Top 10 basic Linux commands for beginners

1. id – display information about user.

id will print the user and group information of the given argument, if no argument is given, it will show the information of the currently logged in user.

$ id
uid=1000(daniel) gid=1000(daniel) groups=1000(daniel),4(adm),27(sudo)
$ id -u -n
daniel
$ id root
uid=0(root) gid=0(root) groups=0(root)
$ id sshd
uid=110(sshd) gid=65534(nogroup) groups=65534(nogroup)
 

2. ls – list files in a directory.

ls lists the contents of current directory if not arguments are given. It has probably one of the largest number of options compared to other Linux commands.

$ pwd            # our current working directory
/home/daniel/projects
$ ls             # content of current directory
demo.txt  mail  nfs  redhat  samba
$ ls -l          # long listing
total 20
-rw-rw-r-- 1 daniel daniel   21 Apr 15 01:04 demo.txt
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 mail
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 nfs
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 redhat
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 samba
$ ls -1         # list one file per line
demo.txt
mail
nfs
redhat
samba
$ ls -a        # show all, including ones starting with . (dot)
.  ..  demo.txt  .hidden  mail  nfs  redhat  samba
$ ls -al       # long listen plus show all 
total 32
drwxrwxr-x  6 daniel daniel 4096 Apr 15 01:04 .
drwxr-xr-x 18 daniel daniel 4096 Apr 15 01:06 ..
-rw-rw-r--  1 daniel daniel   21 Apr 15 01:04 demo.txt
-rw-rw-r--  1 daniel daniel   32 Apr 15 01:03 .hidden
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 mail
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 nfs
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 redhat
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 samba
#  ls --format=verbose    # same as ls -l
total 20
-rw-rw-r-- 1 daniel daniel   21 Apr 15 01:04 demo.txt
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 mail
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 nfs
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 redhat
drwxrwxr-x 2 daniel daniel 4096 Apr 15 01:04 samba
$ ls -F                  # classify: / for directory, * for executable, @ for symbolic link
demo-link@  demo.txt  mail/  nfs/  redhat/  run.sh*  samba/

$ ls -ls /etc/h*         # sort by size, smallest first for all files starting with h in /etc/ directory
8 -rw-r--r-- 1 root root 4781 Mar 17  2016 /etc/hdparm.conf
4 -rw-r--r-- 1 root root   92 Oct 22  2015 /etc/host.conf
4 -rw-r--r-- 1 root root   12 Feb 18 01:21 /etc/hostname
4 -rw-r--r-- 1 root root  191 Feb 18 01:21 /etc/hosts
4 -rw-r--r-- 1 root root  411 Feb 18 01:29 /etc/hosts.allow
4 -rw-r--r-- 1 root root  711 Feb 18 01:29 /etc/hosts.deny
                                   

3. cat – concatenate files and print on the standard output.

cat conCATenates one or more files given as argument and prints those on the standard output (console).
If no file or ‘-‘ (dash) is given, it reads from standard input until EOF (Ctrl+D) is pressed and prints is to standard output.

$ ls -l linus         # ls to make sure file exists
-rw-rw-r-- 1 daniel daniel 403 Apr 15 01:20 linus

$ cat linus           # print content of file to stdout
Hello everybody out there using minix -

I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones.
This has been brewing since april, and is starting to get ready.
I'd like any feedback on things people like/dislike in minix,
as my OS resembles it somewhat (same physical layout of the file-system (due to practical reasons) among other things).

$ cat -n linus       # show line numbers with -n
     1	Hello everybody out there using minix -
     2	
     3	I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones.
     4	This has been brewing since april, and is starting to get ready.
     5	I'd like any feedback on things people like/dislike in minix,
     6	as my OS resembles it somewhat (same physical layout of the file-system (due to practical reasons) among other things).

$ cat          # read from stdin(keyboard) and print to stdout(screen), repeats after me until I press Ctr+D to end it.
reading
reading
from standard inpu
from standard inpu
pressing Ctr+D now
pressing Ctr+D now

$ cat << EOF > file-from-stdin       # Reads from keyboard until EOF is pressed and saves(redirects) the text to a file.
  I read this from stdin
  end of file
  EOF

$ ls -l file-from-stdin               # printing content of file we created above.
-rw-rw-r-- 1 daniel daniel 35 Apr 15 01:22 file-from-stdin

$ cat file-from-stdin 
I read this from stdin
end of file

4. clear – clears the terminal screen.

clear is self-explanatory, it clears the terminal display and places your cursor at the top left corner. Similar to “cls” command in DOS/Windows/PowerShell.

