:%s/^M//g


or


:set ff=unix


MTU: Maximum Transfer Unit. It is calculated in bytes. For example, commonly for ethernet devices the MTU is set to 1500.

MTU is set in the device configuration settings for Ethernet, Token ring etc.

==
In computer networking, the term Maximum Transmission Unit (MTU) refers to the size (in bytes) of the largest packet that a given layer of a communications protocol can pass onwards. MTU parameters usually appear in association with a communications interface (NIC, serial port, etc.). The mtu may be required by standards (as is the case with Ethernet) or decided at connect time (as is usually the case with point-point serial links. A higher MTU brings higher bandwidth efficiency. However large packets can block up a slow interface for some time, increasing the lag on other packets. For example a 1500 byte packet, the largest allowed on an Ethernet, will block up a 14.4k modem for about one second.

Source: http://en.wikipedia.org/wiki/Maximum_transmission_unit
==

In computer sciece:

2^10 = 1,024

* the digital approximation of the kilo-, or 1,000 multiplier, which causes a change of prefix. For example: 1,024 bytes = 1 kilobyte (or kibibyte).
* This number has no special significance to computers, but is important to humans because we make use of powers of ten.

Source: http://en.wikipedia.org/wiki/Power_of_two

Here it is:

tcpdump tcp[13] == 2

Here, tcp[13] contains the value of the 13th octet in the TCP header. And, to match only SYN packets, this value must be equal to 2 when interpreted as a 8-bit unsigned integer in network byte order.

Follow-up question: what would be the tcpdump format to see both SYN and ACK packets (but not SYN-ACK)?
Answer:

tcpdump ‘tcp[13] & 2 == 2′

To see only SYN and ACK packet (& not SYN-ACK packets) we will have to logically AND the value for the 13th octet. As it is entioned in the man pages of tcpdump:

In order to achieve our goal, we need to logically AND the binary value of octet 13 with some other value to pre‐
serve the SYN bit. We know that we want SYN to be set in any case, so we’ll logically AND the value in the 13th
octet with the binary value of a SYN:

00010010 SYN-ACK 00000010 SYN
AND 00000010 (we want SYN) AND 00000010 (we want SYN)
——– ——–
= 00000010 = 00000010

We see that this AND operation delivers the same result regardless whether ACK or another TCP control bit is set.
The decimal representation of the AND value as well as the result of this operation is 2 (binary 00000010), so we
know that for packets with SYN set the following relation must hold true:

( ( value of octet 13 ) AND ( 2 ) ) == ( 2 )

This points us to the tcpdump filter expression
tcpdump -i xl0 ’tcp[13] & 2 == 2’

Here is the command:

tcpdump ‘icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply’

To turn off bell:

xset -b b off

To turn it back on:

xset -b b

Two ways: using ‘expr’ or ${#variable}. Example:

zia@lappy:~$ string=supercalifragilisticexpialidocious
zia@lappy:~$ echo ${#string}
34
zia@lappy:~$ expr length $string
34
zia@lappy:~$ expr “$string” : ‘.*’
34
zia@lappy:~$ expr match “$string” ‘.*’
34

Source: http://www.tldp.org/LDP/abs/html/string-manipulation.html

Source: http://www.tldp.org/LDP/abs/html/special-chars.html

Mostly in linux:

route -rn

Almost all *nix:

netsat -rn

Single quote: variables ($), backticks (“) & backslash (\) are not treated specially in single quote.
Example:

zia@lappy:~$ echo ‘$(ls -al t*)’
$(ls -al t*)
zia@lappy:~$ echo ‘`ls -lah t*`’
`ls -lah t*`
zia@lappy:~$ echo ‘`ls -lah t*` \”‘
`ls -lah t*` \”

Synopsis: with single-quote, the special characters (i.e. $, “, \ etc.) are not treated specially, they are treated literally.

Double quote: variables ($), backticks (“) & backslash (\) are treated specially or interpreted other than its literal meaning.
For example:

zia@lappy:~$ echo “$(ls -al t*)”
-rwxr-xr-x 1 zia zia 449 2006-05-03 17:07 t
-rw-r–r– 1 root root 3365 2006-03-24 12:31 target.xml
zia@lappy:~$ echo “`ls -lah t*`”
-rwxr-xr-x 1 zia zia 449 2006-05-03 17:07 t
-rw-r–r– 1 root root 3.3K 2006-03-24 12:31 target.xml
zia@lappy:~$ echo “`ls -lah t*` \”"
-rwxr-xr-x 1 zia zia 449 2006-05-03 17:07 t
-rw-r–r– 1 root root 3.3K 2006-03-24 12:31 target.xml “

Synopsis: with double quote (”"), the special characters do exactly what they are supposed to do.

A process becomes a zombie when it’s parent exits without calling wait().

Followup:
Only when the parent-process is dead, then the orphaned child-processes, zombies or not, are adopted by init. The analogy seems to be that you can adopt an orphan but not a child that has a living parent. The processes that init thus adopts will run happily until their own exit(2).

RAID 0 = striped set (no parity)
RAID 1 = mirror
RAID 5 = striped set with parity
RAID 0+1 = mirror of striped set.
RAID 1+0 = stripe of mirrors.
(Extra: RAID 10+0 = striped stripe of mirrors)

RAID 0:
A RAID 0 (also known as a striped set) splits data evenly across two or more disks with no parity information for redundancy. It is important to note that RAID 0 was not one of the original RAID levels, and is not redundant. RAID 0 is normally used to increase performance.

A RAID 0 can be created with disks of differing sizes, but the storage space added to the array by each disk is limited to the size of the smallest disk—for example, if a 120 GB disk is striped together with a 100 GB disk, the size of the array will be 200 GB.

