Bash: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Geist (Diskussion | Beiträge) |
Geist (Diskussion | Beiträge) |
||
| (36 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 253: | Zeile 253: | ||
== Create/Add new USER '''useradd'''== | == Create/Add new USER '''useradd'''== | ||
| + | Useradd is built-in Linux command that can be found on any Linux system. However, creating new users with this low-level is a tedious task because it doesn't create the home directory and user password by default. | ||
| + | |||
| + | Adduser is not a standard Linux command. It’s essentially a Perl script that uses the useradd command in the background. This high-level utility is more efficient in properly creating new users on Linux. It gives you the option to create the home directory, and set password along with a few more parameters. | ||
| + | |||
| + | [https://linuxhandbook.com/useradd-vs-adduser/ Difference between adduser and useradd commands] | ||
| + | [https://linuxconfig.org/add-user-linux-command adduser vs useradd in Linux] | ||
| + | |||
'''$ useradd [OPTIONS] USERNAME''' | '''$ useradd [OPTIONS] USERNAME''' | ||
| Zeile 265: | Zeile 272: | ||
'''$ useradd -D -s /bin/bash ''' | '''$ useradd -D -s /bin/bash ''' | ||
'''$ useradd -D | grep -i shell ''' | '''$ useradd -D | grep -i shell ''' | ||
| + | |||
| + | To create a user without home directory | ||
| + | '''$ useradd -M user ''' | ||
| + | |||
| + | Create a user with changed login shell | ||
| + | '''$ useradd -s /bin/sh user ''' | ||
| + | |||
| + | Option to create a user home directory | ||
| + | '''--create-home''' | ||
| + | '''-m ''' | ||
| + | |||
| + | '''$ /sbin/useradd -m -u 10000 USERNAME -s /bin/bash ''' | ||
| + | |||
| + | There is an option for adding an encrypted password via the '''-p''' option on useradd | ||
| + | Note that the '''-p''' option '''doesn't allow you to input a plaintext password''', it expects you to encrypt it first. | ||
| + | This is intentionally difficult, because you should not do it! | ||
| + | Just use the '''passwd''' command or '''chpasswd''' | ||
| + | |||
| + | '''passwd USER''' | ||
| + | or | ||
| + | '''echo USER:NEWPASSWORD | /sbin/chpasswd''' | ||
| + | |||
| + | [https://stackoverflow.com/questions/2150882/how-to-automatically-add-user-account-and-password-with-a-bash-script How to automatically add user account AND password with a Bash script?] | ||
| + | |||
| + | '''$ /sbin/useradd -ms /bin/bash USER''' | ||
| + | Create USER + Homedirectory + Bash as Shell | ||
| + | |||
| + | USER+HOME+SHELL+PASSWORD | ||
| + | '''$ /sbin/useradd -ms /bin/bash USER && echo USER:NEWPASSWORD | /sbin/chpasswd''' | ||
== Delete USER '''userdel'''== | == Delete USER '''userdel'''== | ||
'''$ userdel [OPTIONS] USERNAME ''' | '''$ userdel [OPTIONS] USERNAME ''' | ||
| + | |||
| + | Use the -r (--remove) option to force userdel to remove the user’s home directory and mail spool: | ||
'''$ userdel -r username ''' | '''$ userdel -r username ''' | ||
| + | |||
| + | Kill all user’s running processes | ||
| + | '''$ killall -u username ''' | ||
| + | |||
| + | Another option is to use the -f (--force) option that tells userdel to forcefully remove the user account, even if the user is still logged in or if there are running processes that belong to the user. | ||
| + | '''$ userdel -f username ''' | ||
| + | |||
| + | [https://linuxize.com/post/how-to-delete-users-in-linux-using-the-userdel-command/ How to Delete/Remove Users in Linux (userdel Command)] | ||
| + | |||
| + | |||
| + | == '''usermod'''== | ||
| + | |||
| + | https://linuxize.com/post/usermod-command-in-linux/#:~:text=By%20default%2C%20on%20most%20Linux%20systems%2C%20the%20default,name%20of%20the%20user%3A%20usermod%20-s%20SHELL%20USER | ||
| + | |||
| + | https://linuxconfig.org/usermod#:~:text=usermod%20command%20in%20Linux%20Advanced%20Examples%201%20Use,given%20a%20unique%20ID%20when%20first%20created.%20 | ||