$ clear

5. rm – removes one or more files.

 ls           # list of files/dirs in current directory
demo-link  demo.txt  file-from-stdin  linus  mail  myfile  nfs  redhat  run.sh  samba

$ ls myfile    # file exists
myfile

$ rm myfile      # delete file

$ ls myfile      # we should get an error
ls: cannot access 'myfile': No such file or directory

$ rm -i linus    # prompt for confirmation before removing file
rm: remove regular file 'linus'? y

$ rm -v demo.txt   # add verbosity, explain what is being done.
removed 'demo.txt'

$ rm -d mail -v     # remove empty directory
removed directory 'mail'

$ rm redhat/         # try to delete directory with rm, should get an error
rm: cannot remove 'redhat/': Is a directory

$ rm -d redhat        # error again, not empty
rm: cannot remove 'redhat': Directory not empty

$ rm -r redhat/ -v     # use -r for recursive removal of directory and its contents.
removed 'redhat/version7'
removed 'redhat/version6'
removed directory 'redhat/'

Use rmdir to delete the named directory, not its contents. To completely wipe out a directory and its contents use ‘rm -r’.

6. mkdir – make or create one or more directories.

mkdir is used to create one or more directories under current directory if no directory argument is given. The user creating the directory must have the permission to create a directory under the specified directory.

$ whoami                  # regular user
daniel

$ mkdir /root/mydir       # trying to create directory under root user's home directory, should get permission error.
mkdir: cannot create directory ‘/root/mydir’: Permission denied

$ pwd                      # current working directory, my home directory
/home/daniel/projects

$ mkdir april-15           # create directory here
$ ls
april-15  demo-link  file-from-stdin  nfs  run.sh

$ mkdir nfs -v             # can't overwrite an existing directory
mkdir: cannot create directory ‘nfs’: File exists
$ mkdir newdir/seconddir/thriddir    # can't create a series of directories without parent directories existing
mkdir: cannot create directory ‘newdir/seconddir/thriddir’: No such file or directory

$ mkdir -p newdir/seconddir/thriddir  # -p makes parent directories as well, solves above problem.

$ ls -R newdir/                       # recursive (-R) listing with ls shows all directories created.
newdir/:
seconddir

newdir/seconddir:
thriddir

newdir/seconddir/thriddir:

7. mv – moves a file or directory to another location.

mv is most commonly used for renaming files and directories. You can specify more than two directory arguments,
it will move the all directory, except the last one to the last (destination) directory.

$ mv -v run.sh run-script.sh   # -v is for verbose, move file.
'run.sh' -> 'run-script.sh'

$ ls run*                      # file has been renamed.
run-script.sh

$ mv samba/ nfs/ redhat/ -v          # move first two directories to the last one
'samba/' -> 'redhat/samba'
'nfs/' -> 'redhat/nfs'

$ ls redhat/
nfs  samba      

8. cp – copy files and directories.

cp is used to copy files as well as directories, most commonly to take backups.

$ ls
april-15  demo  demo-link  demo.txt  file-from-stdin  hosts-backup  linus  mail  myfile  newdir  redhat  run-script.sh

$ cp demo demo-new -v    # copying directory
cp: omitting directory 'demo'

$ cp -r demo demo-new -v    # recursive(-r) copy, with verbose(-v) mode.
'demo' -> 'demo-new/demo'
'demo/one' -> 'demo-new/demo/one'

$ cp -av redhat /tmp/      # archive, preserve the specified attributes
'redhat' -> '/tmp/redhat'
'redhat/nfs' -> '/tmp/redhat/nfs'
'redhat/samba' -> '/tmp/redhat/samba'
'redhat/newdir' -> '/tmp/redhat/newdir'
'redhat/newdir/seconddir' -> '/tmp/redhat/newdir/seconddir'
'redhat/newdir/seconddir/thriddir' -> '/tmp/redhat/newdir/seconddir/thriddir'

$ls -al /tmp/redhat/
total 20
drwxrwxr-x  5 daniel daniel 4096 Apr 15 01:55 .
drwxrwxrwt 13 root   root   4096 Apr 15 01:58 ..
drwxrwxr-x  3 daniel daniel 4096 Apr 15 01:55 newdir
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:04 nfs
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:51 samba

$ touch demo/one mail/one

$ cp demo/one mail/one        # overwrite file

$ cp -i demo/one mail/one     # prompt before overwriting a file
cp: overwrite 'mail/one'? y

$ cp -s demo-link  demo-link2  # copy as symbolic link

$ ls -l
...
lrwxrwxrwx  1 daniel daniel    8 Apr 15 01:51 demo-link -> demo.txt
lrwxrwxrwx  1 daniel daniel    9 Apr 15 02:02 demo-link2 -> demo-link
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:58 demo-new
...
$ cp demo-link demo-link3     # copies target or dereferenced file, not symbolic link.

