When I was learning Unix in the early nineties I struggled to understand and remember the syntax of commandline tools. To help myself learn, each time I discovered a new command, I’d record each new success so I had a known good starting point for the next time.
Initially I kept these notes in ~/etc/ so they were easy to grep.
Later they moved to a wiki page where they continued to flourish, and then finally to my
WordPress site where they languished … until (hopefully) now!
Over the years I've kept the habit because it continues to be useful.
101 Recently Updated Gists
How to pretty print Javascript objects.
Print out a one line list of all the groups that the user adam belongs to via direct query to each of the servers ldap{0,1,2}.
Bind anonymously and search the LDAP tree, starting at
ou=people for a cn which matches the expression adam*. On a match print the uid, cn and givenname.Same as above only bind as
uid=adam and prompt for the password (-w <password> to specify on the command line)Connect to a mail server on port 587 (submission) which requires STARTTLS to issue any further commands.
Connect to a mail server on port 465 (SMTPS) which requires SSL before it will talk to you at all.
sets up stunnel to map ssl traffic coming into 995 to the local pop port unencrypted.
Verbose output including disks, serial numbers, cpu’s etc.
Finds SUID/GUID files
List all APFS snapshots on local disk; delete a snapshot to free up space and mount a snapshot to recover files.
Generate a list of all 1Password groups and the vaults which they are mapped to.
Details of disks and volumes including failed disks, rebuiding disks and hot spares.
How to break out parts of an absolute file path in Bash.
Set awk field delimiter to use a character class (be either <space> or <period>).
Shows detailed snapshot of utilization between the time you ran the
statit -b (begin) and statit -e (end) commands (only available in priv set advanced).How to only grep stderr without redirecting all of stderr to stdout. Can use “| tee 2> >(grep …)” on a command which doesn’t support redirection.
Search the entire drive for files called
core or dead.letter which are older then 7 days and delete them.Download a web page to stdout, number all the spans with a class of
time-text and pull out the text within the span’s with a class of time-textUse the Bash builtin
time to see how long a process takes to run. Output is formatted with the TIMEFORMAT variable (3 decimal places, long format, Elapse time). Details here.Create thumbnail page with four images per column, omitting image count in caption, using captions and creating “web sized” images for display in slide page.
finds/fixes errors in
/etc/passwd and /etc/shadowPrints hardware info
remove control characters from man output
views a man page without man command
Displays a macOS notification (can change it to an alert by setting the type of alert for
Script Editor in System Preferences > Notifications.Disable X11 starting on boot with GDM3 / systemd. Use
get-default to read current setting. To restore X11 use graphical.target.Resends mail.
Print headers and contents of whoami.spack.org to standard out, but follow and show any redirects.
Flush DNS cache on Catalina.
My X console
Grep my IkiWiki blog for any line beginning with
[[!tag and strip off the formatting and print out one tag per line.(panther) Revert focus follow mouse back to normal off setting by deleting the change.
LILO: To get to root without the root password
View Caprover logs
Download the file and keep the file if the transfer gets interrupted allowing it to be resumed where it left off.
The
-t 10 is just in case a user is actually logged in to the test system, not that 10 seconds gives them much time to do anything but freak out. The -c is just so they ask me what an “id10t system error” is.Will delete all packages which have only been partially removed (eg. removed but not purged). Replace
purge with search to get a list of partially removed packages./etc/apt/apt.conf line for apt through a proxy.Load a CSV into an in memory SQLite database and then do a SQL query on the data (details).
Broadcast a DHCP client request with the client ID of "heyzeus" and see all responses.
Build a composite docker compose file by overlaying
volumes-cached.yml over the top of docker-compose.yml.Put a <p> at the beginning of every paragraph
Transparently SSH to a second box via a first one. Very useful for opening a shell on a host which isn’t reachable from your current network.
Shows package info
Add to your
~/.zshrc and then you can search these gists from the shell with: gists <keyword>Show all TCP traffic on port
80.Using the BItWarden commandline, print a random passphrase to the screen and save it to the clipboard.
