Friday, May 30, 2014

Linux: Compilation of 31 Bash tips and tricks - Part 2 (16-31)

The next part of tips.

These are picked from various sources and usually are helpful to me in my day to day work, so you do not have to read the man pages everytime. I do not remember all the sources, so I will quote the source wherever I remember. If you know the source, please let me know.

I know I have written it in a very clumsy way, without too much explaining of the underlying context and theory or any references. But I hope to make it beginner friendly.

Here we go:

16. [Bash usage tip/security]
Enable a 15 minute timeout for bash. Helps in security best practices.

Let's say you want to auto-logout of your bash shell after 15 minutes of inactivity. This is sometimes an important security requirement as well. You can set this code in the global /etc/profile or for specific user in ~/.bash_profile. This piece essentially creates a readonly environment variable when a user logs in

#Add this in /etc/profile, tested in SUSE
readonly TMOUT
export TMOUT

17. [Bash usage tip/security]
Disable command execution in Less.

Well if you don't know this, you can execute commands in less, vi etc
To disable this in less, you need to set an environment variable called LESSSECURE.


18. [Bash usage tip/security]
Executing bash commands in vi, less, and more:

in vi -> :!bash
in less -> !bash
in more -> !bash

19. [Bash usage tip/security]
Setting an environment variable as READONLY:

readonly TMOUT
export TMOUT

20. [Bash usage tip/security]
Disable bash builtins using enable. This might help if you are trying something like a restricted shell. I must warn you, its risky.

enable -n <builtin_name>

21. [Bash usage tip]
Useful commands in vi

:set list -special chars
:set nu -line numbers
:.! ls - Add a . before ! during command execution and it will dump the output in the current screen.
:r! <cmd> -same thing, dump the cmd output
:%!xxd - Turn vim into a hexeditor, :%xxd -r to reverse.
q: -command history
:%TOhtml -create an html file body

22. [Shell scripting tip]
Command execution in a subshell. Shell scripting tip.

$(command) is the same as `command`

$(ls) gives you the output of ls
so does `ls`.

23. [Bash usage tip]
env and export -p

Use the env (or export -p) command to see only those variables that have been exported and would be available to a subshell.

24. [Bash usage tip ]
set command:

Use the set command to see the value of all variables and function definitions in the current shell. The list produced by env is a subset of the list produced by set, since not all variables are exported.

25. [Shell scripting tip]
Looping over vars with spaces like "My Folder".

for file in "$@"
    chmod 0750 "$file"

26. [Shell scripting tip]
Difference between: "$*" and "$@".

for file in "$*" will expand to:
for file in "file1 file2 file3 My File.txt"

The above will not help if the filename has spaces, like My File.txt, bash would treat it as two files, My and File.txt, and thereafter producing an error like My not found.

for file in "$@"
will expand to:
for file in "file1" "file2" "file3" "My File.txt"

27. [Shell scripting tip]
Number of args can be accessed by ${#}. 

28. [Shell scripting tip]
 Quick sed handy examples, when I read those examples I recall the logic, otherwise the theory confuses me.

Replace password hash in shadow file, if you use -i it will replace in the original file, so be careful:

sed -e '/^user:/s/:[^:]*:/:newpassword:/' /etc/shadow

Change the param value to 3 in sshd_config file

sed -i "s/\(\#MaxAuthTries.*\)/MaxAuthTries 3/g" /etc/ssh/sshd_config

Replace all digits

sed -e 's/[[:digit:]]//g'

Replace all other than digits (Use ^ to negate)

sed -e 's/[^[:digit:]]//g'
Replace all alpha-numeric

sed -e 's/[[:alnum:]]//g'
Replace all other than alphanumeric (special chars)

sed -e 's/[^[:alnum:]]//g'
29. [Performance monitoring tip]
 Listing Apache httpd processes and threads.

List httpd processes:
ps -elf | grep httpd

List httpd worker threads:
ps -elfT | grep httpd

30. [Shell scripting tip]
Using readlink and dirname in shell scripts to get absolute path and directory name.

If you want to read the absolute path for a file use:
readlink -f
$ readlink -f ./file.txt would return

For only the directory:
dirname /etc/passwd returns /etc
31. [ Bash usage tip]
Use CTRL-R to go through the history of commands.

1. Ctrl-R and then type command, it gives the most recent one. Press Ctrl -R more times.
2. Exit anytime using Ctrl-C
3. Edit using arrow keys


  1. Stumbled on this by complete google fluke. nicely done, very useful and I now have it bookmarked on my desktop.