$ ls -l
...
drwxrwxr-x  2 daniel daniel 4096 Apr 15 02:00 demo
lrwxrwxrwx  1 daniel daniel    8 Apr 15 01:51 demo-link -> demo.txt
lrwxrwxrwx  1 daniel daniel    9 Apr 15 02:02 demo-link2 -> demo-link
-rw-rw-r--  1 daniel daniel   21 Apr 15 02:02 demo-link3
drwxrwxr-x  2 daniel daniel 4096 Apr 15 01:58 demo-new
-rw-rw-r--  1 daniel daniel   21 Apr 15 01:51 demo.txt
...

9. cd – change directory.

cd is actually a built-in shell command, you won’t find it in the file system as the other commands above. It is used to change working directory.
Use it with “pwd” to show your current directory.


$ pwd        # our current working directory
/home/daniel/projects
$ cd demo    # changing to demo/ directory
$ pwd
/home/daniel/projects/demo
$ cd -       # switch back to previous directory, "-" (dash) does the trick.
/home/daniel/projects
$ pwd
/home/daniel/projects
$ cd /root/   # you need permission to switch to protected directories.
-bash: cd: /root/: Permission denied

10. man – display information from the man pages.

The man command provides and interface to the on-line reference manuals. man will search through all the sections of the man pages.
If the section number is given, it will search only that section.

$ man man       # search the man  pages for information about the man command.

$ man ls          # help on ls

$ man 5 crontab   # search in section 5 of the man pages

$ man -k mkdir    # show short description of mkdir keyword.
mkdir (1)            - make directories
mkdir (2)            - create a directory
mkdirat (2)          - create a directory

How to terminate or cancel an unresponsive ssh session.

While connected to a remote host through an ssh connection using Putty or other ssh clients, your client might freeze and not respond to any keyboard activity. In order to force an exit, there is a “secret” keyboard shortcut – Enter~. [ Enter followed by ~ followed by .(dot) ]

[daniel@kauai ~]$ ssh daniel@linuxfreelancer.com

Hostname..........: svm1010.xenvps-server.net
Uptime............: 21:25:34 up 14654 days, 15:00,  2 users,  load average: 0.09, 0.19, 0.17
Server IP.........: 173.230.241.181
Operating System..: Ubuntu 10.04.4 LTS
Username..........: daniel

daniel@svm1010:~$ uname
Linux

***Press*** Enter~.  {Enter key, followed by '~', followed by '.'}

daniel@svm1010:~$ Connection to linuxfreelancer.com closed.

[daniel@kauai ~]$ 

After you press the Enter~. the connection will be aborted and your session will return to the connection originating client shell.

Alternatively, you can background the ssh session with Enter~Ctrl+Z and then foreground it with fg command.

References –

https://serverfault.com/questions/283129/why-do-consoles-sometimes-hang-forever-when-ssh-connection-breaks

ipython tutorial and how to delete sensitive data from history

ipython is program which allows you to run python code in an interactive shell. Although Python itself when run from CLI opens an interactive shell as well, ipython is much more powerful and greatly improves your productivity. Some of the things you can do with ipython but not the default python shell is command or code and file name completion, view history, copy/paste a single or multiline code, nicely colored help with in the shell, run Linux commands such as ls or cat, scroll up/down to previous commands, automatically adds spaces after you press enter, etc.

Installation

pip install ipython

Quick demo
Start ipython by typing the

ipython

command in your CLI –

daniel@lindell:/tmp$ ipython
Python 2.7.12 (default, Nov 19 2016, 06:48:10) 
Type "copyright", "credits" or "license" for more information.

IPython 5.4.1 -- An enhanced Interactive Python.
?         -> Introduction and overview of IPython's features.
%quickref -> Quick reference.
help      -> Python's own help system.
object?   -> Details about 'object', use 'object??' for extra details.

