3.12 听课笔记
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了3.12 听课笔记相关的知识,希望对你有一定的参考价值。
正则
一串有规律的字符串
grep
过滤指定关键词
[[email protected] grep]# grep 'nologin' passwd
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
…
*centos7中过滤的关键词自动标红
[[email protected] grep]# which grep
alias grep='grep --color=auto'
/usr/bin/grep
[[email protected] grep]# /usr/bin/grep 'nologin' passwd
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
...
-c
[[email protected] grep]# grep -c 'nologin' passwd
15 存在nologin字段的行共有15个
-n
[[email protected] grep]# grep -n 'nologin' passwd 结果显示符合条件的行和行号
3:daemon:x:2:2:daemon:/sbin:/sbin/nologin
4:adm:x:3:4:adm:/var/adm:/sbin/nologin
5:lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
9:mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
10:operator:x:11:0:operator:/root:/sbin/nologin
11:games:x:12:100:games:/usr/games:/sbin/nologin
12:ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
13:nobody:x:99:99:Nobody:/:/sbin/nologin
14:systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
…
-i
[[email protected] grep]# grep -ni 'nologin' passwd
3:daemon:x:2:2:daemon:/sbin:/sbin/NOLOGin
4:adm:x:3:4:adm:/var/adm:/sbin/NOLOGin
5:lp:x:4:7:lp:/var/spool/lpd:/sbin/NOLOGin
9:mail:x:8:12:mail:/var/spool/mail:/sbin/NOLOGin
10:operator:x:11:0:operator:/root:/sbin/NOLOGin
…
-v
[[email protected] grep]# grep -vni 'nologin' passwd 列出不包含弄login的
1:root:x:0:0:root:/root:/bin/bash
2:bin:x:1:1:bin:/bin:/sbin/
6:sync:x:5:0:sync:/sbin:/bin/sync
7:shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
[[email protected] grep]# grep -r 'root' /etc 列出/etc目录下所有包括字段root的文件中的行
/etc/grub.d/00_header:datarootdir="/usr/share"
/etc/grub.d/00_header:export TEXTDOMAINDIR="${datarootdir}/locale"
/etc/grub.d/00_header:if loadfont `make_system_path_relative_to_its_root "${GRUB_FONT}"` ; then
/etc/grub.d/00_header: font="`make_system_path_relative_to_its_root "${font_path}"`"
/etc/grub.d/00_header:loadfont (\$root)`make_system_path_relative_to_its_root $x`
查找passwd文件中包含root字段的行
[[email protected] grep]# grep -r 'root' /etc/ > grep.log
[[email protected] grep]# grep 'passwd' grep.log
/etc/passwd:root:x:0:0:root:/root:/bin/bash
/etc/passwd:operator:x:11:0:operator:/root:/sbin/nologin
/etc/passwd-:root:x:0:0:root:/root:/bin/bash
/etc/passwd-:operator:x:11:0:operator:/root:/sbin/nologin
/etc/postfix/main.cf:# the system passwd file in the chroot jail is just not practical.
列出包含access字段的行以及这一行的后两行
[[email protected] grep]# grep -nA2 'access' grep.log
19:/etc/grub.d/10_linux: prepare_root_cache="$(prepare_grub_to_access_device ${GRUB_DEVICE} | grub_add_tab)"
20-/etc/grub.d/10_linux: printf '%s\n' "${prepare_root_cache}" | sed "s/^/$submenu_indentation/"
21-/etc/grub.d/10_linux: ${linuxefi} ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
--
433:/etc/security/access.conf:# Disallow non-root logins on tty1
434:/etc/security/access.conf:#-:ALL EXCEPT root:tty1
435:/etc/security/access.conf:# User "root" should be allowed to get access via cron .. tty5 tty6.
436:/etc/security/access.conf:#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
437:/etc/security/access.conf:# User "root" should be allowed to get access from hosts with ip addresses.
438:/etc/security/access.conf:#+ : root : 192.168.200.1 192.168.200.4 192.168.200.9
439:/etc/security/access.conf:#+ : root : 127.0.0.1
440:/etc/security/access.conf:# User "root" should get access from network 192.168.201.
441:/etc/security/access.conf:#+ : root : 192.168.201.
442:/etc/security/access.conf:# User "root" should be able to have access from domain.
443:/etc/security/access.conf:#+ : root : .foo.bar.org
444:/etc/security/access.conf:# User "root" should be denied to get access from all other sources.
445:/etc/security/access.conf:#- : root : ALL
446-/etc/security/chroot.conf:# /etc/security/chroot.conf
447-/etc/security/chroot.conf:# username_regex chroot_dir
--
454:/etc/security/time.conf:# Another silly example, user 'root' is denied xsh access
455-/etc/security/time.conf:#xsh;ttyp*;root;!WdMo0000-2400
456-/etc/anacrontab:MAILTO=root
-B 列出包含access的行及以上两行
-C 列出包含access的行及上下两行
列出包含0-9任意一个字符的行
[[email protected] grep]# grep '[0-9]' passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/access
daemon:x:2:2:daemon:/sbin:/sbin/NOLOGin
adm:x:3:4:adm:/var/adm:/sbin/NOLOGinaccess
lp:x:4:7:lp:/var/spool/lpd:/sbin/NOLOGin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
[[email protected] grep]# grep -v '[0-9]' passwd 列出不含数字的行
*$fas
<>
#$^&
><'
列出以#开头的行并列出行号
[[email protected] grep]# grep -n '^#' /etc/inittab
1:# inittab is no longer used when using systemd.
