Monthly Archives: June 2015

sed add to beginning or end of selected lines of a file

Create a new file with

for i in {1..15}-{a..c} ; do echo this is line $i >> test-file.txt ; done

Add a newline to the beginning and end of the file

sed -e '1i\ ' -e '$a\ ' test-file.txt

Add a newline from the 3rd through to the 10th line

sed -e '3,10i\ ' -e '$a\ ' test-file.txt

Add a newline at the 3rd and 10th line

sed -e '3~10i\ ' -e '$a\ ' test-file.txt

Add to the beginning of lines 1 through 5 with

sed '1,5 s/^/Alice the Goon say'"'"'s\t/' test-file.txt  <<-- Note the quotes for escaping the apostrophe.

Add to the end of lines 6 through 12 with

sed '6,12 s/$/\t  I Love Popeye/' test-file.txt

Select individual lines

sed -e '13 s/^/Lucky\t /' test-file.txt -e '14 s/$/\t\tPopeye/'

Add to the beginning of every third line

sed '0~3 s/^/hello\t/g' < test-file.txt

Add to the end of every third line

sed '0~3 s/$/\tdolly/g' < test-file.txt

change the file’s line numbering now with

sed -i '=' test-file.txt  "=" is a command in sed to print the current line number to the standard output.

append to the lines matching (PATTERN) “10” with

sed '/10/ a\ hello' test-file.txt

append after the line number (ADDRESS) “10” with

sed '10 a\ hello' test-file.txt

in each case

\a  for append (add after match) can be changed for

\i  for insert (add before match)

or  \c  to change the whole matching line.

example: sed '/10/ c\ hello dolly' test-file.txt

Unlike using

sed 's/is/hello dolly/g' test-file.txt  OR  sed 's/10/hello dolly/' test-file.txt

Finally you can re-number your file with

sed = test-file.txt | sed 'N;s/\n/\t/'  OR  nl testfile.txt  OR  cat -n testfile.txt

as always write it to a new file with > newfile-name

or use -i to edit it inline

To delete trailing whitespace from end of each line

cat input.txt | sed 's/[ \t]*$//' > output.txt

Remove all leading and trailing whitespace from each line

cat input.txt | sed 's/^[ \t]*//;s/[ \t]*$//' > output.txt

To change the nth occurrence on each line add a number at the end of the substitute command

sed 's/old/new/2' file



selinux cheat sheet

To list all sebooleans currently on (allowed)

getsebool -a | grep 'on$'

To list all sebooleans currently off (disallowed)

getsebool -a | grep 'off$'

To list all current booleans with their discriptions

semanage boolean -l

List your default port info with

semanage port -l

If you want to change a port on a SELinux system, you have to tell selinux about this change.
e.g. semanage port -a -t ssh_port_t -p tcp #PORTNUMBER

temporarily switch between permissive or enforcing (It will revert back to default on a reboot.)

setenforce 0 (permissive)

setenforce 1 (enforcing)

sestatus will give you your current status

To set the level permanently edit your /etc/selinux/config file.

Copy a security context from 1 file or directory to another with

chcon [OPTION]… –reference=RFILE FILE…

e.g. chcon -R –reference=/default/web/dir /other/web/dir (will recursively copy the permissions from default web dir to new web dir.)


change the label of /other/web/dir, recursively, to the httpd_sys_content_t type in order to grant Apache read-only access to that directory and its contents:
semanage fcontext -a -t httpd_sys_content_t “/other/web/dir(/.*)?”
Apply the selinux policy created with
restorecon -R -v /other/web/dir

List current security on files and dirs with ls -Z

Turn booleans on or off with

e.g. setsebool -P allow_ftpd_anon_write=1 or 0

Get a report on all selinux denials with

aureport -a

Get a report on current selinux denials with recommendations.

sealert -a /var/log/audit/audit.log  (for this I think you need setroubleshoot installed.)

From the manpage

setsebool – set SELinux boolean value
setsebool [ -PNV ] boolean value | bool1=val1 bool2=val2 …
setsebool  sets the current state of a particular SELinux boolean or a list of booleans to a given value. The value may be 1 or true or on to enable the boolean, or 0
or false or off to disable it.
Without the -P option, only the current boolean value is affected; the boot-time default settings are  not changed.
If the -P option is given, all pending values are written to the policy file on disk. So they will be persistent across reboots.
If the -N option is given, the policy on disk is not reloaded into the kernel.
If the -V option is given, verbose error messages will be printed from semanage libraries.