| + | |||
| + | https://wiki.ubuntuusers.de/usermod/ | ||
| + | |||
| + | == '''GROUP, USER | GROUP VS PASSWD''' == | ||
| + | |||
| + | https://teaching.idallen.com/cst8207/12f/notes/600_users_and_groups.html | ||
| + | |||
| + | https://www.unix.com/unix-for-dummies-questions-and-answers/162563-inconsistency-between-passwd-group.html | ||
| + | |||
| + | https://unix.stackexchange.com/questions/55107/why-dont-etc-group-and-etc-password-match | ||
| + | |||
| + | https://www.man7.org/linux/man-pages/man3/initgroups.3.html | ||
| + | |||
| + | == chown == | ||
| + | |||
| + | https://wiki.ubuntuusers.de/chown/ | ||
| + | |||
| + | == chmod == | ||
| + | |||
| + | https://wiki.ubuntuusers.de/chmod/ | ||
| + | |||
| + | == chattr == | ||
| + | |||
| + | https://wiki.ubuntuusers.de/chattr/ | ||
| + | |||
| + | https://man7.org/linux/man-pages/man1/chattr.1.html | ||
| + | |||
| + | == SHELL USER INFOS == | ||
| + | |||
| + | '''getent passwd "$LOGNAME"''' | ||
| + | |||
| + | '''grep passwd /etc/nsswitch.conf''' | ||
| + | |||
| + | == rbash | Restricted Bash == | ||
| + | '''$ rbash ''' | ||
| + | '''$ bash -r''' | ||
| + | |||
| + | https://www.tecmint.com/rbash-a-restricted-bash-shell-explained-with-practical-examples/ | ||
| + | https://www.thegeekdiary.com/rbash-set-restricted-shell-in-linux/ | ||
| + | |||
| + | https://www.howtogeek.com/718074/how-to-use-restricted-shell-to-limit-what-a-linux-user-cando/ | ||
| + | https://ostechnix.com/how-to-limit-users-access-to-the-linux-system/ | ||
| + | https://averagelinuxuser.com/creating-new-user-linux/ | ||
| + | https://linuxize.com/post/how-to-create-users-in-linux-using-the-useradd-command/ | ||
| + | https://www.howtoforge.com/user_password_creating_with_a_bash_script | ||
== Simple Script Jail == | == Simple Script Jail == | ||
| Zeile 277: | Zeile 375: | ||
This for the simple jail: | This for the simple jail: | ||
'''$ chsh -s /home/[USER]/./run [USER] ''' | '''$ chsh -s /home/[USER]/./run [USER] ''' | ||
| + | |||
| + | == Disable history == | ||
| + | |||
| + | https://linuxconfig.org/how-to-disable-bash-shell-commands-history-on-linux | ||
| + | https://www.cyberciti.biz/faq/disable-bash-shell-history-linux/ | ||
| + | https://www.thegeeksearch.com/how-to-disable-and-clear-linux-command-line-history/ | ||
| + | |||
| + | == Disable LASTLOGIN == | ||
| + | '''$ touch /home/user/.hushlogin''' | ||
| + | |||
| + | https://linuxconfig.org/how-to-disable-last-login-message-on-rhel-linux | ||
| + | https://www.heatware.net/linux-unix/linux-how-to-disable-last-login-welcome-message/ | ||
| + | |||
| + | == type | command check == | ||
| + | |||
| + | Check whether a command is built-in or not | ||
| + | '''$ type [COMMAND]''' | ||
| + | |||
| + | == RANDOM NUMBERS == | ||
| + | '''$ echo $RANDOM''' | ||
| + | '''$ echo $(( $RANDOM % 9 + 0 ))''' | ||
| + | |||
| + | '''$ echo $(shuf -i 0-9 -n1)''' | ||
| + | |||
| + | '''$ od /dev/urandom -A n -t d -N 1 ''' | ||
| + | |||
| + | https://linuxhint.com/generate-random-number-bash/ | ||
| + | https://linuxconfig.org/generating-random-numbers-in-bash-with-examples | ||
| + | https://www.delftstack.com/howto/linux/random-number-generation-in-bash/ | ||
| + | |||
| + | == RANDOM STRINGS == | ||
| + | '''$ echo $RANDOM | md5sum | head -c 1; echo; ''' | ||
| + | '''$ tr -dc A-Za-z0-9 </dev/urandom | head -c 1 ; echo ' ' ''' | ||
| + | |||
| + | https://gist.github.com/earthgecko/3089509 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/230673/how-to-generate-a-random-string | ||
| + | https://linuxhint.com/generate-random-string-bash/ | ||
| + | https://www.saotn.org/bash-function-to-generate-a-random-alphanumeric-string/ | ||
| + | |||
| + | |||
| + | https://unix.stackexchange.com/a/709895/515538 | ||
| + | |||
| + | |||
