People are creatures of habit. That assertion has both good and bad connotations. The good is that we tend to do things the same way every time we do them. The bad part is that we don't tend to venture out from our routines. That routine keeps changes consistent and surprises to a minimum. The last thing any sysadmin wants to hear another sysadmin say is, "Whoops." But, that's a whole other story. Today's topic is unfamiliar commands. Six unfamiliar commands to be exact. I think you'll like these because they're useful and outside the peripheral vision of most sysadmins. They are presented in alphabetical order.
[ You might also like: 11 Linux commands I can’t live without ]
1. ac (Accounting)
The user accounting command,
ac, gives the sysadmin connect time statistics for all system users as read from the
/var/log/wtmp file. This is useful if a sysadmin or a manager wants to log a user's connectivity time on a system. Of course, it only tracks connectivity and not activity, so don't assume that a user who shows as connected for six hours has actually worked the entire six hours on a particular task.
Any user can execute the
ac command. The most useful options for it are
-d option displays "daily totals" of connect time. The
-p option provides connect statistics on a per-user basis. You can use the options individually or combined to give a more detailed analysis.
$ ac -d Apr 21 total 8.16 Apr 26 total 119.99 Apr 27 total 18.41 Today total 0.06
$ ac -p bob 2.28 root 140.48 khess 3.87 total 146.62
$ ac -dp root 8.16 Apr 21 total 8.16 root 119.99 Apr 26 total 119.99 root 12.33 bob 2.28 khess 3.80 Apr 27 total 18.41 khess 0.12 Today total 0.12
As you can see, the
ac command provides you with some interesting and useful information about connectivity. The most telling statistic from the above display is how much connectivity time the root user has logged. The implications are that a sysadmin has left themselves logged into a system while away or there has been a security breach. In both cases, the situation needs to be investigated further.
Eleven, twelve, dig, and delve or so goes the nursery rhyme. It seems to fit the fact that
delv are both DNS-related, so I'm going with it. The
delv command is related to
nslookup but delves further into the DNS record by not only sending a DNS query but validating it.
You're likely to receive a lot of unsigned answer messages in your responses. If a DNS zone doesn't include DS records (required when (DNS Security) DNSSEC is activated), then it is assumed to be unsigned DNS rather than DNSSEC. Responses are given as fully validated, unsigned, or invalid. If you don't specify a DNS server in your query,
delv uses the ones in your local
/etc/resolv.conf. If a record is invalid,
delv usually gives a reason as to why the record is invalid.
I don't pretend to know all of the details of DNSSEC or
delv, I just know for those who need to know, it's a very useful command. Here are three examples of practical
delv usage. The first is an example of a fully validated domain, dnsworkshop.org.
$ delv dnsworkshop.org mx +multi ; fully validated dnsworkshop.org. 3600 IN MX 10 smtp5.strotmann.de. dnsworkshop.org. 3600 IN MX 200 smtp3.strotmann.de. dnsworkshop.org. 3600 IN RRSIG MX 8 2 3600 ( 20210530204044 20210430195221 63654 dnsworkshop.org. t+sjQNNTOD0q3cCAqUlmzs2OaRapez++9HnjQ0zbYYP7 go3pu6xUjFmGP1OrDhI+Udhfma1BGxqmHTwHo7UotXDx S9emNuDZVESV6D07HxHbhNqFYjt2jHc8dpLtKjAOmWpA Lf8fhHRjfNpkng5zoTBKLmghWlLnBPpXy0p6gU8= )
The second, an unsigned one, which is perhaps more common to see:
$ delv pbs.org mx +multi ; unsigned answer pbs.org. 300 IN MX 10 mxb-00303201.gslb.pphosted.com. pbs.org. 300 IN MX 10 mxa-00303201.gslb.pphosted.com.
The third is an example of a "parked" domain.
$ delv sillygoose.org mx +multi ;; resolution failed: ncache nxrrset ; negative response, unsigned answer ; sillygoose.org. 300 IN \-MX ;-$NXRRSET ; sillygoose.org. SOA ns1.namefind.com. dns.jomax.net. 2019022600 28800 7200 604800 300
Please, feel free to explore
delv further for all your DNS and DNSSEC needs.
No, this isn't one of my bad Dad jokes. The
dir command is real. Yes, it's really a copy of the
ls command but it's for those of you who might accidentally type
dir rather than
ls because you've worked with the Microsoft Windows command line and can't break the habit.
