What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Universal configuration monitoring and system of record for IT.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:



May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!

Top Tags



Psst. Open beta.

Wow, didn't really expect you to read this far down. The latest iteration of the site is in open beta. It's a gentle open beta-- not in prime-time just yet. It's being hosted over at UpGuard (link) and you are more than welcome to give it a shot. Couple things:

  • » The open beta is running a copy of the database that will not carry over to the final version. Don't post anything you don't mind losing.
  • » If you wish to use your user account, you will probably need to reset your password.
Your feedback is appreciated via the form on the beta page. Thanks! -Jon & CLFU Team

All commands from sorted by
Terminal - All commands - 12,362 results
echo "$(( $(( $(grep 'physical id' '/proc/cpuinfo' | uniq | wc -l) * $(grep 'core id' '/proc/cpuinfo' | wc -l) )) * 2 + 1 ))"
2015-11-14 20:44:39
User: snorf
Functions: echo
Tags: uniq

shell order of operation example which calculates:

x = number of physical CPU's

y = number of cores per CPU

2(x * y) + 1 = CPU load limit

awk 'BEGIN{srand()} match($0, /DELTA=([0-9]+);/, a) {w[i++]=a[1]} END {print w[int(rand()*i)]}' file.name
2015-11-13 17:56:34
User: jkirchartz
Functions: awk
Tags: awk regex random

seed the random number generator,

find all matches in a file

put all matches from the capture group into an array

return a random element from the array

perl -C -MHTML::Entities -pe 'decode_entities($_);'
2015-11-13 15:07:54
User: fnl
Functions: perl

The only command-line version of this task I could come up with that properly handles UTF-8 input, too. (Yes, I know how crazy it is to have UTF-8 with HTML entity escapes, but that stuff exists... sadly...; Just check Twitter.)

find <mydir> -type f -exec sed -i 's/<string1>/<string2>/g' {} \;
echo "Gold price is" $(wget https://rate-exchange-1.appspot.com/currency\?from=XAU\&to=USD -q -O - | jq ".rate") "USD"
2015-11-11 14:20:06
User: lordtoran
Functions: echo wget
Tags: wget finance jq

Returns the current price of a troy ounce of gold, in USD. Requires the "jq" JSON parser.

Ctrl + Alt
2015-11-10 22:08:57
User: knoppix5

Hold 'Ctrl' + 'Alt' key while selecting rectangular text area of the screen with

left mouse button.

Should work in any terminal screen (xterm, konsole, ...) under X, if not

then try with 'Ctrl' + 'Shift' + 'Alt' or two-combination of these.

netstat -np | grep -v ^unix
2015-11-09 17:22:30
User: UnklAdM
Functions: grep netstat

I often have to google this so I put it here for quick reference.

echo 'echo /etc/games/fortune > ~/mailsignature.txt' >> .bashrc
2015-11-07 15:17:12
User: dededede
Functions: echo

In Thunderbird open the settings for your email account, mark the checkbox for 'Attach the signature from a file instead' and use the filename '~/mailsignature.txt'

Now every time when you open a terminal you see the fortune displayed in the terminal and the mail signature gets regenerated.

command ${MYVAR:+--someoption=$MYVAR}
2015-11-04 19:47:24
User: pdxdoughnut
Functions: command

See "Parameter Expansion" in the bash manpage. They refer to this as "Use Alternate Value", but we're including the var in the at alternative.

[ -n "$REMOTE_USER" ] || read -p "Remote User: " -er -i "$LOGNAME" REMOTE_USER
2015-10-30 17:08:17
User: pdxdoughnut
Functions: read
Tags: read input

The read command reads input and puts it into a variable. With -i you set an initial value. In this case I used a known environment variable.

sudo -E rpm -Uvh "http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm"
2015-10-29 14:06:48
User: zlemini
Functions: rpm sudo

In this case the current user has proxy variable set which allows access to the rpm on the internet but needs root privs to install it.

