本文介绍了一系列实用的Linux命令操作案例,包括用户管理、文件搜索、权限设置等方面,展示了如何通过组合命令解决实际问题。
1、显示当前系统上root、fedora或user1用户的默认shell;
[root@client ~]# cut -d: -f1,7 /etc/passwd | grep -E "^root|fedora|user1" root:/bin/bash user1:/bin/bash fedora:/bin/bash
2、找出/etc/rc.d/init.d/functions文件中某单词后面跟一组小括号的行,形如:hello();
[root@client ~]# grep -Eo "\<[[:alpha:]]*\>\(\){1}" /etc/rc.d/init.d/functions
checkpid()
daemon()
killproc()
pidfileofproc()
pidofproc()
status()
success()
failure()
passed()
warning()
action()
strstr()
confirm()3、使用echo命令输出一个绝对路径,使用grep取出其基名;
扩展:取出其路径名
[root@client ~]# echo "/etc/sysconfig/network/" | grep -Eo "[^/]+/?$" | cut -d"/" -f1 network [root@client ~]# echo "/etc/sysconfig/network/" | grep -Eo ".*/\<" | grep -Eo ".*[^/]\>" /etc/sysconfig [root@client ~]# basename /etc/sysconfig/network/ #basename为用于查询基名的变量 network [root@client ~]# dirname /etc/sysconfig/network/ #dirname为用于查询目录名的变量 /etc/sysconfig
4、找出ifconfig命令结果中的1-255之间数字;
[root@client ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:C6:4F:C7 inet addr:192.168.137.3 Bcast:192.168.137.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fec6:4fc7/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:80200 errors:0 dropped:0 overruns:0 frame:0 TX packets:29442 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:6254115 (5.9 MiB) TX bytes:7232687 (6.8 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:4940 errors:0 dropped:0 overruns:0 frame:0 TX packets:4940 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:393440 (384.2 KiB) TX bytes:393440 (384.2 KiB) [root@client ~]# ifconfig | grep -Eo "\<([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-5][0-5])\>" 29 192 168 137 3 192 168 137 255 255 255 255 64 1 5 9 6 9 127 1 255 1 128 1 2 2
5、挑战题:写一个模式,能匹配合理的IP地址;
[root@client ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:C6:4F:C7
inet addr:192.168.137.3 Bcast:192.168.137.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec6:4fc7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:84187 errors:0 dropped:0 overruns:0 frame:0
TX packets:32193 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6636499 (6.3 MiB) TX bytes:7613847 (7.2 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:5020 errors:0 dropped:0 overruns:0 frame:0
TX packets:5020 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:399752 (390.3 KiB) TX bytes:399752 (390.3 KiB)
[root@client ~]# ifconfig | grep -Eo "(\<([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-5][0-5])\>\.){3}\<([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-5][0-5])\>"
192.168.137.3
192.168.137.255
255.255.255.0
127.0.0.1
255.0.0.06、挑战题:写一个模式,能匹配出所有的邮件地址;
[root@client ~]# grep -E "(^([[:alnum:]]))([[:alnum:]]|[_]|[-])*@([[:alnum:]]|[-]|[_])+\.[[:alpha:]]{2,}" mailaddress.txt #目前域名后缀最少应该有2位,比如cn、la等
516xt546@qq.com
jx@lc-jxgg.com
yangqing_0221@126.com
cs-nina@hot_mai.com
cf@cfcoppe-r.com7、查找/var目录下属主为root,且属组为mail的所有文件或目录;
[root@client ~]# find /var/ \( -user root -a -group mail \) -a \( -type f -o -type d \) /var/spool/mail
8、查找当前系统上没有属主或属组的文件;
进一步:查找当前系统上没有属主或属组,且最近3天内曾被访问过的文件或目录;
[root@client proc]# #当前系统上没有属主或属组的文件 [root@client proc]# find / /proc/ -prune -nogroup -nouser [root@client proc]# #当前系统中不含无属主或属组的文件,使用/proc/ -prune的原因是因为/proc是一个伪文件系统,只存在于内存中 [root@client proc]# find / /proc/ -prune \( -nouser -o -nogroup \) -a \( -type f -o -type d \) -a -atime -3 [root@client proc]# #同上 eg: [root@client proc]# find / -path "/proc" -prune \( -nouser -o -nogroup \) -a \( -type f -o -type d \) -a -atime 3 [root@client proc]# find / /proc/ -prune -nogroup -nouser [root@client proc]# find / -path "/proc" -prune -nogroup -nouser
9、查找/etc目录下所有用户都有写权限的文件;
[root@client proc]# find /etc/ -perm -222 #文件过多 截取部分 /etc/udev/rules.d/80-net-name-slot.rules /etc/udev/rules.d/75-persistent-net-generator.rules /etc/udev/rules.d/70-persistent-net.rules /etc/rc1.d /etc/sysctl.d/99-sysctl.conf /etc/pam.d/postlogin /etc/pam.d/fingerprint-auth /etc/pam.d/smtp /etc/pam.d/smartcard-auth /etc/pam.d/system-auth /etc/pam.d/password-auth /etc/redhat-release
10、查找/etc目录下大于1M,且类型为普通文件的所有文件;
[root@client proc]# [root@client proc]# find /etc/ -size +1M -type f /etc/udev/hwdb.bin /etc/selinux/targeted/contexts/files/file_contexts.bin /etc/selinux/targeted/policy/policy.29 /etc/betabeta/etc/udev/hwdb.bin /etc/betabeta/etc/selinux/targeted/contexts/files/file_contexts.bin /etc/betabeta/etc/selinux/targeted/policy/policy.29 /etc/yum.repos.d/man-pages-zh-CN-1.5.2-4.el7.noarch.rpm
11、查找/etc/init.d/目录下,所有用户都有执行权限,且其它用户有写权限的文件;
[root@client ~]# find /etc/init.d/ -perm -111 -a -perm -002
12、查找/usr目录下不属于root、bin或hadoop的文件;
[root@client ~]# find /usr/ -not \( -user root -o -user bin -o -user hadoop \) /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache
13、查找/etc/目录下至少有一类用户没有写权限的文件;
[root@client ~]# find /etc/ -not -perm -222 #文件过多 截取部分 /etc/selinux/targeted/modules/active/modules/openvswitch.pp /etc/selinux/targeted/modules/active/modules/kdump.pp /etc/selinux/targeted/modules/active/modules/l2tpd.pp /etc/selinux/targeted/modules/active/modules/mysql.pp /etc/selinux/targeted/modules/active/modules/sensord.pp /etc/selinux/targeted/modules/active/modules/xen.pp /etc/selinux/targeted/modules/active/modules/canna.pp /etc/selinux/targeted/modules/active/modules/dcc.pp /etc/selinux/targeted/modules/active/modules/rhnsd.pp /etc/selinux/targeted/modules/active/modules/drbd.pp /etc/selinux/targeted/modules/active/modules/privoxy.pp
14、查找/etc目录下最近一周内其内容被修改过,且不属于root或hadoop的文件;
[root@client ~]# find /etc/ -mtime -7 -not \( -user root -o -user hadoop \)
转载于:https://blog.51cto.com/guomai/1846174
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