| + | https://unix.stackexchange.com/questions/747546/dhcpd-or-dhclient-not-found#comment1421782_747546 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/747014/command-to-check-if-the-machine-was-rebooted#comment1420778_747014 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/745582/block-every-website-but-one-specific-one#comment1418071_745582 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/745375/what-does-run-rm-rf-do-in-dockerfile#comment1417469_745375 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/741540/setting-alias-for-sourcing-a-script-to-run-that-script-in-jenkins-with-restrict/741545#comment1408882_741545 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/741028/how-do-i-create-a-copy-of-a-hard-drive-on-my-pc#comment1407651_741028 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/740700/how-to-restrict-ssh-for-specific-user-from-specific-subnet#comment1406816_740700 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/740606/migration-of-a-working-debian-11-system-to-another/740612#comment1406640_740612 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/740105/cannot-figure-out-how-to-turn-off-stricthostkeychecking/740107#comment1405529_740107 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/734385/remove-directory-failed-even-as-root#comment1393984_734385 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/715772/how-to-create-a-hash-sha256sum-in-bash-with-more-than-one-source-input-and-w#comment1356335_715772 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/13802/execute-a-specific-command-in-a-given-directory-without-cding-to-it/709871#comment1344018_709871 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/693566/how-can-i-determine-which-browser-tab-is-the-most-network-intensive/693588#comment1311841_693588 | ||
| + | |||
| + | https://unix.stackexchange.com/questions/693006/what-are-these-unexpected-network-devices-which-appear-in-kernel-log/693011#comment1310798_693011 | ||
Aktuelle Version vom 8. Juni 2023, 10:55 Uhr
Inhaltsverzeichnis
- 1 Script
- 2 Command Line
- 3 Count files and directories, summary size and EXCLUDE folders
- 4 Building blocks
- 5 PORT SCAN with bash's built-in /dev/tcp
- 6 watch
- 7 Firefox bash output
- 8 Create Symbolic Links
- 9 List harddisk|usb|volume|partitions
- 10 Create filesystem with mkfs.ext4
- 11 Create/Add new USER useradd
- 12 Delete USER userdel
- 13 usermod
- 14 GROUP, USER | GROUP VS PASSWD
- 15 chown
- 16 chmod
- 17 chattr
- 18 SHELL USER INFOS
- 19 rbash | Restricted Bash
- 20 Simple Script Jail
- 21 Disable history
- 22 Disable LASTLOGIN
- 23 type | command check
- 24 RANDOM NUMBERS
- 25 RANDOM STRINGS
Script
$ type script $ chmod +x script $ ./script $ .script $ source script $ bash script
#!/bin/bash
Command Line
Everything is a file 255 Byte The maximum length for a file name is 255 bytes. The maximum combined length of both the file name and path name is 4096 bytes. This length matches the PATH_MAX that is supported by the operating system. Names are case-sensitive
Special chars to avoid in names/filenames
/ Never
\ Escaped
- Never at beginning
[] Escaped
{} Escaped
* Escaped
' Escaped
" Escaped
Wildcards
* asterisk | any char ? question mark | single char [] square brackets | set of single char or a range of chars
List files and folders
$ ls $ ls folder $ ls ./folder $ ls /path/folder $ ls ~/folder $ ls ~/folder/*.jpg $ ls ~/folder/*txt* $ ls -R folder (list of subfolders)
$ ls -l (single column) - regular file _ executable d directory l symbolic link s socket b block device c character device p named pipe
$ ls -m (comma-separated list) $ ls -a (hidden files and folders)
$ ls -F (file type) Symbols and file types * Executable / Directory @ Symbolic link | FIFO = Socket
$ ls --color (content in color) $ dircolors $ dircolors --print-database $ ls -F --color $ la -la $ ls -r $ ls -X (sort by extension) $ ls -t (sort by date) $ ls -S (sort by content) $ ls -h $ ls -laS $ ls -h
$ pwd (current path)
Change directory with cd
$ cd folder $ cd ~ $ cd - $ cd ..
