≡ Menu

shell

If you would like to copy a set of files for all existing users, use the following scripting trick. It will save lots of manual work.
[click to continue…]

Now rssh is installed. Next logical step is configure user to use rssh. All you have to do is set a user account shell to /usr/bin/rssh. The following examples adds user didi to system with /usr/bin/rssh.

Create a new user with /usr/bin/rssh

Login as the root user

Type the following command to create a new user called didi:
# useradd -m -d /home/didi -s /usr/bin/rssh didi
# passwd didi

Change existing user shell to /usr/bin/rssh

Use chsh command or usermod command to change user login shell:
# usermod -s /usr/bin/rssh old-user-name
# usermod -s /usr/bin/rssh vivek
# chsh -s /usr/bin/rssh vivek

Try login via ssh or sftp

Now try login via ssh or sftp using username didi:
$ sftp didi@my.backup.server.com
OR
$ ssh didi@my.backup.server.com
Output:

didi@my.backup.server.com's password: TYPE-THE-PASSWORD
Linux my.backup.server.com 2.6.22-14-generic #1 SMP Tue Dec 18 08:02:57 UTC 2007 i686
Last login: Thu Dec 27 16:35:04 2007 from localhost
This account is restricted by rssh.
This user is locked out.
If you believe this is in error, please contact your system administrator.
Connection to my.backup.server.com closed.

By default rssh configuration locks down everything including any sort of access.

Grant access to sftp and scp for all users

The default action for rssh to lock down everything. To grant access to scp or sftp open /etc/rssh.conf file:
# vi /etc/rssh.conf
Append or uncomment following two lines
allowscp
allowsftp

Save and close the file. rssh reads configuration file on fly (there is no rssh service exists). Now user should able to run scp and sftp commands, but no shell access is granted:
$ scp /path/to/file didi@my.backup.server.com:/.
OR
$ sftp didi@my.backup.server.com:/.
Output:

Connecting to lmy.backup.server.com...
didi@my.backup.server.com's password:
sftp> pwd
Remote working directory: /home/didi
sftp>

Understanding command configuration options

You need to add following keywords / directives to allow or disallow scp / sftp and other commands:

  • allowscp : Tells the shell that scp is allowed.
  • allowsftp : Tells the shell that sftp is allowed.
  • allowcvs : Tells the shell that cvs is allowed.
  • allowrdist : Tells the shell that rdist is allowed.
  • allowrsync : Tells the shell that rsync is allowed.

Tip: Create a group for rssh users, and limit executable access to the binaries to users in that group to improve security. Please use standard file permissions carefully and appropriately.

Bash can auto complete your filenames and command name. It can also auto complete lots of other stuff such as:
=> Usernames

=> Hostname

=> Variable names

=> Fine tuning files and names with ESC keys

Match variable

If the text begins with $, bash will look for a variable. For example, open terminal and type echo $T and press TAB key, shell will complete that to echo $TERM:
echo $T {hit-tab-key}

Match Username

If the test begins with ~ (tilde), bash will look for a user name. For example, open terminal and type cat ~g and press TAB key, shell will complete that to cat ~guess/file.txt:
cat ~g {hit-tab-key}

Match hostname

If the test begins with @, bash will look for a host name. For example, open terminal and type scp file.txt tom@o and press TAB key, shell will complete that to scp file.txt tom@oldbox:
scp file.txt tom@o {hit-tab-key}
Please note that you need proper host resoultion configured to work with this hack via NIS or hosts file. Also after shell completes the command name / username or filename hit the [ENTER] key.

Fine tunning Shell Completing stuff with ESC key

Bash allows you to fine tune file completion using ESC key combinations. People get amazed when I use ESC combination in front of them. For example, to inserts all possible completions into your command use ESC+*. Let us see how to backup all /etc/*.conf files, type the command:
tar -zcvf /dev/rt0 /etc/*.conf {hit ESC followed by *}
As soon as you hit Esc+*, shell replaces the /etc/*.conf part with names of all matching wild card patterns
tar -zcvf /dev/rt0 /etc/aatv.conf /etc/adduser.conf /etc/apg.conf /etc/brltty.conf /etc/ca-certificates.conf /etc/cvs-cron.conf /etc/cvs-pserver.conf /etc/debconf.conf ....

To displays all possible completions of command or filenames or username type ESC+?, to display all username start with the word le, type
cat ~le {hit ESC followed by ?}

complete command

There is also in built command called complete. It is used to specify how arguments are to be completed for a command. For example, when you type passwd (or any other user admin command such as su / usermod etc) and hit tab key, bash will show you a list of all available users i.e. all user admin related commands will see only user names:
complete -u su usermod userdel passwd chage write chfn groups slay w
Now type passwd and hit tab key to see all username:
passwd {hit tab key}
Output:

avahi          bin            dhcp           gdm            haldaemon      klog           mail           news           root           sys            uucp
avahi-autoipd  cupsys         dnsmasq        gnats          hplip          list           man            nobody         sshd           syslog         vivek
backup         daemon         games          guest          irc            lp             messagebus     proxy          sync           telnetd        www-data
vivek@vivek-desktop:/tmp$ passwd 

Cool, huh? There is a nice file included with almost all distro to complete lots of stuff using complete command. Just add following line to your bash startup file:
source /etc/bash_completion

Further reading:

VIM is my preferred text editor for configuring system and writing code at a shell prompt. However, many new Linux user finds it difficult to cope with vim or vi. This tutorial provides a good introduction:
[click to continue…]

Here is a quick tip, if you wish to perform an unattended download of large files such as a Linux DVD ISO image file use the wget command.
[click to continue…]

This is a classic problem. One of our FAQ is about cron job. I received lots of email with a question:

How do I run my script on 3rd Monday or 4th Friday only?

Cron does not offer this kind of facility i.e. you cannot run a script on the Nth weekday of the month.

However with one shell liner you can force to run a script on a given day:

Consider following date command, it will print day:
$ date +%a
Output:

Thu

You can compare output with weekday name using bash test [exrp ] syntax and the control operators && (AND list), you can write:
$ [ $(date '+%a') == 'Thu' ] && echo 'Today is Thu, run a command' || echo 'Noop'

First echo command get exectued only on Thursday. Now all you have to do is write a cron job to execute on first Monday:
# crontab -e
Now append code as follows:
# Run a script called myscript.sh on First Monday at 11:30:
30 11 1-7 * Mon [ "$(date '+%a')" == "Mon" ] && /path/to/myscript.sh

Hope this small tip will save your day. Please do share some of your favorite bash / shell scripting hacks in the comments. I will highlight some of the best in next shell scripting post.

See also:

FreeBSD Reset or Recover Root Password

With FreeBSD version 5.4 and above the booting procedure is slightly changed. The older version of FreeBSD uses the boot -s option at Ok prompt. However, with FreeBSD version FreeBSD 5.4+ you don't have to type any commands. Here is the procedure to boot FreeBSD into a single user mode to reset root password.
[click to continue…]