.10 5.06 6.28 0.00 63.98
03:30:01 AM all 24.33 0.00 4.88 5.64 0.00 65.14
03:40:01 AM all 15.75 0.00 3.93 10.52 0.00 69.80
03:50:01 AM all 12.70 0.00 3.09 19.04 0.00 65.17
04:00:01 AM all 16.80 0.00 3.90 9.40 0.00 69.90
04:10:01 AM all 9.18 0.02 2.26 14.43 0.00 74.11
04:20:01 AM all 8.84 0.10 2.20 9.65 0.00 79.22
04:30:01 AM all 11.42 0.00 3.24 10.50 0.00 74.84
04:40:01 AM all 11.84 0.00 2.43 20.64 0.00 65.09
04:50:01 AM all 17.80 0.00 3.78 17.00 0.00 61.42
05:00:01 AM all 6.46 0.00 1.53 21.80 0.00 70.22
Average: all 15.35 0.02 3.46 12.58 0.00 68.59

[root@hostxyz sa]#

[root@hostxyz sa]#  sar -r -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01    # To check Memory status

[Output no shown]
.

[root@hostxyz sa]#  sar -q -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01    # To check Load average

[Output not shown]

.

[root@hostxyz sa]#  sar -b -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01     # To check I/O status

[Output not shown]

.

[root@hostxyz sa]#  sar -n DEV -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01    # To check Network status

[Output not shown]

.

[root@hostxyz sa]# 

Notes: In Linux, System activity report is collected for every 10 minutes by a cron job "sysstat" located under /etc/cron.d and at end of the day, a summary report is generated and saved in /var/log/sa/saXX file, which we can use for later analysis. 

[root@hostxyz cron.d]# cat sysstat

# run system activity accounting tool every 10 minutes

*/10 * * * * root /usr/lib64/sa/sa1 1 1

# generate a daily summary of process accounting at 23:53
53 23 * * * root /usr/lib64/sa/sa2 -A

root@hostxyz cron.d]#

Sending mail using 'mutt' from shell

In my opinion, 'mutt' is the best text-based Email client for sending mails with Attachment from Linux shell. The best part with it is, it supports wide variety of MIME ("Multipurpose Internet Mail Extensions") types, which ensures the integrity of various types of attachments such as Binary, jpeg, mp3 files.

Below shown are few command sets for sending mails using Mutt with following specifications.

To address: rdashokraj@yahoo.com

Subject: Test mail

Attachment filename:  song.mp3

Message body:  "This mail has a mp3 attachment"

With attachment:

# echo "This mail has a mp3 attachment" | mutt -s "Test mail" -a song.mp3 rdashokraj@yahoo.com

# mutt -s "Test mail" -a study.dat rdashok@outlook.com < messagefile 

Note: "messagefile" is the filename that contains the message body "This mail has a mp3 attachment"

Without attachment:

# echo "Mail without attachment" | mutt -s "Test mail" rdashok@outlook.com

Without Message body:

# mutt -s "Test mail" -a study.txt rdashok@outlook.com < /dev/null

Converting a file from uppercase to lowercase and vice-versa

Syntax to convert Upper to lowercase:

# dd if=[file with uppercase] of=[output filename] conv=lcase

[or]

# cat [file with uppercase] | tr '[:upper:]' '[:lower:]'  > output_file

Syntax to convert Lower to uppercase:

# dd if=[file with lowercase] of=[output filename] conv=ucase

[or]

# cat [file with lowercase] | tr '[:lower:]' '[:upper:]'  > output_file

How to check sudo access available for a Normal user ?

Lets say you logged into a Linux server as a Normal user and you want to know what sudo-access privileges your user-account has.