Create and change current time of file touch
create new, empty file $ touch file
update access and modification time for file $ touch file
any desired time for file $ touch -t [[CC]YY]MMDDhhmm[.ss]file
Create directory with mkdir
new directory $ mkdir folder
create directory with subdirectories $ mkdir -p test/sub/folder
create directory and show steps $ mkdir -v test/sub/folder $ mkdir -pv test/sub/folder
Count files and directories, summary size and EXCLUDE folders
bash count files and directory, summary size and EXCLUDE folders that are fuse|sshfs
Full size of a folder with du
get the full size of workdir | no fuse/sshfs in use $ du -hs workdir
get the full size of workdir, excluding mysshfs | fuse/sshfs in use $ du -hs --exclude=mysshf workdir
Count files in folder with find
count files in workdir | no fuse/sshfs in use $ find workdir -type f | wc -l
count files in workdir, excluding mysshfs | no fuse/sshfs in use $ find workdir -type f -not -path "*mysshfs*" | wc -l
count files in workdir, excluding mysshfs | fuse/sshfs in use $ find workdir -path "*/mysshfs/*" -prune -o \( -type f -print \) | wc -l
Count folders in folder with find
count folders in workdir | no fuse/sshfs in use $ find workdir -type d | wc -l
count folders in workdir, excluding mysshfs | no fuse/sshfs in use $ find workdir -type d -not -path "*mysshfs*" | wc -l
count folders in workdir, excluding mysshfs | fuse/sshfs in use $ find workdir -path "*/mysshfs/*" -prune \( -type d -print \) | wc -l
Building blocks
run several commands sequentially with ; and &&
executed sequential no matter if successfully or unsucessfully ; $ ls /home ; ls notfound; ls ~
executed sequential if successfully run next && $ ls /home && ls notfound && ls ~
PORT SCAN with bash's built-in /dev/tcp
check if host response on a give port with bash's built-in /dev/tcp
#!/bin/bash
HOST_NAME="127.1"
HOST_PORT="80"
if ( (exec 3<>/dev/tcp/${HOST_NAME}/${HOST_PORT}) 2> /dev/null); then
echo -e "PORT: ${HOST_PORT} | ON"
else
echo -e "PORT: ${HOST_PORT} | OF"
fi
exit;
#!/bin/bash
HOST_NAME="127.1"
for HOST_PORT in {1..1000}
do
if ( (exec 3<>/dev/tcp/${HOST_NAME}/${HOST_PORT}) 2> /dev/null); then
echo -e "PORT: ${HOST_PORT} | ON"
else
echo -e "PORT: ${HOST_PORT} | OF"
fi
done
exit;
#!/bin/bash
HOST_NAME="127.1"
declare -A PORT_ON
for HOST_PORT in {1..65535}
do
if ( (exec 3<>/dev/tcp/${HOST_NAME}/${HOST_PORT}) 2> /dev/null); then
PORT_ON[${HOST_PORT}]="ON"
fi
done
for i in ${!PORT_ON[*]}
do
echo -e "$i : ${PORT_ON[$i]}"
done
exit;
watch
$ watch -t -n 0.1 "grep \"^[c]pu MHz\" /proc/cpuinfo" $ watch -t -n 0.1 "grep \"^[c]pu MHz\" /proc/cpuinfo && free -m"
Firefox bash output
For the usage in bash: $ watch -n 1 "ps aux | grep [f]irefox" $ watch -n 0.1 "ps aux | grep [f]irefox" $ watch -n 1 "ps aux | grep [f]irefox && free -m" $ watch -n 0.1 "ps aux | grep /usr/lib/firefox-esr/firefox" $ watch -n 0.1 "ps aux | grep /usr/lib/firefox-esr/firefox && free -m" $ watch -d -n 0.1 "ps aux | grep [f]irefox"