Although RAID 0 was not specified in the original RAID paper, an idealized implementation of RAID 0 would split I/O operations into equal-sized blocks and spread them evenly across two disks. When a drive fails the file system cannot cope with such a large loss of data and coherency since the data is “striped” across all drives. Data can be recovered using special tools. However, it will be incomplete and most likely corrupt.

RAID 0 is useful for setups such as large read-only NFS servers where mounting many disks is time-consuming or impossible and redundancy is irrelevant. Another use is where the number of disks is limited by the operating system. In Microsoft Windows, the number of drive letters for hard disk drives may be limited to 24, so RAID 0 is a popular way to use more disks. It is also a popular choice for gaming systems where performance is desired, data integrity is not very important, but cost is a consideration to most users. However, since data is shared between drives without redundancy, hard drives cannot be swapped out as all disks are dependent upon each other.

RAID 1:
A RAID 1 creates an exact copy (or mirror) of a set of data on two or more disks. This is useful when read performance is more important than data capacity. Such an array can only be as big as the smallest member disk. A classic RAID 1 mirrored pair contains two disks, which increases reliability exponentially over a single disk.

RAID 1 has many administrative advantages. For instance, in some 365*24 environments, it is possible to “Split the Mirror”: declare one disk as inactive, do a backup of that disk, and then “rebuild” the mirror. This requires that the application support recovery from the image of data on the disk at the point of the mirror split. This procedure is less critical in the presence of the “snapshot” feature of some filesystems, in which some space is reserved for changes, presenting a static point-in-time view of the filesystem. Alternatively, a set of disks can be kept in much the same way as traditional backup tapes are.

RAID 5:
A RAID 5 uses block-level striping with parity data distributed across all member disks. RAID 5 has achieved popularity due to its low cost of redundancy. Generally RAID 5 is implemented with hardware support for parity calculations.

Every time a block is written to a disk in a RAID 5, a parity block is generated within the same stripe. A block is often composed of many consecutive sectors on a disk. A series of blocks (a block from each of the disks in an array) is collectively called a “stripe”. If another block, or some portion of a block, is written on that same stripe the parity block (or some portion of the parity block) is recalculated and rewritten. For small writes, this requires reading the old data, writing the new parity, and writing the new data. The disk used for the parity block is staggered from one stripe to the next, hence the term “distributed parity blocks”. RAID 5 writes are expensive in terms of disk operations and traffic between the disks and the controller.

The parity blocks are not read on data reads, since this would be unnecessary overhead and would diminish performance. The parity blocks are read, however, when a read of a data sector results in a cyclic redundancy check (CRC) error. In this case, the sector in the same relative position within each of the remaining data blocks in the stripe and within the parity block in the stripe are used to reconstruct the errant sector. The CRC error is thus hidden from the main computer. Likewise, should a disk fail in the array, the parity blocks from the surviving disks are combined mathematically with the data blocks from the surviving disks to reconstruct the data on the failed drive “on the fly”.

RAID 0+1:
A RAID 0+1 (also called RAID 01, though it shouldn’t be confused with RAID 10) is a RAID used for both replicating and sharing data among disks.

RAID 1+0:
A RAID 10, sometimes called RAID 1+0, or RAID 1&0, is similar to a RAID 0+1 with exception that the RAID levels used are reversed—RAID 10 is a stripe of mirrors.

Difference between RAID 0+1 & RAID 1+0:
The difference between RAID 0+1 and RAID 1+0 is the location of each RAID system. RAID 0+1 is not as robust as RAID 1+0 and cannot tolerate two simultaneous disk failures, if not from the same stripe.

Source: http://en.wikipedia.org/wiki/Redundant_array_of_independent_disks

use named pipes in bash, i.e.:
# diff <(process one) <(process two)

1. disk seek,
2. write to pci bus,
3. read from main memory,
4. read cpu register

atime, ctime, and mtime. The atime is the access time, i.e. the last time the file was read. ctime seems like it should be the creation time, but it isn’t. In fact, there is no way to determine when a file was created in Unix. ctime stands for change time, and it is a record of the last time the file’s inode was changed. This happens for example when the permissions or ownership on the file are modified.
Finally, the mtime is the time the file was modified, i.e. when the actual file was written to.

“$*” : All the positional parameters (as a single word) [Must be quoted, otherwise it defaults to “$@”]
“$@” : All the positional parameters (as separate strings)

The $@ and $* parameters differ only when between double quotes.

Source: http://www.tldp.org/LDP/abs/html/internalvariables.html#APPREF

In the $? variable.

For example:

zia@lappy:~$ find . -name something-that-cant-be-found
zia@lappy:~$ echo $?
1

If the sticky bit is set on a directory, then files in that directory may only be deleted if the user is:
· the owner of the directory
· the owner of the file
· root (superuser)

From ‘man chmod’:

STICKY DIRECTORIES
When the sticky bit is set on a directory, files in that directory may be unlinked or renamed only by root or their owner. Without the sticky bit, anyone able to write to the directory can delete or rename files. The sticky bit is commonly found on directories, such as /tmp, that are world-writable.

Follow-up question 1: what effect does the sticky bit has on files?
Answer, from ‘man chmod’:

STICKY FILES
On older Unix systems, the sticky bit caused executable files to be hoarded in swap space. This feature is not useful on modern VM systems, and the Linux kernel ignores the sticky bit on files. Other kernels may use the sticky bit on files for system-defined purposes. On some systems, only the superuser can set the sticky bit on files.

