Match ipv4 address:
grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}"
For only the match (skip the filename when globbing):
grep -ohE "([0-9]{1,3}\.){3}[0-9]{1,3}"
Get the header:
lwp-request -U -s -S -e -m HEAD http://www.google.com
Alt bit in Python: - sorry non-PIP...
import urllib2 import socket import ssl hostname = 'somesite.somewhere' url = 'https://' + hostname response = urllib2.urlopen(url) print response.geturl() print response.getcode() for header in response.info().headers: print header addr = socket.gethostbyname_ex(hostname)[2] addr = str(addr) addr = hostname sock = socket.create_connection((addr,443), timeout=None) context = ssl.create_default_context() sslsock = context.wrap_socket(sock, server_hostname=addr) #print sslsock.getpeercert() certitems = sslsock.getpeercert() for item in certitems: print item, certitems[item]
Check expire date for cert (rapidly): - Past due date expired certs - now being served daily :-)
for i in {1..10};do echo "Test $i"; echo | openssl s_client -connect sitename.com:443 -servername sitename.com 2>/dev/null | openssl x509 -noout -subject -dates; echo "";done
If you find your certs expire and then not in the alternating lines, you might have not killed off all apache processes! Kill away to fix....
Alt way:
openssl s_client -connect ip.add.re.ss:443 - or if using sni: openssl s_client -connect site.blah:443 -servername site.blah
Check a pem encoded cert expiration date:
openssl x509 -enddate -noout -in file.pem
Text output interpretation of a cert:
openssl x509 -text -noout -in /home/user/certdir/ssl.cert openssl x509 -text -noout -in /home/user/certdir/ssl.cert | grep -e Subject -e Issuer -e DNS -e After (args of -subject and -issuer available to openssl - but I am lazy sometimes and don't want to read the man page :-) - if Virtualmin is giving you renewal problems, try this: virtualmin generate-letsencrypt-cert --domain some.domain (list domains with virtualmin list-domains)
see what files a process is using:
strace -pPIDNUMBER -e trace=file
- to watch mysql - thanks kenorb on Stack Overflow.
http://stackoverflow.com/questions/568564/how-can-i-view-live-mysql-queries
In case this link breaks, here is the skinny:
strace -pMYSQLPID -e trace=read,write -s 2000 -fp $(pgrep -nf mysql)
- Alternatively, try setting up slow log query with 0 (search for slow log query) on my blog....
- strace errors like strace: Could not attach to process - check the /etc/sysctl.d/10-ptrace.conf
for kernel.yama.ptrace_scope = 1 and set to 0 if debugging in a testing environment - not live!
follow up with:
sudo service procps restart
( alternatevely - systemctl restart procps )
See what apache is up to:
ps auxw | grep sbin/apache | awk '{print"-p " $2}' | xargs strace
-or-
ps h --ppid $(cat /var/run/apache2.pid) | awk '{print"-p " $1}' | xargs sudo strace -o strace.txt
(Sprinkle in -s4096 (more context to reads on strace), and -r to find slow time between syscalls - might want single process for that)...
or -
watch apachectl fullstatus
- or just status for compact state line.
Linux Force a reboot
echo 1 > /proc/sys/kernel/sysrq (or more permanently add "kernel.sysrq = 1" to your /etc/sysctl.conf echo b > /proc/sysrq-trigger
Or halt:
echo 1 > /proc/sys/kernel/sysrq echo o > /proc/sysrq-trigger
Stolen from here: http://smshaker.wordpress.com/2009/03/02/linux-force-rebootshutdown/
Even more here: http://www.linuxhowtos.org/Tips%20and%20Tricks/sysrq.htm
Find the (probable) install date:
tune2fs -l /dev/sda1 (assuming this is the root partition) Look for the filesystem created date. Unless you recreated the root partition, this is probably your install date.
