Unix OS

32K

Solutions

18K

Contributors

Unix is a multitasking, multi-user computer operating system originally developed in 1969 at Bell Labs. Today, it is a modern OS with many commercial flavors and licensees, including FreeBSD, Hewlett-Packard’s UX, IBM AIX and Apple Mac OS-X. Apart from its command-line interface, most UNIX variations support the standardized X Window System for GUIs, with the exception of the Mac OS, which uses a proprietary system.

Share tech news, updates, or what's on your mind.

Sign up to Post

Need help on setting permissions for a directory, new to linux.

I have a folder /opt/reports

I have users called user1 , user2  who loggin into linux and  read the contents of the files in this directory. I want to give read permission only to this user1 and user2 and rwx for others users.
Any help in this regard is really appreciated.
0
OWASP: Forgery and Phishing
LVL 12
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

zgrep -C5 'xyz' abc.gz

i have above grep
in the results how to search on say "error code=1111 description=null pointer"


Above results too large i am not able to copy paste to notepad++ (which i usually do makes easy to to my eyes) to search on like error code=1111 description=null pointer"

zgrep -C5 'xyz' abc.gz >>/home/TestUser/testuser.txt

can we do tail or head on above?
please advise
0
i am using mputty to connect to unix box.

i see black screen with while log messages

i like to change to white bacground screen with black letter on top

please advise
0
i have removed below pid file using rm command as i got some error messages with permissions on that

rm xyz.pid

is there is a way i can restore that file

I am trying to start the web logic server and having issues which used to work earlier file

Please advise
0
to run below script to start web logic
/opt/scripts/bea_start admin
after login i cannot directly execute
i have to go to below directory to execute

cd /xyz/home/user123/opt/def/bea_domains/12/xyz_dev1/servers/xyz_dev1_admin/logs

i though below is absolute path and as soon as i login i should be able to run from
/opt/scripts/bea_start admin

also i have to run as admin only not as my user id

why i cannot run as soon as i login from root directory(if i am not mistaken that is what i go as soon as i login)

also how to see who all can run the script and how to change that script permission so that even if i login i can execute not just admin

Please advise
0
zgrep 'MobileDevice' xyz_1.log.20181121.gz|grep 'USER123'| awk '$0>= "2018-Nov-21 00:01" && $0<="2018-Nov-21 23:59"' | awk -F '|' '$24>300 {print}'

zgrep 'MobileDevice' xyz_2.log.20181121.gz|grep 'USER123'| awk '$0>= "2018-Nov-21 00:01" && $0<="2018-Nov-21 23:59"' | awk -F '|' '$24>300 {print}'

zgrep 'MobileDevice' xyz_3.log.20181121.gz|grep 'USER123'| awk '$0>= "2018-Nov-21 00:01" && $0<="2018-Nov-21 23:59"' | awk -F '|' '$24>300 {print}'

i am using above 3 separate greps one after other on 3 types of jvm files

how to combine them as one

zgrep 'MobileDevice' xyz_?.log.20181121.gz|grep 'USER123'| awk '$0>= "2018-Nov-21 00:01" && $0<="2018-Nov-21 23:59"' | awk -F '|' '$24>300 {print}'
i tried above which did not work
i tried below that also did not work


zgrep 'MobileDevice' xyz_*.log.20181121.gz|grep 'USER123'| awk '$0>= "2018-Nov-21 00:01" && $0<="2018-Nov-21 23:59"' | awk -F '|' '$24>300 {print}'
please advise
0
zgrep 'MobileDevice' xyz.log.20181121.gz|grep 'USER123'| awk '$0>= "2018-Nov-21 00:01" && $0<="2018-Nov-21 23:59"' | awk -F '|' '$24>300 {print}'
above grep printing all the columns successfully satisfying abov condition of

$24>300


Now i need to filter above query based on the state like Florida which is printing in 23rd column i.e $23

zgrep 'MobileDevice' xyz.log.20181121.gz|grep 'USER123'| awk '$0>= "2018-Nov-21 00:01" && $0<="2018-Nov-21 23:59"' | awk -F '|' '$23=FLORIDA {print}'

above query not working

how to check String equality in AWK

Please advise
0
Hi,



 while adding ubuntu to vitual box after removing centos there getting attached error
i am using windows 10 hp laptop currently


please advise how resolve this error.



thanks in advance
ERRuBUNTU.png
0
zgrep 'xyz'  abc.log.2018111212| grep '|[1-9][0-9][0-9][0-9][0-9]|0000' | wc -l

i am trying to figure out what above grep doing?

what is meaning of
|[1-9][0-9][0-9][0-9][0-9]|0000

wc -l means some kind of word count?
what is -l

any good links or resources or video tutorials to master greps and awk and sed end to end to debug server logs?

please advise
0
I'll need a Shell (Bash) script (rather an exact command) that outputs

a)  files' name in the Solaris system, one file per line in the UNIX systems
b) that were modified/created the last 1470 minutes
c) exclude FIFO files, symbolic links, sockets (ie *.sock)
d) names of files of between 1 byte to 20MB in size
e) files in /dev, /devices, /kernel, /cdrom, /platform, /proc, /net
f) files mounted on NFS

I have about 1million files so hoping the command/script of outputting
the file can complete in 30mins, so may need efficient coding.


