001 Nroot's Unix Notes 002 003 Unix is very complicated because it has lots of stuff written for it. Let's 004 start with the POSIX shell 005 006 POSIX shell 007 008 If statement 009 010 if test "$var" = "thing" 011 then 012 echo "True" 013 else 014 echo "False" 015 fi 016 017 018 test's = means test for string,use -eq for integers 019 020 Here are some test codes: 021 -] -d 022 023 Directory 024 025 -] -x 026 027 Executable 028 029 -] -w 030 031 Writable 032 033 -] -r 034 035 Readable 036 037 038 039 for x in args 040 do 041 echo "$x" 042 done 043 044 045 Functions are lit 046 047 foo() { 048 # $1 is first argument 049 local x=10 050 return $((1 + $x)) 051 } 052 foo 2 053 echo "got $?" 054 055 056 Psuedo variables 057 058 -] $* 059 060 All arguments 061 062 -] $# 063 064 Arguments count 065 066 -] $? 067 068 Return code 069 070 071 072 Variables can be defined 073 074 var=123 # no space 075 076 077 Subsitutions: 078 079 ${var:-"dft if not defined"} 080 ${var:="assign if not defined"} 081 $(command) 082 083 084 case "pat" in 085 ABC) 086 break 087 A|B|C) 088 break 089 esac 090 091 UNIX Commands 092 093 Display stuff from a file 094 095 cat file 096 -n linums 097 -s squeeze blanks 098 099 100 Change file group 101 102 chgrp group files 103 104 105 Change owenership of a file 106 107 chown own:group files 108 109 110 Change xwr 111 112 chmod a/o/g+xwr files 113 a is all 114 o is ownser 115 g is group 116 117 118 Cut fields from a file 119 120 cut -d'\t' -f2-3 file 121 122 # a b c d -> b c 123 124 125 Get date/time 126 127 date +"fmt.%D.%T" 128 129 130 Find File 131 132 find dlist -anewer -group -name -user 133 134 135 grep,find stuff in file 136 137 grep -iRn pat list 138 -n is number 139 140 141 First n lines of a file 142 143 head -n lines 144 145 146 Last n lines of a file 147 148 tail -n lines 149 150 151 Word count 152 153 wc -l #linecount/word count 154 155 156 Move files 157 158 mv -u old new 159 -u is update 160 161 162 Sort a file 163 164 165 sort file 166 -f ignore case 167 -r reverse 168 -key=2 #2nd field 169 170 171 C Print 172 173 printf "hello %d" 123 174 175 176 Charactor Translator 177 178 tr "in" "out" 179 echo "abc" | tr "abc" "ABC" #==ABC 180 -d deletes 181 -s squeezes 182 183 184 Unique lines from a file 185 186 uniq #unique lines from file 187 -c count 188 189 190 PF firewall 191 192 pass in on interface from {valid_ip1 valid_ip2}/all to any 193 194 195 You can make vairables 196 197 list = "{ 192.169.1.1 192.168.1.2}" 198 pass in on wlan1 from $list to any 199 pass out on wlan1 from $list to any 200 201 202 Turn off pf on interface 203 204 set skip on wlan1 205 206 Bastille for FreeBSD 207 208 UNDER CONSTRUCTION 209 210 Makeing a FreeBSD Service 211 212 213 #!/bin/sh 214 #PROVIDE SERVICE_NAME 215 #REQUIRE LOGIN 216 #KEYWORD shutdown 217 . /etc/rc.subr 218 name=aiwnios 219 rcvar=aiwnios_enable 220 load_rc_config $name 221 222 #:= will set the defautls,= is defacto 223 : ${aiwnios_enable="NO"} 224 : ${aiwnios_home_dir:="/usr/local/aiwnios"} 225 : ${aiwnios_user:=aiwnios} 226 : ${aiwnios_group:=wheel} 227 228 pidfile="/var/run/${name}.pid" 229 command="daemon" 230 run_rc_command "$1" 231 232 233 If you want to do a daemon 234 235 daemon -s info -p pidfile program args 236 237 238 You may want to make the lower ports avaible 239 240 sysctl net.inet.ip.portrange.reservedhigh=0 241 242 243 SSH hardening 244 245 First you need to send your key over. 246 247 ssh-copy-id user@server 248 249 250 Then in /etc/ssh/sshd_config put these lines to disallow passwords 251 252 KbdInteractiveAuthentication no 253 PasswordAuthentication no 254 255 256 FreeBSD User management 257 258 adduser 259 rmuser 260 chpass 261 passwd 262 263 264 Groups managment with pw 265 266 267 pw groupadd NEW_GROUP 268 pw groupshow GROUP 269 pw groupmod GROUP -m MEMBER 270 pw lock NO_LOGIN_ACCOUNT 271 272 273 FreeBSD fstab 274 275 276 #device /mount fstype opts 0 0 277 278 279 Pkg Fun Time 280 281 pkg prime-list #LIST MANUALLY INSTALLED PACKAGES 282 pkg clean 283 284 285 sysctl Fun Time 286 287 sysctl -a # view all 288 289 290 Crontab 291 # minute hour day mount week_day command 292 SHELL=/bin/tcsh 293 */11 * * * * backup \ 294 new_line 295 296 297 Crontab interface: 298 299 crontab -l 300 301 302 SSH 303 304 ssh-keygen -t rsa -b 4096 305 ssh-copy-id user@server 306 ssh -D 8080 tunnel@server.com #Make a tunnel 307 308 309 Disks 310 gpart create -s GPT da0 311 gpart add -t freebsd-ufs -a1M da0 312 gpart show da0 313 gpart recover da0 314 #Make a partition on the disk 315 newfs -U /dev/da0 316 #Delete third partion 317 gpart delete -i3 da0 318 gpart resize -i3 -s 128G -a 4k da0 319 #No Size on -s means use whole space 320 gpart resize -i3 -s -a 4k da0 321 growfs /dev/da0p3 322 323 324 TAR 325 tar cf TAR.TAR dir 326 tar xf TAR.TAR dir 327 328 329 ZFS 330 MAKE A POOL/xxx 331 zpool create NAME /dev/disk 332 MAKE A xxx/DATASET 333 zfs create NAME/DATASET 334 zfs destroy NAME/DATASET 335 zfs umount name 336 zpool destroy NAME 337 SERIALIZE POOL(for transfer) 338 zpool export POOL 339 zpool impport POOL 340 Snapshotrs 341 zfs snapshot POOL/DATAET@name 342 zfs rollback POOL/DATASET@snapname 343 344 345 Resource limits 346 347 kern.racct.enable=1 #in /boot/loadere.conf 348 sysrc rctl_enable="YES" 349 service rctl start 350 rctl -a user:clayton:memoryuse:deny=1g # Add rule 351 rctl -r . #Remove Rule 352 rctl -l pid:101 #List for dude 353 rctl #List all 354 355 -] RCTL syntax 356 357 WHO:WHO2:WHAT:ACTION=amount/percent 358 -] Who 359 360 process 361 user 362 jail 363 loginclass 364 365 -] WHAT 366 367 cputime(in seconds of /percent) 368 memoryuse 369 maxproc 370 openfiles 371 pseudoterminals 372 373 -] ACTION 374 375 376 deny 377 log 378