my web space
Write a Bash function or an alias.
####### ### alias ####### alias _rm_except="rm -rf $(ls | grep -v ^$1$)" ########## ### function ########## _rm_except () { rm -rf $(ls | grep -v ^$1$) } # sample usage: $ cd /tmp && mkdir 1 2 3 11 22 33 $ _rm_except 1; ls 11 2 22 3 33
No need for complex, unclear, and clumsy programs like Capistrano.
Use Fabric, here is a short exmple, which automates the archive process of users’ directories:
# install the Python library easy_install fabric # create a file called "fabfile" # it will be used from the "fab" command # add the following tasks in "fabfile":
from fabric.api import * env.hosts = ["main"] env.user = "root" def archive_home(): with cd("/tmp"): run("zip -rq home_`date +%Y:%m:%d-%H:%M`.zip /home") def archive_download(): import os os.system("scp %s:/tmp/home_*.zip /home/su/archive" % env.hosts[0]) def archive_remove(): run("rm /tmp/home_*.zip")
In addition you can use decorators to specify different hosts for different tasks.
More about the “fab” command:
fab --help
Usage: fab [options] (command) [:arg1,arg2=val2,host=foo,hosts='h1;h2',...] ...
Options:
-h, --help show this help message and exit
-V, --version show program's version number and exit
-l, --list print list of possible commands and exit
-d COMMAND, --display=COMMAND
print detailed info about a given command and exit
-r, --reject-unknown-hosts
reject unknown hosts
-D, --disable-known-hosts
do not load user known_hosts file
-u USER, --user=USER username to use when connecting to remote hosts
-p PASSWORD, --password=PASSWORD
password for use with authentication and/or sudo
-H HOSTS, --hosts=HOSTS
comma-separated list of hosts to operate on
-R ROLES, --roles=ROLES
comma-separated list of roles to operate on
-i KEY_FILENAME path to SSH private key file. May be repeated.
-f FABFILE, --fabfile=FABFILE
name of fabfile to load, e.g. 'fabfile.py' or
'../other.py'
-w, --warn-only warn, instead of abort, when commands fail
-s SHELL, --shell=SHELL
specify a new shell, defaults to '/bin/bash -l -c'
-c RCFILE, --config=RCFILE
specify location of config file to use
--hide=LEVELS comma-separated list of output levels to hide
--show=LEVELS comma-separated list of output levels to showIf it happens that only root (or no one) can use key authentication, most probably the permissions are wrong. Check the following permissions:
ls -ld ~/.ssh | awk '{print $1}' # should return drwx------ # otherwise: chmod 0700 ~/.ssh
Enable the localhost interface:
/sbin/ifconfig lo up
I am sick of mkdir dir_name; cd dir_name;
The solution (put this function in “.bashrc” or whatever shell config file you use):
_mkcd () { mkdir -p $1 cd $1 } # usage: _mkcd /tmp/dir_1/dir_2 # pwd will show: /tmp/dir_1/dir_2
a sample BASH function (usually resides in $HOMES/.bashrc)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | extract () { if [ -f $1 ] ; then case $1 in *.tar.bz2) tar xjf $1;; *.tar.gz) tar xzf $1;; *.bz2) bunzip2 $1;; *.rar) rar x $1;; *.gz) gunzip $1;; *.tar) tar xf $1;; *.tbz2) tar xjf $1;; *.tgz) tar xzf $1;; *.zip) unzip $1;; *.Z) uncompress $1;; *) echo "'$1' cannot be extracted via extract()";; esac else echo "'$1' is not a valid file" fi } |
This iptables config will block all incoming traffic, except from machines, identified by thier MAC addresses:
iptables -F INPUT
iptables -A INPUT -m mac—mac-source 00:3f:5f:ab:2c:7d -j ACCEPT
iptables -A INPUT -m mac—mac-source 00:1e:32:36:97:4a -j ACCEPT
iptables -A INPUT -m mac—mac-source 00:44:11:a5:1d:6d -j ACCEPT
# or by ip address:
#iptables -A INPUT -p tcp -s 1.1.1.1 -j ACCEPT
#iptables -A INPUT -p tcp -s 2.2.2.2 -j ACCEPT
#iptables -A INPUT -p tcp -s 3.3.3.3 -j ACCEPT
iptables -A INPUT -m state—state ESTABLISHED -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -j REJECT
I like to see green prompt for userid > 0 and red for root, also the hostname and the history number of a command.
PS1="\[\e[32;1m\]\u\[\e[30;1m\]@\[\e[32;1m\]\H[\!]\W\[\e[30;1m\]\\$\[\e[0m\]"
PS1="\[\e[32;1m\]\u\[\e[30;1m\]@\[\e[32;1m\]\H[\!]\W\[\e[30;1m\]\\$\[\e[0m\]"
tail -f production.log | egrep "([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}"
From tcpdump it becomes obvious that some kde apps are contacting jamaica.kde.org through http!?
I cannot understand this M$ type of behavior in UNIX env, neither I want , so here is a quick solution:
iptables -A OUTPUT -d 62.70.27.118 -p tcp -j DROP
iptables -A OUTPUT -j ACCEPT
9th sphere web design
Comment