I need to amend the following script to read (ie for AV to scan) the above output file:

#!/bin/bash
LOGFILE="/var/log/clamav/`hostname`-$(date +'%Y-%m-%d').log";
## suggest to change dirs below to root but exclude databases
DIRTOSCAN="/var /opt /home /etc /tmp /export";

for S in ${DIRTOSCAN}; do
DIRSIZE=$(du -sh "$S" |grep -v "/proc" |grep -v "/dev" |grep -v ...  /2>/dev/null | cut -f1);
## add to grep -v for any other file types to exclude

echo "Starting a daily scan of "$S" directory.
Amount of data to be scanned is "$DIRSIZE".";

clamscan -ri "$S" >> "$LOGFILE";
0
Bootstrap 4: Exploring New Features
LVL 12
Bootstrap 4: Exploring New Features

Learn how to use and navigate the new features included in Bootstrap 4, the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first websites.

I'm looking for ways (most likely auditctl or audit) to monitor Solaris files
(/etc/group, sudoers,  root's  cron.*) & if possible email out a notification
once content of the file(s) is modified.

Will need exact/detailed steps.

I'm on Solaris 10 x86.

File integrity monitoring (like those used by Tripwire) tools is not an
option as we just want to use built-in Solaris tools
0
I'll need to monitor several "privilege escalation related" Solaris 10 & RHEL6 files using
ACLs (Access Ctrl Lists) :

a) /etc/group, /etc/sudoers, /etc/cron.daily (or .weekly or any crons owned by root):
    ACL to send to syslog (so that we can pipe to SIEM) when permissions, ownership
    or contents of the above files are changed

b)visudo, sudo, usermod, useradd    command binary files :
   when these are being executed/run, ACL to send to syslog (who & when it's being
   executed)

Appreciate an exact  setacl (or the actual commands/settings in RHEL6 & Solaris 10
x86  samples
0
I am trying to get a specific pid and ONLY that pid, not others that might have that pid embedded in them, i.e.

345
1345
5345

I only want to get the 345.  If they would let me use Perl it would be easy, but I have to use ksh.

Any ideas?

Thanks!
David
0
Need to harden a Solaris 10 that is connecting to Internet  from DMZ.

Anyone has a Solaris 10 hardening script that once run will harden for
a) Level 2 Profile
b) "Scored"

The attached which I got from GitHub doesn't seem quite fit to what's needed
& with all the "printf ...", it's more of listing out than actually doing hardening.


From CIS benchmark:

Scoring Information
================
A scoring status indicates whether compliance with the given recommendation impacts the assessed target's benchmark score. The following scoring statuses are used in this benchmark:
Scored  <==
Failure to comply with "Scored" recommendations will decrease the final benchmark score. Compliance with "Scored" recommendations will increase the final benchmark score.
Not Scored
Failure to comply with "Not Scored" recommendations will not decrease the final benchmark score. Compliance with "Not Scored" recommendations will not increase the final benchmark score.



Profile
=====

 Level 1
Items in this profile intend to:
o be practical and prudent;
o provide a clear security benefit; and
o not inhibit the utility of the technology beyond acceptable means.
 Level 2  <==
This profile extends the "Level 1" profile. Items in this profile exhibit one or more of the following characteristics:
o are intended for environments or use cases where security is paramount
o acts as defense in depth measure
o may negatively inhibit the utility or performance of the …
0
curl to download all artifacts from artifactory folder
0
For Clam's dependent packages required as indicated by
  https://www.opencsw.org/packages/CSWclamav/  ,

I can't get 2 packages for Solaris 10 (Update 9) x86 :

1. common : it can only locate the i386 package for SunOS 5.8 in url below
  http://rsync.opencsw.org/opencsw/testing/i386/5.10/

Likewise for
2. libbz2_1_0 : can only locate for SunOS 5.9


Anyone has access to Oracle subscription, can assist to download the above
packages & attach them here?


For the 10 dependent packages, what's given are for i386, so if can help
provide for Solaris 10 x86, appreciated:
https://www.opencsw.org/packages/CSWclamav/
0
https://www.manageengine.com/products/eventlog/system_requirement.html

We're trying to quickly set up ManageEngine Eventlog analyzer/SIEM for our
Solaris 10 x86   and  RHEL 6  servers : all are 64bit OS.

Somehow I can't locate anything for Solaris 10 x86 : need the agents installer.
Still looking for RHEL6.  I'm not too good with navigating.

