Un-edited Live session – http://www.youtube.com/watch?v=spGNvTAGmd0
Tony Bemus, Mat Enders, and Mary Tomich
Sound bites by Mike Tanner
Kernel News: Mat
mainline: 3.19-rc7 2015-02-02 stable: 3.18.6 2015-02-06 stable: 3.17.8 [EOL] 2015-01-08 longterm: 3.14.32 2015-02-06 longterm: 3.12.37 2015-01-30 longterm: 3.10.68 2015-02-06 longterm: 3.4.106 2015-02-02 longterm: 3.2.66 2015-01-01 longterm: 184.108.40.206 2014-12-13 linux-next: next-20150204 2015-02-04
Distro Talk: Tony
- 1-28 – GParted Live 0.21.0-1
- 1-29 – BackBox Linux 4.1
- 1-31 – SolydXK 201501
- 2-1 – Black Lab Linux 6.0 SR3
- 2-2 – BSD Release: PC-BSD 10.1.1
- 2-2 – Raspbian 2015-01-31
- 2-3 – Simplicity Linux 15.1
- 2-4 – Q4OS 0.5.25
- 2-7 – Manjaro Linux 0.8.12
- 2-7 – Korora 21
Distro of the Week: Tony
- openSUSE – 1318
- Black Lab – 1418
- Ubuntu – 1709
- Debian – 1714
- Mint – 3029
Massive Utah cyberattacks — up to 300 million per day — may be aimed at NSA facility
Mary’s Kool Tools
How to create and show a presentation from the command line on Linux
grep – Google for the shell
The grep command was created by Ken Thompson as a standalone application adapted from the regular expression parser he had written for ed, which he also created. In ed, the command g/re/p would print all lines matching a previously defined pattern. Some believe it is an acronym for global regular expression print, this is a misnomer. In the beginning people extended grep by forking it into other programs hence we get fgrep (searches for a litteral string appling no regex), egrep (uses extended regex), and pcregrep (uses Perl compliant regex). Now however all of that functionality has been incorporated into grep itsself with the following flags respectively -F, -E, and -P. The grep is considered one of the most useful commands in any Unix system.
The grep command always works the same way. Beginning at the first line in the file, grep copies a line into a buffer, compares it against the search string, and if the comparison passes, prints the line to the screen. Grep will repeat this process until the file runs out of lines. Notice that nowhere in this process does grep store lines, change lines, or search only a part of a line.
The simplest way to use grep would be:
grep 'smith' etc_passwd_0.txt
NOTE: throughout this document I will use single quotes around ny search terms. This is not always necesasary and these examples will all work without them. If however your searchterm contains a space they are necessary. Double quotes can also be used. If you wanted to search for either a single quote or a double quote you would need to escape it.
In this example, grep would loop through every line of the file “etc_passwd_0.tx” and print out every line that contains the text “smith.” If you want to use these examples, you will need my example file from here, http://csittechs.com/presentations/. There are two files there that have basically identical content, except one is colon delimited (etc_passwd_0.txt) and the other space delimited (etc_passwd_1.txt). For this exercise in grep either will work.
That first example is great but what if it is a large file and you want know where these lines are to edit. You could use the -n flag.
grep -n 'smith' etc_passwd_0.txt
This tells us that these lines are 52 and 177 respectively. Another useful flag and one I use often is the -v flag. It will give you the negative results of your search.
grep -v ':1' etc_passwd_0.txt
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:999:User for polkitd:/:/sbin/nologin
colord:x:998:997:User for colord:/var/lib/colord:/sbin/nologin
pulse:x:997:996:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
tss:x:59:59:Account to sandbox the tcsd daemon:/dev/null:/sbin/nologin
unbound:x:995:993:Unbound DNS resolver:/etc/unbound:/sbin/nologin
nm-openconnect:x:993:991:NetworkManager user for OpenConnect:/:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
As you see it printed every line that does not contain a “:1”. The -c flag counts the lines that would have been printed by your search
grep -c '/usr/bin/bash' etc_passwd_0.txt
It tells that 120 of the users are using the bash shell as there default shell. Then we have the -i flag which will make your search case insensitive.
grep -i 'maria' etc_passwd_0.txt
Now you see that we searched for maria all lowercase however our search matched the pattern Maria with an uppercase M. We also can use regular expressions to search out complex patterns. If we wanted to find all the user with uids or gids 1004, 1005, 1006, 1007, 1104, 1105, 1106, and 1107, we could do this.
grep -E ':10[4-7]:' etc_passwd_0.txt
Our search pattern printed the eight lines we were looking for. You can even do more by combining flags to refine your searc. Remeber ealier when we searched for ‘maria’ and we got back two users and the system ‘MariaDB’ user. Well if we only wanted the human users we could do something like this.
grep -iE 'maria\b' etc_passwd_0.txt
Now we only are returned the two human users because told grep the the end of the word would be after the ‘a’ with the ‘\b’ which stands for a word boundery in grep’s extended regex. If you want to know more about how to use grep’s extended regex come to my talk at Penguicon 2015. http://2015.penguicon.org/ Remeber the best way to learn is by doing so go play, learn.
The Security Bit
The OpenBSD Foundation needs your help to achieve our fundraising goal of $200,000 for 2015.
Donations to the foundation can be made on our Donations Page. We can be contacted regarding corporate sponsorship at firstname.lastname@example.org
show (at) smlr.us or 734-258-7009
This content is published under the Attribution-Noncommercial-Share Alike 3.0 Unported license.