In [1]: print('ipython')
ipython

In [2]: 

With in the ipython interactive shell you can run any python code, let us walk through some examples –


  In [1]: x=2

In [2]: x
Out[2]: 2

In [3]: mylist=[1,2,3,4,5]

In [4]: [i**3 for i in mylist]
Out[4]: [1, 8, 27, 64, 125]

In [5]: with open('/etc/hosts') as fp:
   ...:     for line in fp:
   ...:         if 'localhost' in line:
   ...:             print line
   ...:             
127.0.0.1	localhost

::1     ip6-localhost ip6-loopback


In [6]: ls /opt/
ansible/  google/  vagrant/

In [7]: 

Go back to previously typed commands / History
With ipython, you can either press the UP arrow key or type

 history 

command to view history. ipython keeps session history as well as all input and output lines in a SQLite file which is located in

~/.ipython/profile_default/history.sqlite 

You can view and modify this file using

sqlite3

tool –

daniel@lindell:/tmp$ sqlite3 ~/.ipython/profile_default/history.sqlite
SQLite version 3.11.0 2016-02-15 17:29:24
Enter ".help" for usage hints.
sqlite> .schema
CREATE TABLE sessions (session integer
                        primary key autoincrement, start timestamp,
                        end timestamp, num_cmds integer, remark text);
CREATE TABLE history
                (session integer, line integer, source text, source_raw text,
                PRIMARY KEY (session, line));
CREATE TABLE output_history
                        (session integer, line integer, output text,
                        PRIMARY KEY (session, line));
sqlite> 

Deleting sensitive data from history
You can delete any line from history by using SQL. First use SELECT statement to find the line number and then use DELETE statement to delete it. In this example, we are deleting line number 10 from the history table –

sqlite> select * from history;
sqlite> .schema history
CREATE TABLE history
                (session integer, line integer, source text, source_raw text,
                PRIMARY KEY (session, line));
sqlite> delete from history where line=10;

References –
https://ipython.org/
http://www.sqlitetutorial.net/sqlite-delete/

How to copy to a clipboard in Linux

Problem statement – You have a file with hundreds or thousands of lines and you want to copy the contents of this file and paste it to an external application, for instance to a browser.

Solution – The first attempt is to try to cat the file and scroll down with your mouse to select each line. This is time consuming or in some cases might not work if there are too many lines as some of the lines will ‘scroll out of the terminal’. One way of getting around this is to use “xclip” – a command line interface to X selections (clipboard).

In my case I wanted to copy the contents of ‘/tmp/ipaddresses.txt’ file to a browser for blogging. The file had 10000 lines. I used the following commands, first to install xclip and then to copy the file contents to a clipboard –

apt-get -y install xclip
xclip -sel cli < /tmp/ipaddresses.txt

The xclip command basically does a selection (-sel) from the file into the clipboard(-cli), where you can copy paste to any other external application.

References
https://linux.die.net/man/1/xclip

https://stackoverflow.com/questions/5130968/how-can-i-copy-the-output-of-a-command-directly-into-my-clipboard

List shared or dynamic libraries required by a program

In Linux, the

ldd

is used to find out the shared libraries or dependencies required by a program if it is a dynamic executable. ldd requires the full path to the executable as input.

For instance, the Linux ps command depends on the following shared or dynamic libraries –

[root@kauai rtc0]# ldd $(which ps)
	linux-vdso.so.1 =>  (0x00007ffeb6277000)
	libselinux.so.1 => /lib64/libselinux.so.1 (0x0000003ef6200000)
	libproc-3.2.8.so => /lib64/libproc-3.2.8.so (0x0000003ef4e00000)
	libc.so.6 => /lib64/libc.so.6 (0x0000003ef4a00000)
	libdl.so.2 => /lib64/libdl.so.2 (0x0000003ef5600000)
	/lib64/ld-linux-x86-64.so.2 (0x0000003ef4600000)

You can also use the ldd command to find out if an executable has an expected dependencies. In this case, we expect that the htpasswd, login and sshd commands depend on the crypt library as they prompt a user for a password for authentication purposes –


[root@kauai rtc0]# ldd $(which htpasswd) |grep crypt
	libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f010c8ab000)

[root@kauai rtc0]# ldd $(which login) | grep crypt
	libcrypt.so.1 => /lib64/libcrypt.so.1 (0x0000003efd200000)