Better traceroute - 'cause I like pretty in the terminal: mtr
Disk space check (disk usage): ohmu (get via pip install)
Better git status: tig (pip install again)
Track current traffic on a server: iftop
List apache sites: apachectl -S
Check up on memcached:
Found here: https://www.percona.com/blog/2008/11/26/a-quick-way-to-get-memcached-status/
watch "echo stats | nc 127.0.0.1 11211"
How many of what type of file? - does not use magic, relies on extension.
find . -type f | sed -n 's/..*\.//p' | sort | uniq -c | sort -n -k 1
Store permissions and re-apply later:
getfacl -R /somedir > somedir.acl setfacl --restore=somedir.acl
Take back excessive memory / swap use by systemd-logind
systemctl daemon-reexec
Edit systemd config with override -
systemctl edit daemon-name (should create a /etc/systemd/system/daemon-name.service.d/override.conf Follow up with: systemctl daemon-reload systemctl restart daemon-name
More systemd - get the timers (for backup?)
systemctl list-timers --all - probably want to grab /etc/systemd/system and /usr/lib/systemd to get the service and timer files.
Even more systemd:
Convert unicode output of systemctl to ascii (sort of): systemctl status | iconv -f UTF-8 -t ASCII//TRANSLIT
Check smart values on a LSI MegaRAID SAS 9271-4i
DID from output here: storcli64 /c0 show smartctl -a -d sat+megaraid,4 /dev/sda smartctl -a -d sat+megaraid,5 /dev/sda smartctl -a -d sat+megaraid,6 /dev/sda smartctl -a -d sat+megaraid,7 /dev/sda
smartd for the HUP!
smartd will continue with the old replaced drive serial and model number after failed replacement is in place. don't forget to "kill -HUP" the smartd process, so it will re-read and get the correct drive and model. restart probably would not hurt...
Sum a column of numbers in bash:
Add this to the end of the chain of pipes: | paste -sd+ - | bc
Replace a line break with a comma from a file list (think email addresses)
tr '\n' ',' < list-of-emails-in-a-column.txt
Thanks goes to Beijing News Express On October 22, students of Wuhan Huangpi Technical School posted a video saying that some students hid hot dishes in the cafeteria during the second extra meal and only gave them pickles. On October 24th, the website of the People’s Government of Huangpi District, Wuhan City published the "Explanation on the Situation of Huangpi Technical School Students’ Reflecting the Problem of Adding Meals in the Canteen". After investigations by the competent authority to the school, the situation is basically true. The school has seriously criticized the education staff on duty , It is recommended that the person in charge of the cafeteria impose financial punishment on him.
http://www.unixcl.com/2009/11/sum-of-numbers-in-file-unix.html
Paste lines together from dpkg listing column output (php installed packages in this case):
dpkg --get-selections | grep php | awk '{print $1}' | paste -sd " " -
To get specifics (better version numbering etc on a specific package), try this:
dpkg -s pkgname
rkhunter saying changes, but you suspect updated packages?
---Give this a go: debsums -ca ---check for recent installs in: /var/log/dpkg.log ---If all good, update: rkhunter --update --propupd ---And recheck: rkhunter -c --rwo
Loopback mount setup (loop mount)
bigfile.img losetup /dev/loop0 bigfile.img kpartx -av /dev/loop0 Now mount up the bit you want (based on partitioning found with kpartx) mount /dev/mapper/loop0p2 /mnt/sillymount Get all with losetup --list - for more fun use nbdkit (can do compressed files): nbdkit xz bigfile.img.xz (gives tcp socket...) nbd-client -b 512 localhost /dev/nbd0 (uncompresses on the fly) mount /dev/nbd0p2 /mnt/sillymount add --filter=cow (to write to a layer on top of the base image) - temporary file - gone on kill of nbdkit.
sed replace on config file:
sed -i 's/max_allowed_packet.*/max_allowed_packet = 16M/g' /etc/mysql/mysql.conf.d/mysqld.cnf
Return apache sites in enabled status: (stupid I know!):
ls -1 /etc/apache2/sites-enabled/ | grep -v le-ssl | awk -F'[\.]' '{$NF=""; print $0}' | grep -v ssl
Generate a "random" password using python:
import string import random N = 8 psswd = ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(N)) print psswd
Run a cron job at startup? i.e. Is it a stinky user script you would otherwise have run a screen session to run?
Chuck this in the users cron: @reboot /home/userdir/script-to-run-at-startup.sh
Truncate a log file - or empty it - when the process does not use logrotate - looking at you supervisord!
echo > logfile or truncate -s0 logfile
Have sorted files but don't know what lines are in one and not the other? comm to the rescue.
comm -23 file1 file2 - this gives you lines that appear in the sorted list from file1 not in file2