2:#
3:# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
4:#
5:# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
6:#
[[email protected] grep]# !vim
vim inittab
1 # inittab is no longer used when using systemd.
2 #
3 # ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
4 oiqyljdsannjfa;lkds 开头没有#
5 #
6 # Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
7 #
8 # systemd uses 'targets' instead of runlevels. By default, there are two main
[[email protected] grep]# grep -n '^#' inittab 搜索结果中第4行没有出现
1:# inittab is no longer used when using systemd.
2:#
3:# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
5:#
[[email protected] grep]# grep -nv '^#' inittab 去掉文件中以#开头的行
4:oiqyljdsannjfa;lkds
[[email protected] grep]# grep -v '^#' inittab
oiqyljdsannjfa;lkds
8437534389748
%%%%%*********#
[[email protected] grep]# grep '[^0-9]' inittab 列出其中非数字的字符
# inittab is no longer used when using systemd.
#
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
oiqyljdsannjfa;lkds
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
…
# multi-user.target: analogous to runlevel 3
# graphical.target: analogous to runlevel 5
…
以非数字开头的行
[[email protected] grep]# grep '^[^0-9]' inittab
# inittab is no longer used when using systemd.
#
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
oiqyljdsannjfa;lkds
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
[[email protected] grep]# grep -v '^[^0-9]' inittab 不匹配上一个条件的行
8437534389748
^
^[^1234]
方括号外面^表示以^开头,[]的^表示取反义
.
[[email protected] grep]# grep 'r.o' passwd .表示任意一个字符
root:x:0:0:root:/root:/bin/bash
asdfads:1234:adnfkwej3:nasjfd:kjahpfj:rao
r>o
operator:x:11:0:operator:/root:/sbin/NOLOGin
[[email protected] grep]# grep 'r.o' passwd .代表任意一个字符,同样也可以匹配到.本身
root:x:0:0:root:/root:/bin/bash
asdfads:1234:adnfkwej3:nasjfd:kjahpfj:rao
r.o
operator:x:11:0:operator:/root:/sbin/NOLOGin
o*表示任意个数的字母o,后面再跟一个o
[[email protected] grep]# grep 'o*o' passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/oaosbin:/bin/sync
…
匹配任意个任意字符,其中.表示任意字符,*表示任意个数
[[email protected] grep]# grep '.*' passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/oaosbin:/bin/sync
shutdown:x:6:0:shutd1ooown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
在passwd文件中匹配有hyc的一行
[[email protected] grep]# grep 'hyc.*bash' passwd
hyc:x:1000:1000::/home/hyc:/bin/bash
出现两次o的行
[[email protected] grep]# grep 'o\{2\}' passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
shutdown:x:6:0:shutd1ooown:/sbin:/sbin/shutdown
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operatorroooooado:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
o出现2-5次的行
[[email protected] grep]# grep 'o\{2,5\}' passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
shutdown:x:6:0:shutd1ooown:/sbin:/sbin/shutdown
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operatorroooooado:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
[[email protected] grep]# egrep 'o{2,5}' passwd 使用扩展egrep,结果相同,不需要脱义
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
shutdown:x:6:0:shutd1ooown:/sbin:/sbin/shutdown
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operatorroooooado:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
[[email protected] grep]# grep -E 'o{2,5}' passwd 这三种的写法的含义和结果都相同
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
shutdown:x:6:0:shutd1ooown:/sbin:/sbin/shutdown
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operatorroooooado:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
连续2-5次出现oo字符的行
[[email protected] grep]# grep '\(oo\)\{2,5\}' passwd
operatorroooooado:x:11:0:operator:/root:/sbin/nologin
表示+前面字符出现一次或多次
[[email protected] grep]# grep 'o\+o' passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
shutdown:x:6:0:shutd1ooown:/sbin:/sbin/shutdown
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operatorroooooado:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
[[email protected] grep]# egrep 'o+b' passwd
nobody:x:99:99:Nobody:/:/sbin/nologin
需要转义符号脱义时可以使用egrep或grep –E
?前面的字符o重复次数为0或1
[[email protected] grep]# grep 'o\?t' passwd
root:x:0:0:root:/root:/bin/bash
shutdown:x:6:0:shutd1ooown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
[[email protected] grep]# grep -E 'o?1o' passwd
sh1outdown:x:6:o1o0:s1ohutd1ooown:/sbin:/sbin/shutdown
[[email protected] grep]# egrep 'root|nologin' passwd 匹配root或nologin的行
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
*|表示或者
总结:. 表示任意一个字符
*表示任意个*前面的字符
{}表示{}前面的字符的范围:{2}、{2,5}(2次,2到5次)
()表示括号内的字符组合
+ 表示+前面的字符出现一次或多次
?表示0或1个?前面的字符
| 表示或者
以上是关于3.12 听课笔记的主要内容,如果未能解决你的问题,请参考以下文章