Follow-up question 2: how do you find out whether a directory or file is set with sticky bit or not?
Answer:

‘ls -l’ for files and ‘ls -ld’ will show the sticky bit (’t') on the permissions column:
for directories:
zia@lappy:/$ ls -ld /tmp
drwxrwxrwt 16 root root 4096 2006-05-15 10:30 /tmp
————^ < == the 't' denotes the sticky bit
for files:
if the file is not excutable:
zia@lappy:/tmp$ l temp
-rw-r--r-T 1 zia zia 0 2006-05-15 10:21 temp
----------^ <== 'T', the capital T denotes that sticky bit is set for the file and it is not a executable file.

zia@lappy:/tmp$ l temp
-rwxr-xr-t 1 zia zia 0 2006-05-15 10:21 temp
----------^ <== 't' denotes that sticky bit set for this file and its excutable.

Follow-up question 3: what are the commands to set the sticky bit in a directory or file?
Answer:

‘chmod +t’ - to add the sticky bit to existing file or directory.

To set the sicky bit with numeric modes:

if the directory has ‘755′, ‘chmod 1755′ & if the file has ‘644′, then ‘chmod 1644′ etc.

AWK is a general purpose computer language that is designed for processing text-based data, either in files or data streams.

AWK is an example of a programming language that extensively uses the string datatype, associative arrays (that is, arrays indexed by key strings), and regular expressions.

Source: http://en.wikipedia.org/wiki/Awk

SED (which stands for Stream EDitor) is a simple but powerful computer program used to apply various pre-specified textual transformations to a sequential stream of text data.

It reads input files line by line, edits each line according to rules specified in its simple language (the sed script), and then outputs the line.

Source: http://en.wikipedia.org/wiki/Sed

A “hard link” is another name for an existing file; the link and the
original are indistinguishable. Technically speaking, they share the
same inode, and the inode contains all the information about a
file–indeed, it is not incorrect to say that the inode _is_ the file.
On all existing implementations, you cannot make a hard link to a
directory, and hard links cannot cross filesystem boundaries.

“Symbolic links” (”symlinks” for short), on the other hand, are a
special file type (which not all kernels support: System V release 3
(and older) systems lack symlinks) in which the link file actually
refers to a different file, by name. When most operations (opening,
reading, writing, and so on) are passed the symbolic link file, the
kernel automatically “dereferences” the link and operates on the target
of the link. But some operations (e.g., removing) work on the link
file itself, rather than on its target.

The ext2 or second extended file system is a file system for the Linux kernel. It is fast enough that it is used as the benchmarking standard. Its main drawback is that it is not a journaling file system. Its successor, ext3, is a journaling file system and is almost completely compatible with ext2. ext2 was the default filesystem in the Red Hat Linux, Fedora Core and Debian Linux distributions until supplanted more recently by ext3.

Follow-up Question: What is journaling?
Answer: A journaling file system is a file system that logs changes to a journal (usually a circular log in a specially-allocated area) before actually writing them to the main file system.

From Wikipedia:

umask (abbreviated from user file creation mode mask) is a function on POSIX environments which sets the default file system mode for newly created files of the current process. The umask value can be interpreted in two ways: (note that umasks must always be calculated in octal)

- as a result of the bitwise exclusive OR operation of the argument and the full access mode 777.

- as a result of the bitwise AND of the unary complement of the argument (using bitwise NOT) and the full access mode 777.

Most Unix shells provide an umask command which affects all child processes executed in this shell.

From linux man pages:

umask [-p] [-S] [mode]
The user file-creation mask is set to mode. If mode begins with a digit, it is interpreted as an octal number; otherwise it is interpreted as a symbolic mode mask similar to that accepted by chmod(1). If mode is omitted, the current value of the mask is printed. The -S option causes the mask to be printed in sym‐bolic form; the default output is an octal number. If the -p option is supplied, and mode is omitted, the output is in a form that may be reused as input. The return status is 0 if the mode was successfully changed or if no mode argument was supplied, and false otherwise.
Note: umask is a shell built-in.

For example, if umask is set to ‘022′ (default for linux), then:

the umask value masks the permissions value of 666 for a file and 777 for a direc-
tor y. The umask value of 022 results in permission for a directory of 755 (rwxr-xr-x).
That same umask results in a file permission of 644 (rw-r–r–). (Execute permissions
are off by default for regular files.)

RELATED Question: Why Can’t I Create a File That Is Executable by Default?

Answer:
Within UNIX, system calls have base permissions (sometimes referred to as “default permissions”) with which to create new files and directories. For directories the base permissions are (octal) 777 (rwxrwxrwx), and for files they are 666 (rw-rw-rw). Before creating the file or directory, the base permissions are compared to a mask (the umask set by the umask command) that will “mask out” permission bits to determine the final permissions for the object being created. The calculation to determine the final permissions is to take the binary of the base permissions and perform a logical AND operation on the ones complement representation of the binary umask.

Just for fun, here is an example for creating a file with a umask of 022: The binary representation for octal 022 is 000010010. The ones complement simply inverts the numbers to make zeros equal ones and ones equal zeros, resulting in 111101101. Now if you perform a logical AND with the base permissions of 666 (binary 110110110) you end up with 644 (binary 110100100), as in the following example:

110110110 base permissions of 666
111101101 ones complement of a umask of 022
——— perform logical AND, two 1s equal 1,
everything else equals 0
110100100 This converts to octal 644 which is rw-r–r–

Source: Sun BigAdmin.

That would be:

root@lappy:~# !!

Works in every OS if you are in bash.

That would be , press ESC and then ?. for example:

root@lappy:~# echo $(ESC+?)

will show all shell variables.