[root@kauai rtc0]# ldd $(which sshd) | grep crypt
	libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007ffb0b1f2000)
	libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007ffb0a988000)
	libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007ffb0a015000)

References –

http://man7.org/linux/man-pages/man1/ldd.1.html

User administration: restricting access

1. With the chage command, an account expiration can be set. Once that date is reached, the user cannot log into the system interactively.
Let us run ‘chage’ interactively to set user’s account expiry –

[root@kauai /]# chage sshtest
Changing the aging information for sshtest
Enter the new value, or press ENTER for the default

	Minimum Password Age [0]: 
	Maximum Password Age [99999]: 
	Last Password Change (YYYY-MM-DD) [2015-11-04]: 
	Password Expiration Warning [7]: 
	Password Inactive [-1]: 
	Account Expiration Date (YYYY-MM-DD) [-1]: 2017-03-30

[root@kauai /]# chage -l sshtest
Last password change					: Nov 04, 2015
Password expires					: never
Password inactive					: never
Account expires						: Mar 30, 2017
Minimum number of days between password change		: 0
Maximum number of days between password change		: 99999
Number of days of warning before password expires	: 7

2. In addition to this, the usermod command can “lock” an account with the -L option. Say when a user is no longer with a company, the administrator may lock and expire an account with a single usermod command. The date must be given as the number of days since January 1, 1970. Setting the expiredate to 1 will immediately lock the account –

[student@serverX ~]$ sudo usermod -L -e 1 elvis

[student@serverX ~]$ sudo usermod -L elvis
[student@serverX ~]$ su - elvis
Password: elvis
su: Authentication failure

Locking the account prevents the user from authenticating with a password to the system. It is the recommended method of preventing access to an account by an employee who has left the company. If the employee returns, the account can later be unlocked with

usermod -U USERNAME

. If the account was also expired, be sure to also change the expiration date.

3. The nologin shell. Sometimes a user needs an account with a password to authenticate to a system, but does not need an interactive shell on the system.
For example, a mail server may require an account to store mail and a password for the user to authenticate with a mail client used to retrieve mail.
That user does not need to log directly into the system.

A common solution to this situation is to set the user’s login shell to /sbin/nologin. If the user attempts to log into the system directly,
the nologin “shell” will simply close the connection.

[root@serverX ~]# usermod -s /sbin/nologin student
[root@serverX ~]# su - student
Last login: Tue Feb  4 18:40:30 EST 2014 on pts/0
This account is currently not available.

References –

https://linux.die.net/man/1/chage
https://linux.die.net/man/1/chmod

Linux – run a scheduled command once

When we think of running scheduled tasks in Linux, the first tool which comes to mind to most Linux users and admins is cron. Cron is very popular and useful when you want to run a task regularly – say after a given interval, hourly, weekly or even every time the system reboots. The scheduled tasks are faithfully executed by the crond daemon based on the scheduling we set, if somehow crond missed the task because the machine was not running 24/7, then anacron takes care of it. My topic today though is about at which executes a scheduled task only ones at a later time.

1. Adding future commands interactively

Let us schedule to run a specific command 10 minutes from now, press CTRL+D once you have entered the command –

daniel@lindell:~$ at now +10 minutes
at> ps aux &> /tmp/at.log
[[PRESS CTRL+D HERE]]
job 4 at Wed Mar  1 21:24:00 2017

Now the above command ‘ps aux’ is scheduled to run 10 minutes from now, only once. We can check the pending jobs using atq command –

daniel@lindell:~$ atq
4	Wed Mar  1 21:24:00 2017 a daniel

2. Remove scheduled jobs from queue using atrm or at -r

daniel@lindell:~$ at now +1 minutes
at> ps aux > /tmp/atps.logs
at> <EOT>
job 8 at Wed Mar  1 21:25:00 2017
daniel@lindell:~$ atq
8	Wed Mar  1 21:25:00 2017 a daniel
daniel@lindell:~$ atrm 8
daniel@lindell:~$ atq
daniel@lindell:~$ 

3. Run jobs from a script or file.

In some cases the job you want to run is a script –

daniel@lindell:~$ at -f /tmp/myscript.sh 8:00 AM tomorrow
daniel@lindell:~$ atq
11	Thu Mar  2 08:00:00 2017 a daniel

4. Embed shell commands inline –

at now +10 minutes <<-EOF
if [ -d ~/pythonscripts ]; then
 find ~/pythonscripts/ -type f -iname '*.pyc' -delete
fi
EOF

