1、显示/boot/grub/grub.conf中以至少一个空白字符开头的行;
[root@localhost grub]# grep "^[[:space:]]\+" /boot/grub/grub.conf
2、显示/etc/rc.d/rc.sysinit文件中以#开头,后面跟至少一个空白字符,而后又有至少一个非空白字符的行;
[root@localhost ~]# grep "^#[[:space:]]\{1,\}[^[:space:]]\+" /etc/rc.d/rc.sysinit
3、打出netstat -tan命令执行结果中以‘LISTEN’,后或跟空白字符结尾的行;
[root@localhost ~]# netstat -tan | grep "LISTEN[[:space:]]*$"
4、添加用户bash, testbash, basher, nologin (此一个用户的shell为/sbin/nologin),而后找出当前系统上其用户名和默认shell相同的用户的信息;
[root@localhost ~]# useradd bash [root@localhost ~]# useradd testbash [root@localhost ~]# useradd basher [root@localhost ~]# useradd -s /sbin/nologin nologin [root@localhost ~]# grep -E "^([^:]+\>).*\1$" /etc/passwd sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt bash:x:1000:1000::/home/bash:/bin/bash nologin:x:1003:1003::/home/nologin:/sbin/nologin
5、显示当前系统上root、fedora或user1用户的默认shell;
[root@localhost scripts]# grep "^\(root\|user1\|fedora\)\>" /etc/passwd | cut -d: -f7 /bin/bash /bin/bash /bin/bash
6、找出/etc/rc.d/init.d/functions文件中某单词后面跟一组小括号的行,形如:hello();
[root@localhost ~]# grep -E ".*\>\(\)" /etc/init.d/functions
checkpid() {
__pids_var_run() {
__pids_pidof() {
daemon() {
killproc() {
pidfileofproc() {
pidofproc() {
status() {
echo_success() {
echo_failure() {
echo_passed() {
echo_warning() {
update_boot_stage() {
success() {
failure() {
passed() {
warning() {
action() {
strstr() {
is_ignored_file() {
is_true() {
is_false() {
apply_sysctl() {
7、使用echo命令输出一个绝对路径,使用grep取出其基名;
扩展:取出其路径名
[root@localhost ~]# echo /etc/var/log | grep -E -o "[^/]+$" log
8、找出ifconfig命令结果中的1-255之间数字;
两种方法实现:
方法一
[root@localhost ~]# ifconfig | grep -E "\<([0-9]|[1-9][0-9]|2[0-4][0-9]|25[0-5])\>" inet 192.168.1.102 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::20c:29ff:fe87:765b prefixlen 64 scopeid 0x20<link> ether 00:0c:29:87:76:5b txqueuelen 1000 (Ethernet) RX packets 3733 bytes 369553 (360.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2311 bytes 448673 (438.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
方法二:
[root@localhost ~]# ifconfig | grep -E "\<[0-9]\>|\<[1-9][0-9]\>|\<[1-2][0-5][0-5]\>" inet 192.168.1.102 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::20c:29ff:fe87:765b prefixlen 64 scopeid 0x20<link> ether 00:0c:29:87:76:5b txqueuelen 1000 (Ethernet) RX packets 3458 bytes 343067 (335.0 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2110 bytes 422465 (412.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
9、挑战题:写一个模式,能匹配合理的IP地址;
例如匹配192.168.1.105
\<[1-9]\{3\}\.[1-9]\{3\}\.[1-9]\.1[0-9]\{2\}\>
10、挑战题:写一个模式,能匹配出所有的邮件地址;
"[[:alnum:]_-]\+@[[:alnum:]]\+\.[[:alpha:]]\+$"
11、查找/var目录下属主为root,且属组为mail的所有文件或目录;
[root@localhost ~]# find /var -user root -a -group mail -ls 67150904 0 drwxrwxr-x 2 root mail 59 Sep 11 08:09 /var/spool/mail
12、查找当前系统上没有属主或属组的文件;
[root@localhost ~]# find / -nouser -a -nogroup -ls 135 0 drwx------ 2 1004 1004 59 Sep 11 09:03 /home/user23 136 4 -rw-r--r-- 1 1004 1004 18 Nov 20 2015 /home/user23/.bash_logout 137 4 -rw-r--r-- 1 1004 1004 193 Nov 20 2015 /home/user23/.bash_profile 138 4 -rw-r--r-- 1 1004 1004 231 Nov 20 2015 /home/user23/.bashrc find: ‘/proc/2667/task/2667/fd/6’: No such file or directory find: ‘/proc/2667/task/2667/fdinfo/6’: No such file or directory find: ‘/proc/2667/fd/6’: No such file or directory find: ‘/proc/2667/fdinfo/6’: No such file or directory
进一步:查找当前系统上没有属主或属组,且最近3天内曾被访问过的文件或目录;
[root@localhost ~]# find / -nouser -a -nogroup -a -atime -3 -ls 135 0 drwx------ 2 1004 1004 59 Sep 11 09:03 /home/user23 136 4 -rw-r--r-- 1 1004 1004 18 Nov 20 2015 /home/user23/.bash_logout 137 4 -rw-r--r-- 1 1004 1004 193 Nov 20 2015 /home/user23/.bash_profile 138 4 -rw-r--r-- 1 1004 1004 231 Nov 20 2015 /home/user23/.bashrc find: ‘/proc/2669/task/2669/fd/6’: No such file or directory find: ‘/proc/2669/task/2669/fdinfo/6’: No such file or directory find: ‘/proc/2669/fd/6’: No such file or directory find: ‘/proc/2669/fdinfo/6’: No such file or directory
13、查找/etc目录下所有用户都有写权限的文件;
[root@localhost ~]# find /etc -perm -222 -ls
14、查找/etc目录下大于1M,且类型为普通文件的所有文件;
[root@localhost ~]# find /etc -type f -a -size +1M -exec ls -lh {} \;
-r--r--r--. 1 root root 6.7M Aug 30 11:12 /etc/udev/hwdb.bin
-rw-r--r--. 1 root root 3.7M Nov 21 2015 /etc/selinux/targeted/policy/policy.29
15、查找/etc/init.d/目录下,所有用户都有执行权限,且其它用户有写权限的文件;
[root@localhost ~]# find /etc -perm -113 -ls
16、查找/usr目录下不属于root、bin或hadoop的文件;
[root@localhost ~]# find /usr -not \( -user root -a -user bin -user hadoop \) -ls
17、查找/etc/目录下至少有一类用户没有写权限的文件;
[root@localhost scripts]# find /etc -not -perm -222 -ls
18、查找/etc目录下最近一周内其内容被修改过,且不属于root或hadoop的文件;
[root@localhost scripts]# find /etc/ -mtime -7 -a -not \( -user root -a -user hadoop \) -exec ls -l {} \;
原创文章,作者:mxb93,如若转载,请注明出处:http://www.178linux.com/45577
评论列表(1条)
ip地址匹配不对,没有好好听咱们的周日的分享吧,老师讲过的