Typically an inode would have the following attributes:
* The length of the file in bytes.
* Device ID (this identifies the device containing the file).
* The User ID of the file’s owner.
* The Group ID of the file.
* An inode number that identifies the file within the filesystem.
* The file mode, which determines what users can read, write, and execute the file.
* Timestamps telling when the inode itself was last changed (ctime), the file content last modified (mtime), and last accessed (atime).
* A reference count telling how many hard links point to the inode

Follow-up question: What command or system call would you use to see all the inode info for a given filename with full pathname?
Answer:
For Linux:
~~~~~~~~
zia@lappy:~$ stat ~/.bash_history
File: `/home/zia/.bash_history’
Size: 10090 Blocks: 24 IO Block: 4096 regular file
Device: 301h/769d Inode: 588722 Links: 1
Access: (0600/-rw——-) Uid: ( 1000/ zia) Gid: ( 1000/ zia)
Access: 2006-04-13 17:04:03.000000000 +0800
Modify: 2006-04-13 16:16:34.000000000 +0800
Change: 2006-04-13 16:16:34.000000000 +0800

For FreeBSD:
~~~~~~~~~~
[root@zia root]# stat ~/.bash_history
88 2003802 -rw——- 1 root wheel 8000484 6624 “Apr 13 17:01:31 2006″ “Apr 13 02:28:11 2006″ “Apr 13 02:28:11 2006″ “Apr 13 17:09:24 2006″ 4096 16 0 /root/.bash_history

or to output in linux format:

[root@zia root]# stat -x ~/.bash_history
File: “/root/.bash_history”
Size: 6942 FileType: Regular File
Mode: (0600/-rw——-) Uid: ( 0/ root) Gid: ( 0/ wheel)
Device: 0,88 Inode: 2003802 Links: 1
Access: Thu Apr 13 17:09:23 2006
Modify: Thu Apr 13 17:09:24 2006
Change: Thu Apr 13 17:09:24 2006

An inode or i-node is a data structure on a traditional Unix-style file system such as ext2. An inode stores basic information about a regular file, directory, or other file system object.

From the “Kernel Hacker’s Guide (KHG)”:
Each file is represented by a structure, called an inode. Each inode contains the description of the file: file type, access rights, owners, timestamps, size, pointers to data blocks. The addresses of data blocks allocated to a file are stored in its inode. When a user requests an I/O operation on the file, the kernel code converts the current offset to a block number, uses this number as an index in the block addresses table and reads or writes the physical block.

Follow-up question: what key piece of information about a file is not stored in the inode?
Answer: filename - that is stored in the directory.

Followup of above follow-up: what are directories then?
Answer: Directories are implemented as a special type of files. Actually, a directory is a file containing a list of entries. Each entry contains an inode number and a file name. When a process uses a pathname, the kernel code searchs in the directories to find the corresponding inode number. After the name has been converted to an inode number, the inode is loaded into memory and is used by subsequent requests. (From KHG)

The setting is in /proc/sys/net/ipv4/conf/all/log_martians:

# cat /proc/sys/net/ipv4/conf/all/log_martians
0

If its ‘0′ (like above), then you can do the following:

echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
echo "net.ipv4.conf.all.log_martians = 1" > /etc/sysctl.conf


The entry to /etc/sysctl.conf is to make this setting permanent.

Using the grub-md5-crypt command.

# grub-md5-crypt
Password:
Retype password:
$1$H6xjQ1$BCFaBjWyEF9KX2rRhhu/p/


The following command will suffice in most Unix, including FreeBSD & Solaris:

tr '\\' '/'

To find files:

/usr/bin/find / -type f \( -perm -2 -o -perm -20 \) -exec ls -la {} \;

To find direectories:

/usr/bin/find / -type d \( -perm -2 -o -perm -20 \) -exec ls -la {} \;

/usr/bin/find / -type f \( -perm -004000 -o -perm -002000 \) -exec ls -la {} \;

Linux:

route -n

or

netstat -rn

FreeBSD/Solaris:

netstat -rn

Source: me.

NAME
mkswap - set up a Linux swap area

SYNOPSIS
mkswap [-c] [-vN] [-f] [-p PSZ] [-L label] device [size]

DESCRIPTION
mkswap sets up a Linux swap area on a device or in a file.

(After creating the swap area, you need the swapon command to start using it. Usually swap areas are listed in /etc/fstab so that they can be taken into use at boot time by a swapon -a command in some boot script.)

The device argument will usually be a disk partition (something like /dev/hda4 or /dev/sdb7) but can also be a file. The Linux kernel does not look at partition Id’s, but many installation scripts will assume that partitions of hex type 82 (LINUX_SWAP) are meant to be swap partitions. (Warning: Solaris also uses this type. Be careful not to kill your Solaris partitions.)

The size parameter is superfluous but retained for backwards compatibility. (It specifies the desired size of the swap area in 1024-byte blocks. mkswap will use the entire partition or file if it is omitted. Specifying it is unwise - a typo may destroy your disk.)

Source: man mkswap (Linux)

Nslookup is a program to query Internet domain name servers. Nslookup has two modes: interactive and non-interac‐tive. Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain. Non-interactive mode is used to print just the name and requested information for a host or domain.

Source: man nslookup.

The Domain Name System or Domain Name Server (DNS) is a system that stores information associated with domain names in a distributed database on networks, such as the Internet. The domain name system (Domain Name Server) associates many types of information with domain names, but most importantly, it provides the IP address associated with the domain name. It also lists mail exchange servers accepting e-mail for each domain. In providing a worldwide keyword-based redirection service, DNS is an essential component of contemporary Internet use.

Source: http://en.wikipedia.org/wiki/Domain_Name_System

TCP(Transmission Control Protocol). TCP is a connection-oriented protocol, a connection can be made from client to server, and from then on any data can be sent along that connection.