Run the command “sudo -l” to get the details about sudo-access (like shown below):

[ashok@hostxyz~]$ sudo -l
User ashok may run the following commands on this host:
(ALL) NOPASSWD: /bin/su - jboss
(ALL) NOPASSWD: /bin/su - nagios
(ALL) NOPASSWD: /bin/su – mysql
(ALL) /etc/init.d/postfix restart
(ALL) /etc/init.d/postfix start
(ALL) /etc/init.d/postfix stop
(ALL) /etc/init.d/httpd start
(ALL) /etc/init.d/httpd stop
[ashok@hostxyz~]$

Examining an unknown binary file in Linux

Scenario:  

Lets say you have come across an unknown Binary file in a Linux server and you want to know more details about it. 

Steps to follow:

i)    First run 'file' command to get its file-type and other details.

ii)   Check if the file is installed from any RPM by executing "rpm -qf  [filename]"

iii)  Check if the binary file uses any shared Library modules by running "ldd".

iv)  Check when was the file last modified and accessed, by using "stat" command.

v)   Finally check the printable characters in that file by using "strings" command and see if you could figure out anything from the output. "strings" output usually show the System calls made by that file and it will give you a clue about it. If you are familiar with "C" functions such as fopen, stdin, malloc etc, it would be relatively easier for you to figure out.  

Illustration:    

[root@hostxyz tmp]# ls

hsperfdata_root  lost+found  strange_file

[root@hostxyz tmp]# file strange_file

strange_file: ELF 64-bit LSB executable, AMD x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, stripped

[root@hostxyz tmp]# rpm -qf strange_file

file /tmp/strange_file is not owned by any package

[root@hostxyz tmp]# ldd strange_file

        libproc-3.2.7.so => /lib64/libproc-3.2.7.so (0x0000003ea3000000)

        libc.so.6 => /lib64/libc.so.6 (0x0000003ea2c00000)

        /lib64/ld-linux-x86-64.so.2 (0x0000003ea2800000)

[root@hostxyz tmp]# stat strange_file

  File: `strange_file'

  Size: 7816            Blocks: 16         IO Block: 4096   regular file

Device: 803h/2051d      Inode: 98306       Links: 1

Access: (0755/-rwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)

Access: 2011-07-28 16:52:03.000000000 -0500

Modify:  2011-07-28 15:48:20.000000000 -0500

Change: 2011-07-28 15:49:57.000000000 -0500

[root@hostxyz tmp]# strings strange_file

/lib64/ld-linux-x86-64.so.2

l$ L

usage: uptime [-V]

    -V    display version

libproc-3.2.7.so

__gmon_start__

_Jv_RegisterClasses

display_version

print_uptime

libc.so.6

stderr

fwrite

__libc_start_main

_3_2_5

GLIBC_2.2.5

/lib64/ld-linux-x86-64.so.2

[root@hostxyz tmp]#

Final note: Never open (vi) any binary file as it might corrupt it. Couple of times I had messed up some certification key file, which are in encrypted format.

How to find active TCP in Linux server ?

Situation:  You want to find all the Active TCP connections to a Linux machine for a given Port No. or a Port range. This you might want to do, to find any unauthorized access, to find the server utilization or for trouble-shooting purpose.


Solution:  Use 'lsof' or 'netstat' with appropriate switches. Here I illustrated about using 'lsof' as it will give more legible output when compare to 'netstat' command.


Syntax:  
# lsof -i @[Server IP]:[Port no or Port-no range] -R | grep TCP | sort -k7 -u


Example:
For demonstration purpose, I logged-in to a Linux FTP server and connected it from 3 remote servers via FTP protocol (port: 21).


Command to find how many FTP connections the server has now:
[root@ftpserver~]# lsof -i @10.20.64.30:21 -R | grep TCP | sort -k7 -u
vsftpd  12355 12353 adevaraju    0u  IPv4 58945888       TCP ftpserver:ftp->r3aash01-d1.prod.domain:44760 (ESTABLISHED)
vsftpd  12605 12602 adevaraju    0u  IPv4 58946864       TCP ftpserver:ftp->stoash01-t1.prod.domain:25559 (ESTABLISHED)
vsftpd  13191 13189 adevaraju    0u  IPv4 58947254       TCP ftpserver:ftp->gtwash01.prod.domain:50426 (ESTABLISHED)
[root@ftpserver ~]#


