Commands by olalonde (1)

  • grep searches through a file and prints out all the lines that match some pattern. Here, the pattern is some string that is known to be in the deleted file. The more specific this string can be, the better. The file being searched by grep (/dev/sda1) is the partition of the hard drive the deleted file used to reside in. The ?-a? flag tells grep to treat the hard drive partition, which is actually a binary file, as text. Since recovering the entire file would be nice instead of just the lines that are already known, context control is used. The flags ?-B 25 -A 100? tell grep to print out 25 lines before a match and 100 lines after a match. Be conservative with estimates on these numbers to ensure the entire file is included (when in doubt, guess bigger numbers). Excess data is easy to trim out of results, but if you find yourself with a truncated or incomplete file, you need to do this all over again. Finally, the ?> results.txt? instructs the computer to store the output of grep in a file called results.txt. Source: http://spin.atomicobject.com/2010/08/18/undelete?utm_source=y-combinator&utm_medium=social-media&utm_campaign=technical


    24
    grep -a -B 25 -A 100 'some string in the file' /dev/sda1 > results.txt
    olalonde · 2010-08-19 20:07:42 18

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Quick and dirty RSS
runs an rss feed through sed replacing the closing tags with newlines and the opening tags with white space making it readable.

Convert CSV to JSON
Replace 'csv_file.csv' with your filename.

Find files that were modified by a given command
Traces the system calls of a program. See http://linuxhelp.blogspot.com/2006/05/strace-very-powerful-troubleshooting.html for more information.

Check wireless link quality with dialog box
The variable WIRELESSINTERFACE indicates your wireless interface

Perform a branching conditional
This will perform one of two blocks of code, depending on the condition of the first. Essentially is a bash terniary operator. To tell if a machine is up: $ ping -c1 machine { echo succes;} || { echo failed; } Because of the bash { } block operators, you can have multiple commands $ ping -c1 machine && { echo success;log-timestamp.sh }|| { echo failed; email-admin.sh; } Tips: Remember, the { } operators are treated by bash as a reserved word: as such, they need a space on either side. If you have a command that can fail at the end of the true block, consider ending said block with 'false' to prevent accidental execution

Find usb device
I often use it to find recently added ou removed device, or using find in /dev, or anything similar. Just run the command, plug the device, and wait to see him and only him

Find usb device in realtime
Using this command you can track a moment when usb device was attached.

Convert all WMF images to SVG recursively ignoring file extension case
This assumes you have the package installed necessary for converting WMF files. On my Ubuntu box, this is libwmf-bin. I used this command, as libwmf is not on my wife's iMac, so I archived the directories containing the WMF files from OS X, ran them on my Ubuntu box, archived the resulting SVGs, and sent them back to her. Quick, simple and to the point. Searches directories recursively looking for extensions ignoring case. This is much more readable and clean than -exec for find. The while loop also gives further flexibility on complex logic. Also, although there is 'wmf2svg --auto', it expects lowercase extensions, and not uppercase. Because I want to ignore case, I need to use the -o option instead. Works in ZSH and BASH. Haven't tested in other shells.

Find out current working directory of a process
This is an alternative to another command using two xargs. If it's a command you know there's only one of, you can just use: $ ls -l /proc/$(pgrep COMMAND)/cwd

Capture data in ASCII. 1500 bytes
Sniffing traffic on port 80 only the first 1500 bytes


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: