N25 Week 5 blog

1. 显示当前系统上root, fedora或user1用户的默认shell

[root@dhcp-10-129-6-166 ~]# grep -E "root|fedora|user1" /etc/passwd | grep -o "[^:]*$"
/bin/bash
/sbin/nologin
/bin/bash
/sbin/nologin
[root@dhcp-10-129-6-166 ~]#
2. 找出/etc/rc.d/init.d/functions文件中某单词后面跟一组小括号的行，刑如: hello();
[root@dhcp-10-129-6-166 ~]# grep -E "\<[[:alpha:]]+\(\)" /etc/rc.d/init.d/functions
checkpid() {
daemon() {
killproc() {
pidfileofproc() {
pidofproc() {
status() {
success() {
failure() {
passed() {
warning() {
action() {
strstr() {
[root@dhcp-10-129-6-166 ~]#

3. 使用echo命令输出一个绝对路径，使用grep取出其基名

[root@dhcp-10-129-6-166 ~]# echo "/etc/rc.d/init.d/functions" | grep "[^/]*$"
/etc/rc.d/init.d/functions
[root@dhcp-10-129-6-166 ~]#

扩展:取出其路径名

[root@dhcp-10-129-6-166 ~]# echo "/etc/rc.d/init.d/functions" | grep -o "^/.*/"
/etc/rc.d/init.d/
[root@dhcp-10-129-6-166 ~]#

4. 找出ifconfig命令结果中的1-225的数字

[root@dhcp-10-129-6-166 ~]# ifconfig | grep -E "\<([0-9]|[1-9][0-9]|2[0-4][0-9]|25[0-5])\>"
inet 10.129.6.166 netmask 255.255.255.0 broadcast 10.129.6.255
inet6 fe80::20c:29ff:fe02:650b prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:02:65:0b txqueuelen 1000 (Ethernet)
RX packets 5819710 bytes 437764632 (417.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 127834 bytes 18650407 (17.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 4 bytes 234 (234.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 234 (234.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@dhcp-10-129-6-166 ~]#

5. 挑战题：写一个模式，能匹配出合理的IP地址

[root@dhcp-10-129-6-166 ~]# ifconfig | grep -E -o "\<([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-1][0-9]|22[0-3])\.(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){2}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-4])"
10.129.6.166
10.129.6.25
127.0.0.1
[root@dhcp-10-129-6-166 ~]#

6. 挑战题： 写一个模式，能匹配出所有的邮件地址

[root@dhcp-10-129-6-166 ~]# grep -E "\<([[:alnum:]]+[._]*[[:alnum:]]*)+@([[:alnum:]]+\.[[:alpha:]]+)*\>" mailaddress
abc@outlook.com
abc@outlook.com.cn
abc@outlook.net
abc.a@outllo.com
abc_b@outlook.com
1abc@outlook.com
abc$a@outloo.com
abc@outlook.cn.com
1abc$edf@outlook.com.cn
luo@t.tt
Dear Sender, Thanks for your massage. I am on my annual leave from 31Dec2016 - 02Jan2017 and limit to access email. Any urgent, please drop email to magedu@magedu.com.
Or XiaoS@magedu.com BigS@magedu.com N25@magedu.com.
abc@outlook.com:bcd@outlook.com:cde@outlook.com
[root@dhcp-10-129-6-166 ~]#

7. 查找/var目录下属主为root, 且属组为mail的所有文件或目录

[root@dhcp-10-129-6-166 ~]# find /var -user root -group mail -ls
67150324 4 drwxrwxr-x 2 root mail 4096 12月 27 14:13 /var/spool/mail
67972298 4 -rw------- 1 root mail 756 12月 22 09:46 /var/spool/mail/root
[root@dhcp-10-129-6-166 ~]#

8. 查找当前系统没有属主或属组的文件

[root@dhcp-10-129-6-166 ~]# find /home -nouser -nogroup -ls
624058 4 drwx------ 2 2013 2013 4096 12月 27 14:24 /home/user8
624059 4 -rw-r--r-- 1 2013 2013 18 11月 20 2015 /home/user8/.bash_logout
624060 4 -rw-r--r-- 1 2013 2013 193 11月 20 2015 /home/user8/.bash_profile
624061 4 -rw-r--r-- 1 2013 2013 231 11月 20 2015 /home/user8/.bashrc
624062 0 -rw-rw-r-- 1 2013 2013 0 12月 27 14:24 /home/user8/file1
624063 0 -rw-rw-r-- 1 2013 2013 0 12月 27 14:24 /home/user8/file2
570464 0 -rw-rw-r-- 1 2013 2013 0 12月 27 14:24 /home/user8/file3
570465 4 -rw------- 1 2013 2013 26 12月 27 14:24 /home/user8/.bash_history
[root@dhcp-10-129-6-166 ~]#

进一步： 查找当前系统上没有属主或属组，且最近3天内曾被访问过的文件或目录

[root@dhcp-10-129-6-166 ~]# find /home -nouser -nogroup -atime -3 -ls
624058 4 drwx------ 2 2013 2013 4096 Dec 27 14:24 /home/user8
624059 4 -rw-r--r-- 1 2013 2013 18 Nov 20 2015 /home/user8/.bash_logout
624060 4 -rw-r--r-- 1 2013 2013 193 Nov 20 2015 /home/user8/.bash_profile
624061 4 -rw-r--r-- 1 2013 2013 231 Nov 20 2015 /home/user8/.bashrc
624062 0 -rw-rw-r-- 1 2013 2013 0 Dec 27 14:24 /home/user8/file1
624063 0 -rw-rw-r-- 1 2013 2013 0 Dec 27 14:24 /home/user8/file2
570464 0 -rw-rw-r-- 1 2013 2013 0 Dec 27 14:24 /home/user8/file3
570465 4 -rw------- 1 2013 2013 26 Dec 27 14:24 /home/user8/.bash_history

9. 查找/etc/目录下所有用户都有写权限的文件

[root@dhcp-10-129-6-166 ~]# find /etc -perm /222 | wc -l
1078
[root@dhcp-10-129-6-166 ~]#

10. 查找/etc/目录下大于1M, 且类型为普通用户的所有文件

[root@dhcp-10-129-6-166 ~]# find /etc/ -size +2M -type f -ls
34318041 6824 -r--r--r-- 1 root root 6984832 Dec 1 22:09 /etc/udev/hwdb.bin
67884867 3772 -rw-r--r-- 1 root root 3858924 Nov 21 2015 /etc/selinux/targeted/policy/policy.29

11. 查找/etc/init.d/目录下，所有用户都有执行权限，且其他用户有写权限的文件

12. 查找/usr/目录下不属于root,bin,或hadoop的文件

13. 查找/etc/目录下至少有一类用户没有写权限的文件

14. 查找/etc/目录下最近一周内其内容没有被修改过，且不属于root或hadoop的文件