TCP is:
* Reliable - when you send a message along a TCP socket, you know it will get there unless the connection fails completely. If it gets lost along the way, the server will re-request the lost part. This means complete integrity, things don’t get corrupted.
* Ordered - if you send two messages along a connection, one after the other, you know the first message will get there first. You don’t have to worry about data arriving in the wrong order.
* Heavyweight - when the low level parts of the TCP “stream” arrive in the wrong order, resend requests have to be sent, and all the out of sequence parts have to be put back together, so requires a bit of work to piece together.

# UDP(User Datagram Protocol). A simpler message-based connectionless protocol. With UDP you send messages(packets) across the network in chunks.

* Unreliable - When you send a message, you don’t know if it’ll get there, it could get lost on the way.
* Not ordered - If you send two messages out, you don’t know what order they’ll arrive in.
* Lightweight - No ordering of messages, no tracking connections, etc. It’s just fire and forget! This means it’s a lot quicker, and the network card / OS have to do very little work to translate the data back from the packets.

Source: http://tunnel.mrq3.com/explain/node2.html

Files with the SUID or SGID bit set execute with privileges of the owning user or group and not the user executing the file. Normally these bits are used on files that must run as root in order to do what they do. These files can lead to local root compromises (if they contain security holes).

Source: http://www.gentoo.org/doc/en/security/security-handbook.xml?full=1

Follow-up question: What is SUID and SGID?

SUID stands for Set User ID. This means that if the SUID bit is set for any application then your user ID would be set as that of the owner of application/file rather than the current user, while running that application. That means in case I have an application whose owner is ‘ root ‘ and it has its SUID bit set, then when I run this application as a normal user, that application would still run as root. Since the SUID bit tells Linux that the the User ID root is set for this application and whenever this application executes it must execute as if root was executing it (since root owns this file).

Just like SUID, setting the SGID bit for a file sets your group ID to the file’s group while the file is executing. IT is really useful in case you have a real multi-user setup where users access each others files. As a single homeuser I haven’t really found a lot of use for SGID. But the basic concept is the same as the SUID, the files whose SGID bit are set would be used as if they belong to that group rather than to that user alone.

From Gentoo Security doc:
Files with the SUID or SGID bit set execute with privileges of the owning user or group and not the user executing the file. Normally these bits are used on files that must run as root in order to do what they do. These files can lead to local root compromises (if they contain security holes). This is dangerous and files with the SUID or SGID bits set should be avoided at any cost.

The man page for fsck reads:

FSCK(8) FreeBSD System Manager’s Manual FSCK(8)

NAME
fsck — file system consistency check and interactive repair

But linux says:

FSCK(8) FSCK(8)

NAME
fsck - check and repair a Linux file system

SYNOPSIS
fsck [ -sAVRTNP ] [ -C [ fd ] ] [ -t fstype ] [filesys … ] [–] [ fs-specific-options ]

DESCRIPTION
fsck is used to check and optionally repair one or more Linux file systems. filesys can be a device name (e.g. /dev/hdc1, /dev/sdb2), a mount point (e.g. /, /usr, /home), or an ext2 label or UUID specifier (e.g. UUID=8868abf6-88c5-4a83-98b8-bfc24057f7bd or LABEL=root). Normally, the fsck program will try to handle filesys‐tems on different physical disk drives in parallel to reduce the total amount of time needed to check all of the filesystems.

I guess the answer is ‘fsck’.

It becomes a zombie.

A zombie process is one that already has terminated via an exit() system call or uncaught signal. In order for it to “go away” (be removed from the process table, its parent must do a wait() system call or one of its variants.

The ultrasecret reason for this is that the zombie contains some statistics on the process such as the exit status (why it died) and CPU time used that must be returned to the parent and this is stored in — guese where — the zombie’s per-process structure. This is why it cannot be removed until the parent does a wait() on it.

Sometimes a parent fails to do the wait(), usually due to a programming bug. Any old C program can do a fork() and not do the wait() and cause this. It used to be a problem with shell scripts doing “foo&” and never waiting back in the dark days of older UNIX systems.

Source: http://zeeky.mzrahman.com/archives/000012.html

The “bad thing” about zombies is they can’t be killed with a kill command, not even with vicious “kill -9″. More importantly, if the the zombie processes start to increase and doesn’t still come back after reboot, then it is time to look more closely into the programs that are giving birth to the zombies.

You use the OpenBoot command show-devs to obtain information about the device tree and to display device pathnames. This command displays all the devices known to the system directly beneath a given device in the device hierarchy. show-devs used by itself shows the entire device tree. The syntax is as follows:

ok show-devs

The system outputs the entire device tree, as follows:

/SUNW,UltraSPARC-IIi@0,0
/pci@1f,0
/virtual-memory
/memory@0,10000000
/aliases
/options
/openprom
/chosen
/packages
/pci@1f,0/pci@1
/pci@1f,0/pci@1,1
/pci@1f,0/pci@1/pci@1
/pci@1f,0/pci@1/pci@1/SUNW,qfe@3,1
/pci@1f,0/pci@1/pci@1/pci108e,1000@3
/pci@1f,0/pci@1/pci@1/SUNW,qfe@2,1
/pci@1f,0/pci@1/pci@1/pci108e,1000@2
/pci@1f,0/pci@1/pci@1/SUNW,qfe@1,1
/pci@1f,0/pci@1/pci@1/pci108e,1000@1
/pci@1f,0/pci@1/pci@1/SUNW,qfe@0,1
/pci@1f,0/pci@1/pci@1/pci108e,1000@0
/pci@1f,0/pci@1,1/ide@3
/pci@1f,0/pci@1,1/SUNW,m64B@2