Command to find how many connections the server has in port range 20 - 80:
# lsof -i @10.20.64.30:20-80 -R | grep TCP | sort -k7 -u
[Output not shown]

PS: I have already written a post on using 'lsof' and 'netstat'. Please refer it as well:
http://ashok-linux-tips.blogspot.com/2010/10/how-to-pid-associated-with-port-no.html

Granting sudo access to reset local user-accounts password

In a RHEL server, I want to grant sudo access for a Group to reset any local User-accounts' password. At the same time, I don't want them to reset the password of ROOT user.

Solution:   Use ! (exclude) option in /etc/sudoers file.

Syntax:  %groupname ALL=(ALL) NOPASSWD: /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root

Refer this also:  http://ashok-linux-tips.blogspot.com/2010/09/using-wild-characters-while-providing.html

Perl script to find Broken Symbolic links

Creating Symbolic links across filesystem are very handy but at the same time, they can be a real pain when they got broken. At my work I often seen Developers wasting their time in fixing application issues, which was fundamentally caused by broken symbolic links. So I came out with this script.


Upon execution of this script, it will prompt you to enter the filesystem paths as parameters. Once done, it will report all the broken symbolic links with count number.


I used the Perl module File::Find (comes default with any Perl package) for traversing through all the filenames in the specified directories and report the broken links. For each file it finds, it calls the &wanted subroutine, which in turn uses the Stat function to match the symbolic link files which are broken. To be honest, I grabbed this logic from an online book on Perl programming.


Supported platforms: Any Unix platform with Perl version 5.x installed.


EXAMPLE

[root@hostxyz opt]# perl check_broken_link.pl

Enter the filesystem path (like /etc /opt /var) : /var /etc /usr /home
Disconnected Link => /var/lib/jbossas/server/production/lib/jboss-remoting.jar -> /usr/share/java/jboss-remoting.jar
Disconnected Link => /var/lib/jbossas/server/default/lib/jboss-remoting.jar -> /usr/share/java/jboss-remoting.jar
Disconnected Link => /etc/alternatives/jaxws_api -> /usr/share/java/glassfish-jaxws.jar
Disconnected Link => /etc/alternatives/jaxws_2_1_api -> /usr/share/java/glassfish-jaxws.jar
Disconnected Link => /etc/alternatives/jaxb_2_1_api -> /usr/share/java/glassfish-jaxb.jar
Disconnected Link => /etc/alternatives/jaxb_api -> /usr/share/java/glassfish-jaxb.jar
Disconnected Link => /usr/share/java/jaxws_api.jar -> /etc/alternatives/jaxws_api
Disconnected Link => /usr/share/java/jaxb_api.jar -> /etc/alternatives/jaxb_api
Disconnected Link => /usr/share/java/jaxws_2_1_api.jar -> /etc/alternatives/jaxws_2_1_api
Disconnected Link => /usr/share/jbossas/client/jboss-remoting.jar -> /usr/share/java/jboss-remoting.jar


Total number of Disconnected links: 10
[root@hostxyz opt]#


SCRIPT

#!/usr/bin/perl
use File::Find ();
use vars qw/*name *dir *prune/;
my ($cnt,$i,$cnt_sub) = (0,0,0);
print "\n";
*name = *File::Find::name;
*dir = *File::Find::dir;
*prune = *File::Find::prune;
print "Enter the filesystem path (like /etc /opt /var) : ";
my $arr = <>;
chomp($arr);
print "\n";
my @inpts = split(/ /, $arr);


foreach(@inpts)
{
File::Find::find({wanted => \&wanted}, $inpts[$i] ); # Calling wanted subroutine which use stat function to match broken links
$cnt = $cnt_sub + $cnt;
$i++;
$cnt_sub = 0;
}
print "Total number of Disconnected links: $cnt \n\n";


sub wanted {
if (-l $_) {
@stat = stat($_);
if ($#stat == -1)
{
$flname = `ls -l $name`;
($flperm, $numlnk, $flown1, $flown2, $dt, $mnth, $tm1, $tm2, $cfnm, $ar, $dsfl) = split /\s+/, $flname;
print "Disconnected Link => $cfnm $ar $dsfl\n\n";
$cnt_sub++;
  }
 }
}


URL to download the script :  http://db.tt/b7so1QYo

Best way to check Hyper-threading feature in Linux

Run "dmidecode -t processor" and grep for the entry "HTT" from the result.


