Collected Unix Information

This page collects useful information for unix systems and related tools. They are not ordered in any way nor do they cover any specific area, it's simply a collection of things I discovered and wrote down.

Unix-System-Tools

chmod

Use -R for recursive
Change mode symbol form: symbolic := [who] op perm [op perm] ["," symbolic]

who: u user, g group, o other, a all (default)
op: + add, - remove, = set
perm: r read, w write, x execute, X exec for folders or when at least one other x bit is set
perm: s setuid/setgid (sets uid/gid before executing files, directories inherit user/grp to subfiles)
perm: t sticky (files within sticky folders can only be deleted or moved by owner)

Change mode octal form: octal := code (simply add the values below)

4000 setuid, 2000 setgid, 1000 sticky bit
4 read, 2 write, 1 exec multiplied by...
100 for the user
10 for the group
1 all

How to change recursivly and only apply it to folders? find -type d -print0 | xargs -0 chmod ...

ACLs (from arstech, ACLs on Tiger)

Enter access control lists. An ACL is an ordered list of rules that control file permissions. Each rule specifies three things: an actor, an action, and whether that action is allowed or denied. A rule is also known as an ACE, or access control entry.

To determine whether or not to allow an action, the rules are considered in order. The first rule that is applicable to the current actor and action determines the decision, and no further rules are considered. If none of the rules apply, then the decision is determined by the traditional Unix file permissions.

...

ACLs support "static inheritance." This means that the initial ACL for a newly created file may be determined by the ACLs of one or more of the parent directories. This inheritance happens once, at the time the new file is created. If the ACLs of the parents change in the future, the children won't inherit those changes.

Control key mappings

use escape as prefix to simulate meta-keys

a beginning of line
l Clear screen
e Ende
f forward one char (meta-f one word)
b backward one char (meta-b one word)
p previous history entry
n next history entry
r Reverse search history
s search history (forward) (may not work, because ctrl-s is stop)
o Accept current line and fetch next from history
d Type delete character
q type quoted (for inserting control commands)
v "
t Transpose last two chars (meta-t for two words)
k Kill rest of line
u kill beginning of line, save in kill-ring
w kill last word, save to kill-ring
y yank top of kill-ring
x show completion (/ for files, ~ for usernames, $ for variables, @ for hostnames, ! for commands) or create macros ( "(" to start, ")" to end, e to call)
g Abort and ring bell
_ undo
x ctrl-

m-. yank last argument

Unix-Apps

PINE

Reply-To aendern: Setup:Config:customized-hdrs: "Return-Receipt-To:"
Mehr Befehle: [X] enable-aggregate-command-set
Bounce anschalten: [X] enable-bounce-cmd

VI(m)

Syntax-Highlighting :syntax on
set tab width :set ts=x
:set fileformat=dos|unix|mac
:set noai to turn off auto-indention
Search and replace :.,+4s/^/#/ search from here (.) + 4 more lines. exchange beginning of line (^, use $ for end) with #

Bash (Bourne Again Shell)

Parameter des letzten Kommandos wiederverwenden: $_ At shell startup, set to the absolute file name of the shell or shell script being executed as passed in the argument list. Subsequently, expands to the last argument to the previous command, after expan- sion. Also set to the full file name of each com- mand executed and placed in the environment exported to that command. When checking mail, this parameter holds the name of the mail file currently being checked.

recode (converts character sets in text files)

e.g. recode applemac..latin1

CVS

german howto, written by a friend: pint.pmhahn.de/mindandmagic/main/se98/howtos/howto-cvs.html

Additional hints and tips

checkin and -out are done with the permissions of the user starting the transaction
this means, he has to have all the priviligies to perform this action, e.g. run scripts and so on

Other sites

durak.org/cvswebsites/doc/cvs.php

administrative files

The folder CVSROOT contains several files which control CVS:

.#	backups of previous administrative files, created after checkin
checkoutlist	contains list of files which are automatically checked out when checked into CVSROOT
commitinfo	scripts to be performed before check in
config	misc cvs configuration (nothing useful)
cvswrappers	defines which files have to be checked in as binary
editinfo	obsolete
history	holds history of operations, needs to be writeable by everyone, if deleted is not created again
loginfo	scripts to be performed after check in (can access log messages)
modules	holds list of additional "virtual" modules which alias to other modules or contain them
notify	scripts to run for watches and edits
rcsinfo	defines the template files for log messages
taginfo	scripts to run, when tags are applied
updatelog	not part of original CVS distribution, usually holds checkout information from scripts (see below)
val-tags
verifymsg	evaluate log messages

automatic checkout of (sub)trees after check in

The loginfo file usually contains a commented script which can be used for automatic checkouts

 ALL (date; cat; (sleep 2; cd /var/cvs_checkout; umask g+w; cvs -q update -d) &) >> $CVSROOT/CVSROOT/updatelog 2>&1

This line checks out all modules to /var/cvs_checkout and appends all information written during checkout to updatelog. The umask g+w was added by myself to circumvent group permission problems. If the default umask doesn't include write abilities for group members then other group members can't successfully check out files. The changed umask circumvents this.

set permissions on checked out files

This hint is taken from cvsbook.red-bean.com - I wasn't able to reproduce this yet.

Usually the files are checked out with the permissions of the user doing the check out. At least the executable bit can be modified. Simply go to the repository and set the x bit on the ,v -files and when they are checked out the x bit should be set.

allow people to check out modules for which they only have read access

because checkout creates a lock file this may file with people only having read access
to circumvent this add the LockDir=path line to the config within CVSROOT
the path should be world-writeable and holds the lock-files for cvs

Finer grained group control

If a repository module is shared between several users the problem arises that files created by one user may not be changeable by another because the default group of the first user does not include the second user.