Make a /tmp/filename for “search for” and replace it with “replace with”
Open an interactive MySQL shell on the container
forges all headers
similar to stunnel command, much more verbose
Undocumented pppd feature
Get UUID for disk partition to add to
/etc/fstab.Python tool (domainaware/checkdmarc)for looking up DMARC and SPF record and showing any warnings.
Removes all
^M from DOS fileRemove all files which aren't managed by Git.
Show all grants for the user
iaddressbook on the host localhost.Shows a virtual addresses actual delivery point
Where the
-l means log and IP.IP is the ip you want to blockGenerate SSHFP DNS entries for a host remotely. See also sshfp2cf for automatically creating SSHFP records on Cloudflare.
Print the last, colon-delimited field of
/etc/passwd. This works because NF is the number of fields (eg. 7 for /etc/passwd) and so this is the same as print $7.Reset the MBR (master boot record). This doesn’t clear the MBR it restores it to a factory default (or something like that??).
On every host defined in the Ansible inventory file, append foo.rsync.net’s SSH host key to root’s known_hosts file.
A Bash fork bomb. Unless per user resource limits are in place (eg.
ulimit -u 100) it will DOS a machine.Broadcast a DHCP client request with a MAC address and see responses from all DHCP servers.
Raw dump, good for scripts
Add to `.zshrc` to automatically start a tmux session on login. If there is an existing session, it will attach, otherwise it'll spawn a new tmux session.
Split
blah.log into multiple gzip’d files each 1000 lines long.Disable
.DS_Store and AppleDouble files on network and USB devices.Update UFW firewall to allow all TCP traffic to ports 80, 443 and 8080-8090 inclusive and adds a comment for the rule.
List all local snapshots and then delete them.
Two different ways to use awk to print the entire line except the first field. The first option is simpler but leaves a leading space.
IPTables deny
Install the Python package Jupyter using PIP. This works even though jupyter has dependencies which require upgrading the builtin macOS setuptools (which aren’t upgradable because of SIP).
Resize the filesystem
/data (/dev/xvda3) to a larger than 32bit filesystem. Note the first resize2fs only converts to a 64 bits, the second actually resizes the filesystem.Un-rot13 a message, and it works in pine if you enable the
| commandSubmit DNS queries and get JSON answer back.
Provide
ssh password on commandline so you script commands like rsync.Shows you all the io activity for on the Mac (similar to
par -k).Installs SSH key for passwordless SSH.
Redirect
stderr to stdoutIf you can’t use
ssh-copy-id to upload your ssh key to a remote host you might be able to use this.Checks (but does not retrieve or delete) messages for
larry@alaska.net (-k keeps on server)Show all files belonging to the package org.rudix.pkg.mtr.
Add to your websites
/robots.txt to disable OpenAI's GPT bot from scraping your site.Recursively compare two folders and see differences in a format useful to humans.
Look up TXT records for spack.org using DNS-over-TLS from the DNS server dns.spack.org.
New tool built into macOS 12 (Monterey) to test quality of internet connection (some details at danpetrov.xyz). #speedtest
Forward all traffic, including DNS, over an ssh tunnel.
Restart Caprover
Turn on a
systemd service at book (I think, need to read systemd docs …).Flushes the local DNS cache (useful if you’ve changed mail server IP addresses or something)
Prints out the relevant info for all the currently available wireless access points (essid, encryption, channel, signal, bssid etc). There are other useful options as well (
-x gives the output in XML) but the command lives in /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources so add it too your path or link it somewhere.Tweak rclone to use as little memory as possible.
Flushes the local DNS cache (useful if you’ve changed mail server IP addresses or something) (pre-Leopard only)
Boot from USB stick via Grub (details).
Bootstrap Chezmoi in new ${HOME}. Download binary, install dotfiles from Github user adamshand using SSH authentication, and then delete downloaded binary.
My X console
As the user
www-data run the command php console.php files:scan –all on the container “nextcloud-app”.Copy ssh key to leia via the jump host gateway.
Search for the meaning of any OSX error code with 113 in it.