Load a page and press F5 in the tab(again and again or hold the F5 button pressed) and watch When i kill the a tab with the right pid i get the message in the tab, that the tab is crashed now In Firefox, about:performance
But check also this in bash if i close or open and load a page tab: $ pidof firefox $ pidof firefox-esr $ pgrep firefox get the main/parentid of one or "n" profiles $ pgrep firefox-esr get the main/parentid of one or "n" profiles
Get parentid and childid $ ps aux | grep [f]irefox $ ps aux | grep [f]irefox | grep tab
You see the parentBuildID and something of the child/tab It looks like that you can't close the child/tab only the parentBuildID, if you kill the child/tab the tab will crash but not close(but killed).
$ ps -ef | grep [f]irefox | wc -l $ ps -ef | grep [f]irefox | grep tab | wc -l
Create Symbolic Links
ln|Linux manual page Symlink To a File $ ln -s [OPTIONS] TARGET LINKNAME $ ln -s TARGET LINK_NAME
Symlinks To a Directory $ ln -s /mnt/my_drive/movies ~/my_movies
Overwriting Symlinks To overwrite the destination path of the symlink, use the -f (--force) option $ ln -sf my_file.txt my_link.txt
Removing Symlinks $ unlink symlink_to_remove $ rm symlink_to_remove
List harddisk|usb|volume|partitions
Get label names:
$ e2label /dev/sdXx
$ /sbin/blkid | grep sdXx'
$ blkid /dev/sdXx | awk -F'"' '{print $2}'
Set label name: $ e2label /dev/sdXx MYNAME $ tune2fs -L MYNAME /dev/sdXx
Create filesystem with mkfs.ext4
$ mkfs.ext4 /dev/sda1 -L MYNAME
Create/Add new USER useradd
Useradd is built-in Linux command that can be found on any Linux system. However, creating new users with this low-level is a tedious task because it doesn't create the home directory and user password by default.
Adduser is not a standard Linux command. It’s essentially a Perl script that uses the useradd command in the background. This high-level utility is more efficient in properly creating new users on Linux. It gives you the option to create the home directory, and set password along with a few more parameters.
Difference between adduser and useradd commands adduser vs useradd in Linux
$ useradd [OPTIONS] USERNAME
$ cat /etc/default/useradd $ ls -la /etc/skel/ $ cat /etc/login.defs
View default options: $ useradd -D
Change the default login shell $ useradd -D -s /bin/bash $ useradd -D | grep -i shell
To create a user without home directory $ useradd -M user
Create a user with changed login shell $ useradd -s /bin/sh user
Option to create a user home directory --create-home -m
$ /sbin/useradd -m -u 10000 USERNAME -s /bin/bash
There is an option for adding an encrypted password via the -p option on useradd Note that the -p option doesn't allow you to input a plaintext password, it expects you to encrypt it first. This is intentionally difficult, because you should not do it! Just use the passwd command or chpasswd
passwd USER or echo USER:NEWPASSWORD | /sbin/chpasswd
How to automatically add user account AND password with a Bash script?