Source: http://www.quepublishing.com/articles/article.asp?p=101659&seqNum=7&rl=1

very easy, just use “man -k”. Example:


zia@lappy:~$ man -k ioctl
blockdev (8) - call block device ioctls from the command line
console ioctl (4) [console_ioctl] - ioctl's for console terminal and virtual consoles
console_ioctl (4) - ioctl's for console terminal and virtual consoles
tty ioctl (4) [tty_ioctl] - ioctls for terminals and serial lines
tty_ioctl (4) - ioctls for terminals and serial lines

In this case, the answer to the question will be tty_ioctl ’cause a man on tty_ioctl shows:

Redirecting console output
TIOCCONS void
Redirect output that would have gone to /dev/console or /dev/tty0 to the given tty. If that was a pty mas‐ter, send it to the slave. Anybody can do this as long as the output was not redirected yet. If it was redirected already EBUSY is returned, but root may stop redirection by using this ioctl with fd pointing at /dev/console or /dev/tty0.

For Apple:

If YP is active, the passwd file also supports standard YP exclusions and inclusions, based on user names and netgroups.

Lines beginning with a “-'’ (minus sign) are entries marked as being excluded from any following inclusions, which are marked with a “+'’ (plus sign).

Source: http://developer.apple.com/documentation/Darwin/Reference/Manpages/man5/passwd.5.html

For BSD:

COMPAT SUPPORT
If `compat’ is specified for the `passwd’ database, and either `dns’ or
`nis’ is specified for the `passwd_compat’ database in nsswitch.conf(5),
then the passwd file also supports standard `+/-’ exclusions and inclu-
sions, based on user names and netgroups.

Lines beginning with a minus sign (“-'’) are entries marked as being
excluded from any following inclusions, which are marked with a plus sign
(“+'’).

Source: http://www.daemon-systems.org/man/passwd.5.html

For Sun Solaris:

Previous releases used a password entry beginning with a `+’ (plus sign) or `-’ (minus sign) to selectively incorporate entries from NIS maps for password. If still required, this is supported by specifying “passwd : compat'’ in nsswitch.conf(4). The “compat” source might not be supported in future releases. The preferred sources are files followed by the identifier of a name service, such as nis or ldap. This has the effect of incorporating the entire contents of the name service’s passwd database after the passwd file.

Source: http://docs.sun.com/app/docs/doc/816-0219/6m6njqban?a=view

At a glance:

Name:Password: UserID:PrincipleGroup:Gecos: HomeDirectory:Shell

Details:

Name Specifies the user’s login name. The user name must be a unique string of 8 bytes or less. There are a number of restrictions on naming users. See the mkuser command for more information.
Password Contains an * (asterisk) indicating an invalid password or an ! (exclamation point) indicating that the password is in the /etc/security/passwd file. Under normal conditions, the field contains an !. If the field has an * and a password is required for user authentication, the user cannot log in.
UserID Specifies the user’s unique numeric ID. This ID is used for discretionary access control. The value is a unique decimal integer.
PrincipleGroup Specifies the user’s principal group ID. This must be the numeric ID of a group in the user database or a group defined by a network information service. The value is a unique decimal integer.
Gecos Specifies general information about the user that is not needed by the system, such as an office or phone number. The value is a character string. The Gecos field cannot contain a colon.
HomeDirectory Specifies the full path name of the user’s home directory. If the user does not have a defined home directory, the home directory of the guest user is used. The value is a character string.
Shell Specifies the initial program or shell that is executed after a user invokes the login command or su command. If a user does not have a defined shell, /usr/bin/sh, the system shell, is used. The value is a character string that may contain arguments to pass to the initial program.

Source: http://www.unet.univie.ac.at/aix/files/aixfiles/passwd_etc.htm

Bash:

rev filename

Perl:

perl -e 'while (<>) {print scalar reverse $_};’ filename
or
perl -0777e 'print scalar reverse <>‘ filename

Diff would do that just fine:

diff <1st directory> <2nd directory>

Source: me

A simple perl regex would do:

perl -pi -e 's/f.*a.*[0-9]n/UNIX/g'

Source: me

For the Bourne and Korn shells (i.e. bash or sh), use the read command followed by a variable name for interactive input. Example:

#!/bin/sh
echo "Enter search pattern and press Return: \c"
read filename


Source: http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch16/335-337.html
For the C shell, the special variable $< waits for a value from STDIN. You can use $< anywhere you would use a variable. Example:

#!/bin/csh -f
echo "Enter search pattern and press Return: \c"
set pattern = $<

If you are fan of DJB’s daemontools & you are using Redhat/Fedora/CentOS, then the following script with come handy every time you want to install daemontools:

#!/bin/sh
mkdir /package
chmod 1755 /package
cd /package
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
tar xzvf daemontools-0.76.tar.gz
rm -f daemontools-0.76.tar.gz
cd admin/daemontools-0.76/src
wget http://www.qmailrocks.org/downloads/patches/daemontools-0.76.errno.patch
patch < daemontools-0.76.errno.patch
cd ../
./package/install

Ever wanted to find out something from a log that saves the time as Unix time and get frustrated to convert that time, use this:

cat /path/to/log/file |/usr/bin/perl -pe ’s/\d+/localtime $&/e;’

This will save your day.