$ ls -la /usr/bin/dir -rwxr-xr-x. 1 root root 143368 Apr 14 2020 /usr/bin/dir $ ls -la /usr/bin/ls -rwxr-xr-x. 1 root root 143368 Apr 14 2020 /usr/bin/ls
And, no, it's not a hard link. The two commands have different inode numbers. Please test that if you don't believe me.
Here's another command that attempts to help with cross-platform compatibility. I've had it happen more times than I can count that I create or receive a file created on Microsoft Windows that seems to fail if I use it on Linux. Text files will often have invisible "control" characters at the end of the lines that prevent parsing on Linux. This is where the
dos2unix command rushes in to fix such things.
Dos2unix removes those ^M and ^V control characters located at the end of lines that you might see when you
vim a file. Sure, you can remove them if you know how to globally replace such characters with
vi, but it's a pain otherwise.
one^M^V two^M^V three^M^V four^M^V five^M^V
one^M two^M three^M four^M five^M
These "control" characters will often appear in a different color that I can't reproduce here. The
dos2unix command strips those for you. Before I discovered it, I had to go in and remove them manually with a global replace macro or use
sed at the command line.
fold command is new to me but is useful for those of us who tend to write very long lines of code or documentation inside a file. This command has a single purpose: To "wrap each input line to fit in specified width (From the fold man page)." In other words, if you have a limitation of 80 characters in a display or content management system (CMS), then you can adjust a file's width by folding it at the 80th character. 80 character folding is the default.
$ cat test.txt This is a folding test. obomb9jdf;amfd;asmf;dasjpsdaoddsofdsfmdsfmdsofsdjsdmfl.dsfmsdhsdlfsdlfjmds.fmsd.fndsdjdsf;djs;fmdslfmdslfm.dsfsl $ fold test.txt This is a folding test. obomb9jdf;amfd;asmf;dasjpsdaoddsofdsfmdsfmdsofsdjsdmfl.dsfmsdhsdlfsdlfjmds.fmsd. fndsdjdsf;djs;fmdslfmdslfm.dsfsl
fold command does not rewrite the file. If you run
cat test.txt, the output looks the same as the
cat command above does. To rewrite the folded file, you have to redirect it to a file name.
$ fold test.txt > folded.txt $ cat folded.txt This is a folding test. obomb9jdf;amfd;asmf;dasjpsdaoddsofdsfmdsfmdsofsdjsdmfl.dsfmsdhsdlfsdlfjmds.fmsd. fndsdjdsf;djs;fmdslfmdslfm.dsfsl
If you don't want to use the 80 character default, then you can specify a width such as 50 using the
$ fold -w 50 test.txt This is a folding test. obomb9jdf;amfd;asmf;dasjpsdaoddsofdsfmdsfmdsofsdjs dmfl.dsfmsdhsdlfsdlfjmds.fmsd.fndsdjdsf;djs;fmdslf mdslfm.dsfsl
You can specify the number of bytes or characters for folding long lines if you don't like columns. You can also fold at spaces.
zipcloak command encrypts the contents of zip files. The command is easy to use and works without any issues or drama. By issues and drama, I mean that you don't have to supply a lot of options or worry about complex syntax to get the job done. You simply
zipcloak a file, supply a password, and you're done. You can only encrypt zip files. You cannot use
zipcloak to encrypt tar files for example.
$ zipcloak zipfile.zip Enter password: Verify password: encrypting: eight encrypting: five encrypting: four encrypting: nine encrypting: one encrypting: seven encrypting: six encrypting: ten encrypting: three encrypting: two $ ls eight five four nine one seven six ten three two zipfile.zip
When you unzip the file, you're prompted for the password you used when you encrypted the zip archive.
$ unzip zipfile.zip Archive: zipfile.zip [zipfile.zip] eight password: extracting: eight extracting: five extracting: four extracting: nine extracting: one extracting: seven extracting: six extracting: ten extracting: three extracting: two
As you can see,
zipcloak is easy to use and works with no hassle.
[ Learn the basics of using Kubernetes in this free cheat sheet. ]
I hope you find these six commands as useful and as handy as I do. No, I don't encrypt a zipped file every day, I don't often need to convert a Windows-created text file to a Unix-compatible one, and I certainly don't have a need to fold a file but once or twice per year, but when I need these services, I need them. And, I need them to be trouble-free, which these are. There aren't a ton of options for any of them nor are they cumbersome in any way. These six commands are great ones to add to your personal sysadmin toolbox.