5. View contents of scheduled task using ‘at -c JOBNUMBER’ :

daniel@lindell:~$ at now +10 minutes <<-EOF
> if [ -d ~/pythonscripts ]; then
>  find ~/pythonscripts/ -type f -iname '*.pyc' -delete
> fi
> EOF
job 13 at Wed Mar  1 21:51:00 2017

daniel@lindell:~$ atq
11	Thu Mar  2 08:00:00 2017 a daniel
12	Wed Mar  1 21:45:00 2017 a daniel
13	Wed Mar  1 21:51:00 2017 a daniel


daniel@lindell:~$ at -c 13
 [[ TRUNCATED ENVIRONMENTAL STUFF ]]
cd /home/daniel || {
	 echo 'Execution directory inaccessible' >&2
	 exit 1
}
if [ -d ~/pythonscripts ]; then
 find ~/pythonscripts/ -type f -iname '*.pyc' -delete
fi

In this small tutorial about at utility, we saw some of the use cases for at – especially where we had to execute a scheduled task only once. The time specification it uses is human friendly, example it supports time specs such as midnight, noon, teatime or today. Feel free to read the man pages for details.

References –

https://linux.die.net/man/1/at

How to get the original file from an RPM.

You might have accidentally deleted a configuration or binary file which was installed as part of a package OR may be you modified the original file and you want to restore the original as you didn’t take a back – this blog will help you in resolving similar issues.

The steps below are for Redhat/CentOS based Linux systems, where the package was installed using rpm or yum. The steps basically outline how to grab the rpm package, unpack and gain access to the files inside the rpm. I will demo the steps i used to recover ntp.conf –

1. Identify the package owning/containing the file –

[root@tester ~]# rpm -qf /etc/ntp.conf
ntp-4.2.6p5-1.el6.centos.x86_64

2. download the original package –
We will download the rpm package in /tmp in order to unpack it later –

[root@tester ~]# cd /tmp/
[root@tester tmp]# yumdownloader ntp-4.2.6p5-1.el6.centos.x86_64
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.aol.com
 * epel: reflector.westga.edu
 * extras: centos-distro.cavecreek.net
 * updates: lug.mtu.edu
ntp-4.2.6p5-1.el6.centos.x86_64.rpm    | 592 kB     00:00
[root@tester tmp]# ls -lh ntp-4.2.6p5-1.el6.centos.x86_64.rpm
-rw-r--r--. 1 root root 592K Mar  9 03:19 ntp-4.2.6p5-1.el6.centos.x86_64.rpm

Note – you can following the steps in this link to install yumdownloader or alternative means to download a package. For a short answer, just run ‘yum install yum-utils’ to install yumdownloader.

3. extrack RPM package –

We will use rpm2cpio to extract the RPM package and then pipe to cpio to copy the files from the archive –

[root@tester tmp]# rpm2cpio ntp-4.2.6p5-1.el6.centos.x86_64.rpm | cpio -i --make-directories
3344 blocks
[root@tester tmp]# ls
etc  ntp-4.2.6p5-1.el6.centos.x86_64.rpm  usr  var  yum_save_tx-2014-03-09-01-00h9I83Y.yumtx

4. Access the file you are looking for –

Once we extracted the rpm package, the directory structure is easy to navigate – for instance if we looking for ntp.conf, it is under etc/ntp.conf – the directory structure mirrors that of the OS –

[root@tester tmp]# ls -al etc/
total 28
drwxr-xr-x. 6 root root 4096 Mar  9 03:19 .
drwxrwxrwt. 6 root root 4096 Mar  9 03:19 ..
drwxr-xr-x. 3 root root 4096 Mar  9 03:19 dhcp
drwxr-xr-x. 3 root root 4096 Mar  9 03:19 ntp
-rw-r--r--. 1 root root 1778 Mar  9 03:19 ntp.conf
drwxr-xr-x. 3 root root 4096 Mar  9 03:19 rc.d
drwxr-xr-x. 2 root root 4096 Mar  9 03:19 sysconfig
[root@tester tmp]# ls -al etc/ntp
ntp/      ntp.conf
[root@tester tmp]# ls -al etc/ntp.conf
-rw-r--r--. 1 root root 1778 Mar  9 03:19 etc/ntp.conf

At this point, you can view the files in the original rpm and copy the ones you need. You might also find the link below that I referenced for quickly re-installing original files using

yum reinstall ntp

.