Solution: Set folder g+s (setgid-bit) which "inherits" the group id to subitems when they are created. Every file or directory created has the same group as the parent folder.

Web-Tools

curl (useful to post http-post-data) apt-get install curl-ssl libcurl2-ssl

 -d/--data <data>   HTTP POST data (H)
    --data-ascii <data>   HTTP POST ASCII data (H)
    --data-binary <data>  HTTP POST binary data (H)
...
 -2/--sslv2         Force usage of SSLv2 (H)
 -3/--sslv3         Force usage of SSLv3 (H)

HTPASSWD mit Apache and htdatabase

/usr/local/apache/conf/htpasswd: Benutername:CryptedPasswd:Gruppe1,Gruppe2,...
Zum crypten: www.lahn.de/~titan/html/passwd oder htpasswd
Danach mit /usr/local/apache/bin/dbmmanage htdatabase import < htpasswd die Datenbankdateien htdatabase.{dir,pag} aktualisieren.

WGET (recursive http-get)

  -b,  --background        go to background after startup.
  -o,  --output-file=FILE     log messages to FILE.
  -i,  --input-file=FILE      read URL-s from file.
  -nd  --no-directories            don't create directories.
  -x,  --force-directories         force creation of directories.
  -nH, --no-host-directories       don't create host directories.
       --http-user=USER      set http user to USER.
       --http-passwd=PASS    set http password to PASS.
  -U,  --user-agent=AGENT    identify as AGENT instead of Wget/VERSION.
  -r,  --recursive             recursive web-suck -- use with care!.
  -l,  --level=NUMBER          maximum recursion depth (0 to unlimit).
  -k,  --convert-links         convert non-relative links to relative.
  -L,  --relative                   follow relative links only.
  -H,  --span-hosts                 go to foreign hosts when recursive.
  -np, --no-parent                  don't ascend to the parent directory.

PHP sicher machen

register_globals = off
allow_url_fopen = off
safe_mode = on
open_basedir = /var/www
display_errors = off

SSH

private and public key generation

TODO

ssh instead of telnet

client fuer "classic" mac www.macssh.com/ or www.lysator.liu.se/~jonasw/freeware/niftyssh/
windows: teraterm ssh or PuTTY
Mac OS X: Either included Terminal.app or iTerm (http://iterm.sf.net) and openSSH.

port-tunneling via SSH

option -L<remoteport>:<remotemachine>:<localport>
use -X for X11 tunneling
for FTP: use passive mode, tunnel port 20 and 21 or use scp/sftp

Debian

The basic tools for installing packages

apt-get to get and/or install a package.
dselect menu driven installation of packages
grep-available und grep-status Info on packages
dpkg --get-selections list of installed packages
dpkg -S <file> show package to which file belongs
dpkg -L show files of a package
apt-file (optional) search for files in uninstalled packages
dpkg-reconfigure
dlocate to view debian package information
apt-cache full text search within packages

How to install a newer jdk on woody (or newer distributions)

install coreutils or - if woody - stat
download packages.qa.debian.org/j/java-package.html and install via dpkg -i
download latest binary self extracting distribution for linux from suns website
run (as normal user) fakeroot make-jpkg downloadedFile
a debian package is build, which can be installed by root using dpkg -i
the new java binaries (if java 1.5) are located in /usr/lib/j2sdk1.5-sun/bin/

Linux

Make root-prompt red:

NEUTRAL="\[\033[0m\]" # Neutral
LRED="\[\033[1;31m\]" # Light Red
export PS1="$NEUTRAL$LRED\u@\h:\w\$$NEUTRAL "

show open files of a certain process: lsof -p <pid>

How to enable powersaving for displays (within XFree)

add in "ServerFlags" Section

    Option      "BlankTime"     "10"    # 10 minutes
    Option      "StandbyTime"   "0"
    Option      "SuspendTime"   "30"
    Option      "OffTime"       "0"

How to enable powersaving for harddrives

insert in /etc/fstab ...,noatime
install package noflushd

How to recover a lost partition (useful for fat-partition as well) (text shamelessly taken from somewhere else)

As far as I now know, there are four utilities that attempt to assist in recovering a lost partition table, or a partition that was deleted by mistake.

findsuper is a small utility that finds blocks with the ext2 superblock signature, and prints out location and some info. It is in the non-installed part of the e2progs distribution.
rescuept is a utility that recognizes ext2 superblocks, FAT partitions, swap partitions, and extended partition tables; it may also recognize BSD disklabels and Unixware 7 partitions. It prints out information that is suitable as input to sfdisk to reconstruct the partition table. It is in the non-installed part of the util-linux distribution.
fixdisktable ( bmrc.berkeley.edu/people/chaffee/fat32.html ) is a utility that handles ext2, FAT, NTFS, ufs, BSD disklabels (but not yet old Linux swap partitions); it actually will rewrite the partition table, if you give it permission.
gpart ( home.pages.de/~michab/gpart/ ) is a utility that handles ext2, FAT, Linux swap, HPFS, NTFS, FreeBSD and Solaris/x86 disklabels, minix, reiser fs; it prints a proposed contents for the primary partition table, and is well-documented. www.stud.uni-hannover.de/user/76201/gpart/

Rescue-Disk/CD muesste das drauf sein: www.tux.org/pub/people/kent-robotti/looplinux/rip/
Might be useful www.toms.net/rb/ (see Links)
www.linuxdoc.org/HOWTO/mini/Partition-Rescue.html