Anyone can help locate & give the exact links?
0
What is difference between this two commands.

info_file_name=`echo $i | cut -d "/" -f 7`
 
info_file_name=`echo $i | cut -d "/" -f 6`
1
How to add a * DNS entry to the etc/hosts file in Centos? This is to allow S3 calls to a cloudian instance.
0
OWASP: Avoiding Hacker Tricks
LVL 12
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

Actually the file descriptor table is not a real table. It's just an array of pointers to the "open file table" (struct file). But let's say we will see it as a table. What are the columns? For example:

FD   | Pointer to "open file table"
----------------------------------
...  | ...

In short, that's the question. I see a lot of different figures on the internet, but they are all different. For example, see:

http://faculty.winthrop.edu/dannellys/csci325/10_shared.htm
There they have a column "fd flags" (read/write), but I would think that this column is part of the "open file table" and not part of the "file descriptor table". See for example: http://man7.org/linux/man-pages/man2/open.2.html


       A call to open() creates a new open file description, an entry in the
       system-wide table of open files.  The open file description records
       the file offset and the file status flags (see below).  A file
       descriptor is a reference to an open file description; this reference
       is unaffected if pathname is subsequently removed or modified to
       refer to a different file.  For further details on open file
       descriptions, see NOTES.

       The argument flags must include one of the following access modes:
       O_RDONLY, O_WRONLY, or O_RDWR.  These request opening the file read-
       only, write-only, or read/write, respectively.
0
unix server keep sign out after 1 minute or so on production.

is there is a way i can run some process like

tail -f xyz.gz
to keep continuous rolling until i cancel that so that it wont sign out on me while i focus on some other work  for 30 miinutes and come back it should not signout
please advise
0
how can i set up 2 subents in AWS and be able to route between them ?


NACLs? subents confing , etc??

i have never done this before  and very very new to AWS
0
Can anyone tell me why I'm getting this error on AIX?  It does the same thing from smitty too.  The useradd created the user fine.  I verified he's in there through smitty and I can su - to it.

aixutil -[root]/root>useradd -m -g staff -s /bin/ksh -c "Scott Field - BMC" sfield8
3004-689 User "sfield8" exists.
aixutil -[root]/root>echo "sfield8:password" | chpasswd
3004-687 User "sfield8" does not exist.


Thanks!
David
0
Let's start with a useless example of input redirection:

less 1< /test.txt

Open in new window


The result is:

Missing filename ("less --help" for help)

This I understand, because:

LESS-PROCESS:
FD 0 <- terminal file (keyboard)
FD 1 <- /test.txt
FD 2 -> terminal file (monitor)

FD 0 needs to get some content from a file, but there is no file in this case. There is /test.txt but it points to the wrong fd. Now let's take a look at a useless example of output redirection:

less 0> /test.txt

Open in new window


LESS-PROCESS:
FD 0 -> /test.txt
FD 1 -> terminal file (monitor)
FD 2 -> terminal file (monitor)

The program doesn't give file descriptor 0 some output, so "nothing" will be written to /test.txt. That why you will always end up with an empty /test.txt file. File descriptor 0 opens /test.txt for writing and not for reading. So the less-process doesn't get any file to read from. Then why the result is not:

Missing filename ("less --help" for help)

Instead, less is acting as it got an empty file as input. The file /test.txt is empty in the end, but this is about output redirection and not about input redirection, so there is no input. That's the reason why I would expect "Missing filename". Why this is not the case?
0
See: https://stackoverflow.com/questions/6170598/can-anyone-explain-to-me-what-the-purpose-of-dev-tty


You can start with the POSIX spec. From there, read about the "controlling terminal" of a process.

But just for example... /dev/tty is how a command like "ssh" can read your password even if its standard input comes from somewhere else:

tar cf - . | ssh dest 'tar xf -'

Open in new window


If ssh decides to prompt you for a password, it will read it from /dev/tty instead of stdin.

Conceptually, /dev/tty is "the keyboard and text terminal". More or less.

Let's say my "terminal-file" of the current session is /dev/pts/1. In such a case, then what's the difference between "/dev/pts/1" and "/dev/tty"? And if they are basically the same, then why  "/dev/tty" is used instead of "/dev/pts/1"?

And:

/dev/tty is how a command like "ssh" can read your password even if its standard input comes from somewhere else

Let's say the standard input comes from somewhere else, so let's say we have:

FD 0 <- file
FD 1 -> /dev/pts/1
FD 2 -> /dev/pts/1

How I see it: the fact that the standard input comes from somewhere else doesn't mean that /dev/pts/1 can not be read? The password comes from the keyboard and /dev/pts/1 represents i.a. the keyboard, right? So I still don't see what exactly the purpose is of /dev/tty?

@noci: I know you know the answer, but I don't understand your explanation so I've made this post so maybe other people can explain it to me in a way that I understand it.
0

Unix OS

32K

Solutions

18K

Contributors

Unix is a multitasking, multi-user computer operating system originally developed in 1969 at Bell Labs. Today, it is a modern OS with many commercial flavors and licensees, including FreeBSD, Hewlett-Packard’s UX, IBM AIX and Apple Mac OS-X. Apart from its command-line interface, most UNIX variations support the standardized X Window System for GUIs, with the exception of the Mac OS, which uses a proprietary system.