References –

https://access.redhat.com/solutions/10154
https://www.g-loaded.eu/2012/03/26/restore-original-configuration-files-from-rpm-packages/

tcpdump – how to grep or save output in real time

Tcpdump is a handy tool for capturing network packets. It will keep on capturing packets until it receives a SIGINT or SIGTERM signal, or the specified number of packets have been processed. If you have tried to pipe the output of tcpdump to a file or tried to grep it, you will notice a significant delay before you even see an output. The reason behind that is, tcpdump buffers output in 4k byte chunks and it doesn’t flush it until 4k of data is captured.

To get around the buffering, you can use ‘-l’ option to see the packets captured in real time in order to ‘grep’ or ‘tee’ output to a file. From the man page –


-l Make stdout line buffered. Useful if you want to see the data while capturing it. E.g.,
``tcpdump -l | tee dat'' or ``tcpdump -l > dat & tail -f dat''.

Send output to a file while watching the captured packets in real time –

root@linubuvma:~# tcpdump -l -i any -qn port 53 | tee -a /tmp/dnslogs
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
09:02:48.772892 IP 192.168.10.206.29185 > 192.168.10.109.53: UDP, length 33
09:02:48.773196 IP 192.168.10.206.35333 > 192.168.10.109.53: UDP, length 33
09:02:48.775062 IP 192.168.10.109.53 > 192.168.10.206.29185: UDP, length 78
09:02:48.775085 IP 192.168.10.109.53 > 192.168.10.206.35333: UDP, length 117
09:02:50.274318 IP 192.168.10.206.46983 > 192.168.10.109.53: UDP, length 33
09:02:50.274695 IP 192.168.10.206.55061 > 192.168.10.109.53: UDP, length 33
09:02:50.275531 IP 192.168.10.109.53 > 192.168.10.206.46983: UDP, length 78
09:02:50.276384 IP 192.168.10.109.53 > 192.168.10.206.55061: UDP, length 117

Grep text pattern in real time –

root@linubuvma:~# tcpdump -l -i any -vv |grep --color -i google
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
    linubuvma.home.net.34647 > ns1.home.net.domain: [bad udp cksum 0x96c1 -> 0x4797!] 34365+ A? google.com. (28)
    linubuvma.home.net.34647 > ns1.home.net.domain: [bad udp cksum 0x96c1 -> 0x9bf1!] 12744+ AAAA? google.com. (28)
    ns1.home.net.domain > linubuvma.home.net.34647: [udp sum ok] 12744 q: AAAA? google.com. 1/0/0 google.com. AAAA 2607:f8b0:4002:c07::66 (56)
    ns1.home.net.domain > linubuvma.home.net.34647: [udp sum ok] 34365 q: A? google.com. 6/0/0 google.com. A 74.125.196.139, google.com. A 74.125.196.100, google.com. A 74.125.196.101, google.com. A 74.125.196.102, google.com. A 74.125.196.113, google.com. A 74.125.196.138 (124)
173 packets captured
240 packets received by filter
0 packets dropped by kernel

References –
http://www.tcpdump.org/tcpdump_man.html
http://unix.stackexchange.com/questions/15989/how-to-process-pipe-tcpdumps-output-in-realtime

yum – dump all yum repos configuration directives

Per the man page, the yum-config-manager is “a program that can manage main yum configuration options, toggle which repositories are enabled or disabled, and add new repositories.” The details on how to use the command is in the Official Redhat documentation.

One feature that the man page does not list is how you can use the yum-config-manager to display the yum repo configuration sections/directives and options. Not only can you use it to just show the configuration in your system, but it can also help you with displaying all the options supported by yum configuration. It might be useful for scripting as well.

Installation – identify the package name:

yum whatprovides */yum-config-manager

Install package –

yum install yum-utils

Once the package is installed, the command yum-config-manager should be available –

[root@kauai /tmp]# which yum-config-manager
/usr/bin/yum-config-manager

Running yum-config-manager will dump a list of all repositories in the server, and for each repository it will list all directives, including the hidden ones.

