1、显示/boot/grub/grub.conf中以至少一个空白字符开头的行
[root@jizo ~]# grep -E '^[[:space:]]+.*' /boot/grub/gurb.conf
2、显示/etc/rc.d/rc.sysinit文件中以#开头,后面跟至少一个空白字符,而后又有至少一个非空白字符的行;
[root@jizo ~]# grep -E '^#[[:space:]]+[^[:space:]]+' /etc/rc.d/rc.sysinit
3、打出netstat-tan命令执行结果中以‘LISTEN’,后或跟空白字符结尾的行;
[root@jizo ~]# netstat -nat | grep -E '.*LISTEN[[:space:]]*' tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:631 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN
4、添加用户bash,testbash,basher,nologin(此一个用户的shell为/sbin/nologin),而后找出当前系统上其用户名和默认shell相同的用户的信息;
[root@jizo ~]# grep -E '^(.*)\>.*\1$' /etc/passwd sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt
5、显示当前系统上的root,fedora或user1用户的默认shell;
[root@jizo ~]# grep -e ^root -e ^fedora -e ^user1 /etc/passwd | cut -d':' -f1,7 root:/bin/bash
6、找出/etc/rc.d/init.d/functions文件中某单词后面跟一组小括号的行,形如:hello();
[root@jizo ~]# grep -E '\<[[:alpha:]]*\>\(\)' /etc/rc.d/init.d/functions
checkpid() {
daemon() {
killproc() {
pidfileofproc() {
pidofproc() {
status() {
success() {
failure() {
passed() {
warning() {
action() {
strstr() {
7、使用echo命令输出一个绝对路径,使用grep取出其基名;
[root@jizo yum.repos.d]# echo /etc/yum.repos.d/CentOS-Base.repo | grep -Eo '[^/]*/?$' CentOS-Base.repo [root@jizo yum.repos.d]# echo /etc/yum.repos.d/CentOS-Base.repo | grep -op '/.*/(?=.?\b)' grep: invalid option -- 'p' Usage: grep [OPTION]... PATTERN [FILE]... Try 'grep --help' for more information. [root@jizo yum.repos.d]# echo /etc/yum.repos.d/CentOS-Base.repo | grep -oP '/.*/(?=.?\b)' /etc/yum.repos.d/
8、找出ifconfig命令结果中的1-255之间数字;
[root@jizo ~]# ifconfig | grep -E '\<([0-9]|([0-9][0-9])|(1[0-9][0-9])|(2[1-4][0-9])|(25[1-5]))\>' inet 192.168.0.136 netmask 255.255.255.0 broadcast 192.168.0.255 inet6 fe80::20c:29ff:fe23:d007 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:23:d0:07 txqueuelen 1000 (Ethernet) RX packets 7650 bytes 701954 (685.5 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1547 bytes 184608 (180.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 4 bytes 340 (340.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4 bytes 340 (340.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 ether 00:00:00:00:00:00 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
9、挑战题:写一个模式,能匹配出所有的邮件地址;
[root@jizo ~]# grep -o '[[:alnum:]_.]*@[[:alnum:].]*'
10、挑战题:写一个模式,能匹配合理的ip地址;
[root@jizo ~]# ifconfig | grep -A 2 eth0 | grep -Eo '([0-9]{1,3}\.?){4}' | grep -v 255
11、查找/var目录下属主为root,且属组为mail的所有文件或目录;
[root@jizo ~]# find /var -user root -a -group mail /var/spool/mail /var/spool/mail/root
12、查找当前系统上没有属主或属组的文件;
[root@jizo ~]# find / -nouser -o -nogroup -type f find: ‘/proc/10683/task/10683/fd/6’: No such file or directory find: ‘/proc/10683/task/10683/fdinfo/6’: No such file or directory find: ‘/proc/10683/fd/6’: No such file or directory find: ‘/proc/10683/fdinfo/6’: No such file or directory find: ‘/run/user/1000/gvfs’: Permission denied
进一步:查找当前系统上没有属主或属组,且最近3天内曾被访问过的文件或目录;
[root@jizo ~]# find / -type f -a -atime -3 -a \( -nouser -o -nogroup \) find: ‘/proc/11258/task/11258/fdinfo/6’: No such file or directory find: ‘/proc/11258/fdinfo/6’: No such file or directory find: ‘/run/user/1000/gvfs’: Permission denied
13、查找/etc目录下所有用户都有写权限的文件;
[root@jizo ~]# find /etc -perm -222 /etc/mtab /etc/fonts/conf.d/65-0-lohit-assamese.conf /etc/fonts/conf.d/59-liberation-sans.conf /etc/fonts/conf.d/65-lklug.conf /etc/fonts/conf.d/10-scale-bitmap-fonts.conf /etc/fonts/conf.d/69-gnu-free-mono.conf /etc/fonts/conf.d/20-unhint-small-vera.conf /etc/fonts/conf.d/65-0-lohit-nepali.conf /etc/fonts/conf.d/65-0-lohit-kannada.conf /etc/fonts/conf.d/25-unhint-nonlatin.conf /etc/fonts/conf.d/65-0-nhn-nanum-gothic.conf /etc/fonts/conf.d/30-metric-aliases.conf /etc/fonts/conf.d/66-ucs-miscfixed.conf /etc/fonts/conf.d/30-urw-aliases.conf /etc/fonts/conf.d/65-0-jomolhari.conf /etc/fonts/conf.d/40-nonlatin.conf /etc/fonts/conf.d/65-sil-padauk.conf /etc/fonts/conf.d/45-latin.conf /etc/fonts/conf.d/69-gnu-free-serif.conf /etc/fonts/conf.d/49-sansserif.conf /etc/fonts/conf.d/50-user.conf /etc/fonts/conf.d/51-local.conf
14、查找/etc目录下大于1M,且类型为普通文件的所有文件;
[root@jizo ~]# find /etc -size +1M -a -type f | xargs ls -lh -rw-r--r--. 1 root root 1.4M Mar 5 2015 /etc/brltty/zh-tw.ctb -rw-r--r--. 1 root root 1.4M Nov 21 2015 /etc/gconf/schemas/ekiga.schemas -rw-r--r--. 1 root root 3.7M Nov 20 2015 /etc/selinux/targeted/policy/policy.29 -r--r--r--. 1 root root 6.7M Dec 26 01:21 /etc/udev/hwdb.bin
15、查找/etc/init.d/目录下,所有用户都有执行权限,且其他用户有写权限的文件;
[root@jizo ~]# touch /etc/init.d/test.txt | chmod 113 /etc/init.d/test.txt [root@jizo ~]# find /etc/init.d/ -perm -113 | xargs ls -lh ---x--x-wx. 1 root root 0 Jan 9 03:19 /etc/init.d/test.txt
16、查找/usr目录下不属于root、bin或hadoop的文件;
[root@jizo ~]# find /usr/ ! \( -user root -o -user bin -o -user hadoop \) -a -type f /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache
17、查找/etc/目录下至少有一类用户没有写权限的文件;
[root@jizo ~]# find /etc/ ! -perm -222 -a -type f
18、查找/etc目录下最近一周内其内容被修改过,且不属于root或hadoop的文件;
[root@jizo ~]# find /etc/ -mtime -7 -a ! \( -user root -o -user hadoop \) -a -type f
原创文章,作者:jindizang,如若转载,请注明出处:http://www.178linux.com/66169
评论列表(1条)
写的很好,排版也很漂亮,但是你的ip地址匹配的挑战题是不是可以匹配到999.999.999.999那?