Sample output:

[root@server10 ~]# dmidecode -t processor | grep HTT
HTT (Hyper-threading technology)
HTT (Hyper-threading technology)
[root@server10 ~]#

So if Hyper-threading is enabled, the count of Logical Processors would be double the number of CPU cores that you got on the server.
To find the number of CPU cores, you either use "dmidecode -t processor" command or check the number of Physical IDs from "/proc/cpuinfo" output.

Please be aware the “ht” entry in /proc/cpuinfo output is a confusing flag. It may be definite for CPU with single core but not for multi-core CPU. Enabling HT should be done at BIOS level.

VMware ESXi basic command reference

To find ESX software version and build:
# vmware -v
  VMware ESXi 4.1.0 build-348481
# vmware -l
  VMware ESXi 4.1.0 Update 1


To know the Hostname and IP Addess:
# hostname -s
   vmesxi-ht1
# hostname -i
  171.12.13.14


To find list of VMs running:
# vm-support -x
VMware ESX Support Script 1.33
Available worlds to debug:
wid=6342 hostlx03
wid=608998 cactty01


# vim-cmd vmsvc/getallvms
Vmid Name File Guest OS Version Annotation
144 cactty01 [datastore1] cacllm01-d2_template/cacllm01-d2_template.vmx rhel5_64Guest vmx-07 Linux host with RHEL 5.6 64bit OS with JDK 1.6
48 hostlx03 [datastore1] htblsb03/htblsb03.vmx rhel5Guest vmx-07
#


To see the running processes
# esxtop


To get the list of services:
# chkconfig --list
DCUI on
TSM-SSH on
TSM on
.
[ Output truncated]
#


To check NIC properties:
# esxcfg-nics -l
Name PCI Driver Link Speed Duplex MAC Address MTU Description
vmnic0 0000:10:00.00 bnx2 Up 1000Mbps Full 5c:f3:fc:21:b5:e4 1500 Broadcom Corporation Broadcom NetXtreme II BCM5709 1000Base-SX
vmnic1 0000:10:00.01 bnx2 Up 1000Mbps Full 5c:f3:fc:21:b5:e6 1500 Broadcom Corporation Broadcom NetXtreme II BCM5709 1000Base-SX
vusb0 Pseudo cdc_ether Up 0Mbps Half 5e:f3:fc:23:b5:e7 1500 Unknown Unknown
#
# esxcfg-vmknic -l
Interface Port Group/DVPort IP Family IP Address Netmask Broadcast MAC Address MTU TSO MSS Enabled Type
vmk0 Management Network IPv4 10.20.21.160 255.255.255.0 10.20.21.255 5c:f3:fc:21:b5:e4 1500 65535 true STATIC


# esxcfg-vswitch -l
Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
vSwitch0 128 5 128 1500 vmnic0
PortGroup Name VLAN ID Used Ports Uplinks
VM Network 4095 2 vmnic0
Management Network 0 1 vmnic0
Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
vSwitch2 128 3 128 1500 vmnic1
PortGroup Name VLAN ID Used Ports Uplinks
VM Network 3 0 1 vmnic1
#