Find your base64-encoded userid/password:

perl -MMIME::Base64 -e ‘print encode_base64(”\000zia\@do-not-spam.org\000not.my.real.password”)’
AHppYUBkby1ub3Qtc3BhbS5vcmcAbm90Lm15LnJlYWwucGFzc3dvcmQ=

Then try it this way:

# telnet 127.0.0.1 25
Trying 127.0.0.1…
Connected to 127.0.0.1.
Escape character is ‘^]’.
220 localhost.localdomain ESMTP Postfix (Ubuntu)
ehlo localhost
250-localhost.localdomain
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
auth login
AHppYUBkby1ub3Qtc3BhbS5vcmcAbm90Lm15LnJlYWwucGFzc3dvcmQ=
535 ok, go ahead (#5.0.0)
mail from:
250 2.1.0 … Sender ok
rcpt to:
250 2.1.5 … Recipient ok
data
354 Enter mail, end with “.” on a line by itself
hello.
.
250 2.0.0 k3395vQp002920 Message accepted for delivery
quit
221 2.0.0 localhost.localdomain closing connection

Want to check whether all the email accounts’ aliases, forwarding and delivery is working properly or not and want to do that without sending zillions of manual/auto emails to zillions of user?

Solution:

/path-to-sendmail/sendmail -bv

If you want to do a batch job on many username, simple run that through a for loop.

Try the following:
1. Capture an alt-sysrq-t or alt-sysrq-p or alt-sysrq-b or alt-sysrq-m backtrace when the hang occurs.
2. Capture whatever is on the screen.
3. Look for kerlnel oops in the /var/log/messages or /var/log/syslog after reboot.

For Solaris only:
Need physical or remote console access to the system to use these steps:

1. Press Stop-A on the console or Ctrl-] and send brk from a remote console connection to access the Open Boot Prompt (OBP)
2. Insert a bootable Solaris CD and boot into single-user mode with boot cdrom -s
3. Make a mount point within the /tmp file system by typing mkdir /tmp/mnt
4. Mount the root partition of the boot disk in /tmp/mnt.
ex. mount /dev/dsk/c0t0d0s0 /tmp/mnt
5. Edit /etc/shadow with vi /tmp/mnt/etc/shadow
6. Remove the encrypted part of the root password (the second field; fields are separated by colons), save, and exit
7. Unmount the file system with umount /tmp/mnt
8. Reboot the system and assign a new password at a shell prompt with the passwd command

If you are unable to run vi above, you can edit /etc/shadow using the ed editor

# ed /tmp/mnt/etc/shadow
1p
s/:………….:/::/ (Note: there are 13 dots in the second field)
1p
w
q

Type:

/usr/bin/iostat -E

Also shows drive statistics.

Two methods:

1. /usr/bin/find . -exec /usr/bin/grep PATTERN {} /dev/null \;

2. /usr/bin/find . | /usr/bin/xargs /usr/bin/grep PATTERN

Moving between screens:

Press the ESC key to enter command mode before using these commands.

forward one screen ^F (Ctrl+f)

backward one screen ^B (Ctrl+b)

forward half screen (down) ^D (Ctrl+d)

backward half screen (up) ^U (Ctrl+u)

1. Want to put numbers for each line?

:set number

2. Want to get rid of the numbers in front of the lines?

:set nonu

4. Want to find out what is the line number of the line your cursor is on?

Put your cursor on the line and press “Ctrl+g”

5. Don’t want the numbers in front of each line but want to see line number for each line for once while you are in the file?

:%nu

Vim has many more features than Vi, but most of them are disabled by default.
To start using more features you have to create a “vimrc” file.

1. Start editing the “vimrc” file, this depends on your system:

:edit ~/.vimrc for Unix

:edit $VIM/_vimrc for MS-Windows

2. Now read the example “vimrc” file text:

:read $VIMRUNTIME/vimrc_example.vim

3. Write the file with:

:write

The next time you start Vim it will use syntax highlighting.
You can add all your preferred settings to this “vimrc” file.

You can find help on just about any subject, by giving an argument to the
“:help” command. Try these (don’t forget pressing ):

:help w
:help c_ :help insert-index
:help user-manual

1. Typing o opens a line BELOW the cursor and places the cursor on the open
line in Insert mode.
Typing a capital O opens the line ABOVE the line the cursor is on.

2. Type an a to insert text AFTER the character the cursor is on.
Typing a capital A automatically appends text to the end of the line.

3. Typing a capital R enters Replace mode until is pressed to exit.

4. Typing “:set xxx” sets the option “xxx”
“:set ic” to “Ignore case” while searching.
“:set hls is” to set the ‘hlsearch’ and ‘incsearch’ options.
“:nohlsearch” to remove the highlighting of matches.

1. :!command executes an external command.

Some useful examples are:
(MS-DOS) (Unix)
:!dir :!ls - shows a directory listing.
:!del FILENAME :!rm FILENAME - removes file FILENAME.

2. :w FILENAME writes the current Vim file to disk with name FILENAME.

3. :#,#w FILENAME saves the lines # through # in file FILENAME.

4. :r FILENAME retrieves disk file FILENAME and inserts it into the
current file following the cursor position.

1. Ctrl-g displays your location in the file and the file status.
Shift-G moves to the end of the file. A line number followed
by Shift-G moves to that line number.

2. Typing / followed by a phrase searches FORWARD for the phrase.
Typing ? followed by a phrase searches BACKWARD for the phrase.
After a search type n to find the next occurrence in the same direction
or Shift-N to search in the opposite direction.

3. Typing % while the cursor is on a (,),[,],{, or } locates its
matching pair.

4. To substitute new for the first old on a line type :s/old/new
To substitute new for all ‘old’s on a line type :s/old/new/g
To substitute phrases between two line #’s type :#,#s/old/new/g
To substitute all occurrences in the file type :%s/old/new/g
To ask for confirmation each time add ‘c’ :%s/old/new/gc

1. To replace text that has already been deleted, type p . This Puts the
deleted text AFTER the cursor (if a line was deleted it will go on the
line below the cursor).