$ /sbin/useradd -ms /bin/bash USER Create USER + Homedirectory + Bash as Shell
USER+HOME+SHELL+PASSWORD $ /sbin/useradd -ms /bin/bash USER && echo USER:NEWPASSWORD | /sbin/chpasswd
Delete USER userdel
$ userdel [OPTIONS] USERNAME
Use the -r (--remove) option to force userdel to remove the user’s home directory and mail spool: $ userdel -r username
Kill all user’s running processes $ killall -u username
Another option is to use the -f (--force) option that tells userdel to forcefully remove the user account, even if the user is still logged in or if there are running processes that belong to the user. $ userdel -f username
How to Delete/Remove Users in Linux (userdel Command)
usermod
https://wiki.ubuntuusers.de/usermod/
GROUP, USER | GROUP VS PASSWD
https://teaching.idallen.com/cst8207/12f/notes/600_users_and_groups.html
https://www.unix.com/unix-for-dummies-questions-and-answers/162563-inconsistency-between-passwd-group.html
https://unix.stackexchange.com/questions/55107/why-dont-etc-group-and-etc-password-match
https://www.man7.org/linux/man-pages/man3/initgroups.3.html
chown
https://wiki.ubuntuusers.de/chown/
chmod
https://wiki.ubuntuusers.de/chmod/
chattr
https://wiki.ubuntuusers.de/chattr/
https://man7.org/linux/man-pages/man1/chattr.1.html
SHELL USER INFOS
getent passwd "$LOGNAME"
grep passwd /etc/nsswitch.conf
rbash | Restricted Bash
$ rbash $ bash -r
https://www.tecmint.com/rbash-a-restricted-bash-shell-explained-with-practical-examples/ https://www.thegeekdiary.com/rbash-set-restricted-shell-in-linux/
https://www.howtogeek.com/718074/how-to-use-restricted-shell-to-limit-what-a-linux-user-cando/ https://ostechnix.com/how-to-limit-users-access-to-the-linux-system/ https://averagelinuxuser.com/creating-new-user-linux/ https://linuxize.com/post/how-to-create-users-in-linux-using-the-useradd-command/ https://www.howtoforge.com/user_password_creating_with_a_bash_script
Simple Script Jail
This is are the default settings for the USER to login and run a bash shell: $ chsh -s /bin/bash [USER] This for the simple jail: $ chsh -s /home/[USER]/./run [USER]
Disable history
https://linuxconfig.org/how-to-disable-bash-shell-commands-history-on-linux https://www.cyberciti.biz/faq/disable-bash-shell-history-linux/ https://www.thegeeksearch.com/how-to-disable-and-clear-linux-command-line-history/
Disable LASTLOGIN
$ touch /home/user/.hushlogin
https://linuxconfig.org/how-to-disable-last-login-message-on-rhel-linux https://www.heatware.net/linux-unix/linux-how-to-disable-last-login-welcome-message/
type | command check
Check whether a command is built-in or not $ type [COMMAND]
RANDOM NUMBERS
$ echo $RANDOM $ echo $(( $RANDOM % 9 + 0 ))
$ echo $(shuf -i 0-9 -n1)
$ od /dev/urandom -A n -t d -N 1
https://linuxhint.com/generate-random-number-bash/ https://linuxconfig.org/generating-random-numbers-in-bash-with-examples https://www.delftstack.com/howto/linux/random-number-generation-in-bash/
RANDOM STRINGS
$ echo $RANDOM | md5sum | head -c 1; echo; $ tr -dc A-Za-z0-9 </dev/urandom | head -c 1 ; echo ' '
https://gist.github.com/earthgecko/3089509
https://unix.stackexchange.com/questions/230673/how-to-generate-a-random-string https://linuxhint.com/generate-random-string-bash/ https://www.saotn.org/bash-function-to-generate-a-random-alphanumeric-string/
https://unix.stackexchange.com/a/709895/515538
https://unix.stackexchange.com/questions/747546/dhcpd-or-dhclient-not-found#comment1421782_747546