Below is just a the truncated version of the output, the output is much more longer depending on the number of yum repositories in your system –

[root@kauai /tmp]# yum-config-manager
===================================== main =====================================
[main]
alwaysprompt = True
assumeno = False
assumeyes = False
bandwidth = 0
bugtracker_url = http://bugs.centos.org/set_project.php?project_id=19&ref=http://bugs.centos.org/bug_report_page.php?category=yum
cache = 0
cachedir = /var/cache/yum/x86_64/6
clean_requirements_on_remove = False
color = auto
color_list_available_downgrade = dim,cyan
color_list_available_install = normal
color_list_available_reinstall = bold,underline,green
color_list_available_upgrade = bold,blue
color_list_installed_extra = bold,red
color_list_installed_newer = bold,yellow
color_list_installed_older = bold
color_list_installed_reinstall = normal
color_search_match = bold
color_update_installed = normal
color_update_local = bold
color_update_remote = normal
commands = 
debuglevel = 2
depsolve_loop_limit = 100
diskspacecheck = True
distroverpkg = centos-release
downloaddir = 
downloadonly = 
enable_group_conditionals = True
enabled = True
enablegroups = True
errorlevel = 2
exactarch = True
exactarchlist = 
exclude = 
exit_on_lock = False
failovermethod = priority
ftp_disable_epsv = False
gaftonmode = False
gpgcheck = True
group_package_types = mandatory,
   default
groupremove_leaf_only = False
history_list_view = users
history_record = True
history_record_packages = yum,
   rpm
http_caching = all
installonly_limit = 5
installonlypkgs = kernel,
   kernel-bigmem,
   installonlypkg(kernel-module),
   installonlypkg(vm),
   kernel-enterprise,
   kernel-smp,
   kernel-debug,
   kernel-unsupported,
   kernel-source,
   kernel-devel,
   kernel-PAE,
   kernel-PAE-debug
installroot = /
keepalive = True
keepcache = False
kernelpkgnames = kernel,
   kernel-smp,
   kernel-enterprise,
   kernel-bigmem,
   kernel-BOOT,
   kernel-PAE,
   kernel-PAE-debug
loadts_ignoremissing = False
loadts_ignorerpm = False
localpkg_gpgcheck = False
logfile = /var/log/yum.log
mdpolicy = group:primary
metadata_expire = 21600
mirrorlist_expire = 86400
multilib_policy = best
obsoletes = True
overwrite_groups = False
password = 
persistdir = /var/lib/yum
pluginconfpath = /etc/yum/pluginconf.d
pluginpath = /usr/share/yum-plugins,
   /usr/lib/yum-plugins
plugins = True
progess_obj = 
protected_multilib = True
protected_packages = yum
proxy = False
proxy_password = 
proxy_username = 
query_install_excludes = False
recent = 7
recheck_installed_requires = True
repo_gpgcheck = False
reposdir = /etc/yum/repos.d,
   /etc/yum.repos.d
reset_nice = True
retries = 10
rpm_check_debug = True
rpmverbosity = info
showdupesfromrepos = False
skip_broken = False
ssl_check_cert_permissions = True
sslcacert = 
sslclientcert = 
sslclientkey = 
sslverify = True
syslog_device = /dev/log
syslog_facility = LOG_USER
syslog_ident = 
throttle = 0
timeout = 30.0
tolerant = True
tsflags = 
username = 
================================== repo: base ==================================
[base]
bandwidth = 0
base_persistdir = /var/lib/yum/repos/x86_64/6
baseurl = 
cache = 0
cachedir = /var/cache/yum/x86_64/6/base
cost = 1000
enabled = True
enablegroups = True
exclude = 
failovermethod = priority
ftp_disable_epsv = False
gpgcadir = /var/lib/yum/repos/x86_64/6/base/gpgcadir
gpgcakey = 
gpgcheck = True
gpgdir = /var/lib/yum/repos/x86_64/6/base/gpgdir
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
hdrdir = /var/cache/yum/x86_64/6/base/headers
http_caching = all
includepkgs = 
keepalive = True
mdpolicy = group:primary
mediaid = 
metadata_expire = 21600
metalink = 
mirrorlist = http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os&infra=stock
mirrorlist_expire = 86400
name = CentOS-6 - Base
old_base_cache_dir = 
password = 
persistdir = /var/lib/yum/repos/x86_64/6/base
pkgdir = /var/cache/yum/x86_64/6/base/packages
proxy = False
proxy_dict = 
proxy_password = 
proxy_username = 
repo_gpgcheck = False
retries = 10
skip_if_unavailable = False
ssl_check_cert_permissions = True
sslcacert = 
sslclientcert = 
sslclientkey = 
sslverify = True
throttle = 0
timeout = 30.0
username = 

References –

Redhat official documentation