2. To replace the character under the cursor, type r and then the
character which will replace the original.

3. The change command allows you to change the specified object from the
cursor to the end of the object. eg. Type cw to change from the
cursor to the end of the word, c$ to change to the end of a line.

4. The format for change is:

[number] c object OR c [number] object

1. To delete from the cursor to the end of a word type: dw

2. To delete from the cursor to the end of a line type: d$

3. To delete a whole line type: dd

4. The format for a command in Normal mode is:

[number] command object OR command [number] object
where:
number - is how many times to repeat the command
command - is what to do, such as d for delete
object - is what the command should act upon, such as w (word),
$ (to the end of line), etc.

5. To undo previous actions, type: u (lowercase u)
To undo all the changes on a line type: U (capital U)
To undo the undo’s type: CTRL-R

1. The cursor is moved using either the arrow keys or the hjkl keys.
h (left) j (down) k (up) l (right)

2. To enter Vim (from the % prompt) type: vim FILENAME

3. To exit Vim type: :q! to trash all changes.
OR type: :wq to save the changes.

4. To delete a character under the cursor in Normal mode type: x

5. To insert text at the cursor while in Normal mode type:
i type in text

1. issue ‘cdrecord -scanbus’ to find the CD Recorder device. It may look something like:

0,4,0 4) ‘HP ‘ ‘CD-Writer+ 9600 ‘ ‘1.0a’ Removable CD-ROM

2. cd into the directory where the ISOs are.

3. issue the following command to start burning:

cdrecord -v dev=0,4,0 *iso

or

1. issue ‘dmesg’ and notice which /dev/hd(x) is your cdrecorder.

2. cd into the directory where ISOs are.

3. issue the following command to start burning:

cdrecord -v dev=/dev/hdc *iso

Once in a while (or maybe regularly) you may want to upgrade the Ports tree (/usr/ports collection). The easiest way to do this is to use cvsup. Here’s the command:

/usr/local/bin/cvsup -g -L 2 /etc/ports-supfile

After upgrading you *_MUST_* update the ports index file and the database file (INDEX.db) by issuing this command:

/usr/local/sbin/portsdb -Uu

Ever got frustrated thinking “why does it take so long for Linux to reboot?”. Me too. Specially, when the server is a production server.

Well, there’s some hope. OSDL is developing a new tool that will reduce the time to reboot linux. It’s called ‘kexec‘. It’s still in development stage. But, it’s a good time to start playing with it. If you want to know more about it then check out the white paper.

There are several ways to search for a package in FreeBSD ports collection. I will list each one of them one by one here.

1. From the FreeBSD ports website.

2. Using the make search method:

cd /usr/ports
make search name=program-name

For a keyword search use:

make search key=string


3. Using the plain old find command:

cd /usr/ports
find . -name "*program-name/keyword*"


Yup it’s possible. What’s possible? Here’s a list:

1. Run GIMP in a windows machine across an ADSL line where GIMP is actually installed in a Linux server somewhere else.
2. Run OpenOffice in windows or linux client machine over LAN or ADSL or even dial-up (just try it) when you don’t even have any X Windows packages intalled in your machine.
3. Even better, run the whole linux desktop remotely!

What’s the solution? NoMachine NX.

Here’s a how to:

http://www.linux-tip.net/cms/content/view/177/6/

You can also download a PDF from

tips.zunix.org or here.

You can even test drive this at NoMachine’s website:

http://www.nomachine.com/testdrive.php

Lets say we have a file where the items in it are space separated. And we have around 5000 items in it. A simple sample looks like this:

item1 item2 item3 item4 item5 item6 item7 item8 item9 item10 item11 item12 item13 item14 item15 item16 item17 item18 item19 item20 item21 item22 item23 item24 item25 item26 item27 item28 item29 item30

Now, what we want to achieve is show only 10 items in a line or show 10 columns at a time. Unix “findutils” has a very nifty utility called “xargs” to achieve this in a blink.

Here it goes:

cat /path/to/infile | xargs -n10 echo

Yes, its that easy.

The output will look something like:

item1 item2 item3 item4 item5 item6 item7 item8 item9 item10
item11 item12 item13 item14 item15 item16 item17 item18 item19 item20
item21 item22 item23 item24 item25 item26 item27 item28 item29 item30

If you have some items/fields in a file in this format:

item1
item2
item3
item4

and you want to convert it to

item1 item2 item3 item4

then you can use

tr '\n' ' ' </path/to/infile >/path/to/outfile

Example:

awk -F: '{print $1'} /etc/passwd | tr '\n' ' '

Have to do some quick math or calculate something complicated and don’t have the calculator handy? Try this:

echo '(1 + sqrt(5))/2' | bc -l

or

echo '(65536 / 1024)' | bc -l

or

echo '(2 ^ 16)' | bc -l

Voila!

Ref: http://www.iol.ie/~padraiga/cmdline.html

‘ps’ is one of the most important commands in the *nix world. But, what if someone wants to find out the processes running in a system without using the command ‘ps’. Why? There could be many reasons, one of them being “what if one wants to find out hidden processes in the system supposing the system was compromised…”.

So here it is:

cd /proc
for n in [0-9]* ; do echo -n "pid: "$n" "; cat $n/cmdline; echo; done

Ref: found in a post of Robert Mognet.

It is possible to redirect the output of a list of commands to a single file with a dash of style.

Here it is:

{ comand1; command2; command3 ; } > outputfile

Replace “command1″, “command2″ and “command3″ with your commands.

To append to a file instead of overwriting use “>>” instead of “>”.