Source links
Misc
# recursive grep
grep -R
Sad servers exercise
This one was an easy one.
tail -f /var/log/bad.log
lsof /var/log/bad.log
kill -9 < PID of badlog.p y >
notes on find
command
flags
# you already know these
-type
-name
# conditionals!
-not
-a # and
-o # or
-regex
# by file permissions / file ownership
-perm
-user
-group
# by filesize
-size
-empty
# by access, modification, or creation time
# time = in days, min = in minutes
-atime
-mtime
-ctime
-amin
-mmin
-cmin
# actions
-delete
-exec # remember {} \; after the command
# level of directory hierarchy
-maxlevel
-minlevel
# unsure
-xdev
examples
# find all logs (or at least files ending in .log) on system that have been modified in the past day
sudo find / -name * .log -mtime -1
# find all home directory backup files in /var/backups older than 7 days and delete them (in crontab file, run as root, paired with a backup creation cronjob)
find /var/backups -name "/home.*.tar.gz" -mtime +7 -delete
# find all files (not directories) in the first level of the /etc directory
find /etc -type f -maxdepth 1
# find all /bin directories within 3 levels from the / directory
# then exec another find to search all those directories for files containing the word "group" or "user"
# in english, search for user or group commands
find / -maxdepth 3 -type d -name * bin -exec find {} -type f -name * group * -o -name * user * \;
lsof vs fuser
tl;dr: both are useful and do similar things, should learn fuser as it is found on more distros? (Source: reading a Stack Overflow thread at midnight. Will need to look more into this.)
lsof
From official manpage: “list open files” - (but when everything is a file…)
# list files open in a given directory
lsof /path/to/dir
# list processes that have a given file open
lsof /path/to/file
# list files that a given user has open
lsof -u user
# list files that a current process has open
lsof -p < PI D >
# list files (processes?) using a particular TCP port
lsof -i TCP:22
# list files (processes?) using a particular IP address
# unsure on this one, will have to test
lsof -i TCP@127.0.0.1
fuser
From official manpage: “identify processes using files or sockets”
# list processes using a file or dir
fuser /path/to/dir
# make it readable
fuser -v /path/to/dir
# kill process(es) holding open a file or dir
fuser -k /path/to/dir
# use -m flag for /dev folder instead of mountpoint, for external drives (-c for POSIX compliance)
fuser -m -v /dev/sda1
# list processes using a particular port
fuser -v -n tcp 3000