# vsish -e get net/pNics/vmnic0/properties
properties {
Driver Name:bnx2
Driver Version:2.0.7d-3vmw
Driver Firmware Version:5.2.3 NCSI 2.0.10
System Device Name:vmnic0
Module Interface Used By The Driver:vmklinux26
Device Hardware Cap Supported:: 0x3c032b -> VMNET_CAP_SG Device Software Cap Activated:: 0x800000 -> VMNET_CAP_RDONLY_INETHDRS
Interrupt Vector:0xff
Link Up:1
Speed (Mb/s):1000
Full Duplex:1
Uplink Port ID:0x01000002
.
[ Output truncated ]
 #
PS: As there are already several well-written article on this subject, I don't wanna put more effort on it. So here am recommending couple of links which am impressed with:
http://b2v.co.uk/b2vguide2vmware3.htm
http://www.vmware.com/support/developer/vcli/vcli41/doc/reference/index.html

Protecting Critical files using File attributes

Situation:  Sometimes it’s very imperative to protect the Logs or some other files in a Linux server from being manipulated. For example, "DHCP log", which is vital for any Internet service provider to trace the leased IP during investigation. The question is, how to protect these logs when no one is 100% trustworthy in an organization including the system admin team who has full root access :)

Linux comes out with a solution called File attributes, by which irrespective of ownership on a file, you can still protect it from manipulation and deletion. All you need is just 2 commands:

lsattr – for listing the file attributes

chattr – for changing the file attributes

It is explained with an example here:

[root@server01 opt]# cat > testfile                           # Creating a file name “testfile”

Some contents

[root@server01 opt]# cat testfile                               # Displaying its contents

Some contents

[root@server01 opt]# lsattr testfile                            # Listing the file attributes (its blank)

------------- testfile

[root@server01 opt]# chattr +a testfile                    # Changing the file attribute to APPEND ONLY mode (using +a option) which takes care of undelete option as well.

[root@server01 opt]# lsattr testfile                            # Shows the file has Append only attribute set.

-----a------- testfile

[root@server01 opt]# echo "Additional text" > testfile           #  Now am trying to overwrite the file contents but it is NOT allowing.

-bash: testfile: Operation not permitted

[root@server01 opt]# echo "Additional text" >> testfile             # But Appending the file content works

[root@server01 opt]# cat testfile

Some contents

Additional text

[root@server01 opt]#

[root@server01 opt]# rm testfile                                                   # Trying to delete the file but it doesn’t allow.

rm: remove regular file `testfile'? y

rm: cannot remove `testfile': Operation not permitted

 [root@server01 opt]# chattr -a testfile                                        # Removing the file attribute value by using –a option.

[root@server01 opt]# lsattr testfile                                                # File attributes gone

------------- testfile

[root@server01 opt]# echo "Additional text" > testfile                     # Now am able to overwrite the file.

[root@server01 opt]# cat testfile

Additional text

[root@server01 opt]# rm testfile                                                    # And am able to delete it as well

rm: remove regular file `testfile'? y

[root@server01 opt]#

Next question is , how to prevent changing the file attribute like I did using “–a” option above. Linux comes with solution for that as well. By using a tool called LCAP, we can remove the capability of root user from changing the file attributes. That capability can be revoked only upon reverting back the kernel changes and reboot the server, which is indeed not an easy task.

Hiding/Clearing history commands

Hiding certain commands from history

At times you might want to Hide some commands executed by you. This is needless to explain, we might have to do this for various reasons. But I suggest not to hide anything intentionally from history @ work :)

Solution:

Add the below entry in .bash_profile and run “source .bash_profile” or re-login to the server.  After this whatever command you want to hide, just execute it by typing a SPACE infront. The history command will not remember any commands that is preceded by space infront.

export HISTCONTROL=ignorespace

Explained with an example here:

[adevaraju@host02 ~]$ cat .bash_profile

# .bash_profile

# Get the aliases and functions

if [ -f ~/.bashrc ]; then

        . ~/.bashrc

fi

# User specific environment and startup programs

PATH=$PATH:$HOME/bin

export PATH

export HISTCONTROL=ignorespace

[adevaraju@host02 ~]$ source .bash_profile

[adevaraju@host02 ~]$ touch file1

[adevaraju@host02 ~]$ echo "Some text" > file1

[adevaraju@host02 ~]$ echo "Some more text" >> file1

[adevaraju@host02 ~]$ ls -l file1

-rw-r--r-- 1 adevaraju domain users 25 Nov 30 08:10 file1

[adevaraju@host02 ~]$ touch -t 1111111111 file1

[adevaraju@host02 ~]$ ls -lt file1

-rw-r--r-- 1 adevaraju domain users 25 Nov 11  2011 file1

[adevaraju@host02 ~]$  rm file1                             ß Executing the ‘rm’ command with space infront

[adevaraju@host02 ~]$ history | tail -10

   27  history

   28  cat .bash_profile

   29  source .bash_profile

   30  touch file1

   31  echo "Some text" > file1

   32  echo "Some more text" >> file1

   33  ls -l file1

   34  touch -t 1111111111 file1

   35  ls -lt file1

   36  history | tail -10

[adevaraju@host02 ~]$

You can note the command ‘rm file1’ is not displayed in ‘history’ output. Since it had space in front, it was ignored by history command.

Clearing the entire history

Sometime you may want to clear all the previous history, but want to keep the history moving forward. Just execute history with –c option. Everything will go off.

[adevaraju@host02 ~]$ history -c

[adevaraju@host02 ~]$ history

    1  history

[adevaraju@host02 ~]$

Splitting a file in Linux

In Linux, you might want to split a file to reduce its File size or want to extract a portion of huge file which runs into 1000+ lines.

Linux provides “split” command to do this and it is explained with an example here, which shows a log file “test.log” which consists of about 1.5 lakhs lines is splitted into 10K lines each.

[root@host01-t1 log]# cat test.log | wc -l

147815                                                                                   # The file "test.log" consists about 150K lines

[root@host01-t1 log]#

[root@host01-t1 log]# cp test.log  test.log_bkp                           # First take a backup of original file

[root@host01-t1 log]# split -l 10000 test.log splitted_file            # Splitting the test.log file into 10000 lines each with prefix “splitted_file”              

[root@host01-t1 log]#

 [root@host01-t1 log]# ls -ltr

.

.

.

-rw-r--r-- 1 root  root   26112117 Oct 26 04:20 test.log

-rw-r--r-- 1 root  root    1384098 Oct 26 04:39 splitted_fileao

-rw-r--r-- 1 root  root    1766812 Oct 26 04:39 splitted_filean

-rw-r--r-- 1 root  root    1768778 Oct 26 04:39 splitted_fileam

-rw-r--r-- 1 root  root    1769234 Oct 26 04:39 splitted_fileal

-rw-r--r-- 1 root  root    1767256 Oct 26 04:39 splitted_fileak

-rw-r--r-- 1 root  root    1764489 Oct 26 04:39 splitted_fileaj

-rw-r--r-- 1 root  root    1766383 Oct 26 04:39 splitted_fileai

-rw-r--r-- 1 root  root    1767934 Oct 26 04:39 splitted_fileah

-rw-r--r-- 1 root  root    1763855 Oct 26 04:39 splitted_fileag

-rw-r--r-- 1 root  root    1765981 Oct 26 04:39 splitted_fileaf

-rw-r--r-- 1 root  root    1767587 Oct 26 04:39 splitted_fileae

-rw-r--r-- 1 root  root    1766195 Oct 26 04:39 splitted_filead

-rw-r--r-- 1 root  root    1763062 Oct 26 04:39 splitted_fileac

-rw-r--r-- 1 root  root    1767100 Oct 26 04:39 splitted_fileab

-rw-r--r-- 1 root  root    1763353 Oct 26 04:39 splitted_fileaa

-rw-r--r-- 1 jboss jboss  27684221 Oct 26 04:39 thirdparty.log

[root@host01-t1 log]#

[root@host01-t1 log]# cat splitted_fileaf | wc -l

10000

[root@host01-t1 log]# cat splitted_fileac | wc –l           # splitted file consists of 10000 lines each.

10000

[root@host01-t1 log]#