Running sudo -E preserves the current user proxy var and allows the rpm install to be executed with sudo.

find / -name \*.php -exec grep -Hn .1.=.......0.=.......3.=.......2.=.......5.= {} \;
2015-10-28 20:58:53
User: UnklAdM
Functions: find grep

If this matches any files on your web server expect to find allot of malware spread throughout your server folders. Seems to target wordpress sites. Be sure to check your themes/theme-name/header.php files manually for various redirect scripting usually in the line right above the close head tag.

Good luck!

find / -name \*.php -exec grep -Hn preg_replace {} \;|grep /e|grep POST
rename 's/ //g' *
ls -1 | while read a; do mv "$a" `echo $a | sed -e 's/\ //g'`; done
grep -Pooh .*t..r,.* /etc/init.d/*
2015-10-23 17:35:28
User: drewbenn
Functions: grep

Someone quoted Pooh in an init script. Let's see it!

(Probably only works on Debian & friends)

debsecan --format detail
2015-10-22 18:46:41
User: pdxdoughnut

You can search for CVEs at https://security-tracker.debian.org/tracker/ or use --report to get full links. This can be added to cron, but unless you're going to do manual patches, you'd just be torturing yourself.

bar() { foo=$(ls -rt|tail -1) && read -ep "cat $foo? <y/n> " a && [[ $a != "n" ]] && eval "cat $foo" ;}
2015-10-21 20:09:33
User: knoppix5
Functions: eval ls read tail

This command will display the file, but you can change 'cat' to anything else

(type 'n' when prompted to cancel the command or anything else to proceed).


Some hints for newbies:


unset bar

to make 'bar' function annihilated.

For permanent usage you can put this (bar) function in your .bashrc (for bash) or in .profile (for sh).


. ~/.bashrc

you can get all new inserted functions in .bashrc (so the function 'bar'

or whatever name you choose) immediately available.

tcpdump -i eth1 -s0 -v -w /tmp/capture_`date +%d_%m_%Y__%H_%I_%S`.pcap
tcpdump -i eth1 -s0 -v -w /tmp/capture.pcap
2015-10-21 09:14:26
User: erez83
Functions: tcpdump

capture trafic for wireshark from spesific eth interface

echo ${IP} | sed "s/[0-9\.]//g"
2015-10-19 18:20:03
User: andregyn62
Functions: echo sed

This command validates if exist any character different in 0-255 and dot.

If any characters different is typed the error menssage is showing.

echo $IP | egrep '^(([0-9]{1,2}|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]{1,2}|1[0-9][0-9]|2[0-4][0-9]|25[0-5])$'
echo "obase=2;$((($(date +%s)-$(date +%s -d YYYY-MM-DD))/86400))" | bc
2015-10-19 15:40:32
User: flatcap
Functions: echo

Print out your age in days in binary.

Today's my binary birthday, I'm 2^14 days old :-)


This command does bash arithmatic $(( )) on two dates:

Today: $(date +%s)

Date of birth: $(date +%s -d YYYY-MM-DD)

The dates are expressed as the number of seconds since the Unix epoch (Jan 1970),

so we devide the difference by 86400 (seconds per day).


Finally we pipe "obase=2; DAYS-OLD" into bc to convert to binary.

(obase == output base)

D="$(date "+%F %T.%N")"; [COMMAND]; find . -newermt "$D"
2015-10-15 21:09:54
User: flatcap
Functions: find

Often you run a command, but afterwards you're not quite sure what it did.

By adding this prefix/suffix around [COMMAND], you can list any files that were modified.


Take a nanosecond timestamp: YYYY-MM-DD HH:MM:SS.NNNNNNNNN

date "+%F %T.%N"


Find any files that have been modified since that timestamp:

find . -newermt "$D"


This command currently only searches below the current directory.

If you want to look elsewhere change the find parameter, e.g.

find /var/log . -newermt "$D"
touch .tardis; the command ; find . -newer .tardis; rm .tardis;
2015-10-15 19:18:54
User: BeniBela
Functions: command find rm touch

This lists all files modified after calling some command using a temporal anchor.