Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2011-03-12 - Confoo 2011 presentation
Slides are available from the commandlinefu presentation at Confoo 2011: http://presentations.codeinthehole.com/confoo2011/
2011-01-04 - Moderation now required for new commands
To try and put and end to the spamming, new commands require moderation before they will appear on the site.
2010-12-27 - Apologies for not banning the trolls sooner
Have been away from the interwebs over Christmas. Will be more vigilant henceforth.
2010-09-24 - OAuth and pagination problems fixed
Apologies for the delay in getting Twitter's OAuth supported. Annoying pagination gremlin also fixed.
Hide

Tags

Hide

Functions

Commands using sort from sorted by
Terminal - Commands using sort - 639 results
du -hd1 |sort -h
pacman -Qi | grep 'Name\|Size\|Description' | cut -d: -f2 | paste - - - | awk -F'\t' '{ print $2, "\t", $1, "\t", $3 }' | sort -rn
2012-11-20 03:40:55
Functions: awk cut grep paste sort
0

This, like the other commands listed here, displays installed arch packages. Unlike the other ones this also displays the short description so you can see what that package does without having to go to google. It also shows the largest packages on top. You can optionally pipe this through head to display an arbitrary number of the largest packages installed (e.g. ... | head -30 # for the largest 30 packages installed)

find . -type f |egrep '^./.*\.' |sed -e "s/\(^.*\.\)\(.*$\)/\2/" |sort |uniq
2012-11-12 17:17:55
User: dvst
Functions: egrep find sed sort
0

find files recursively from the current directory, and list the extensions of files uniquely

find . -type f -print | awk -F'.' '{print $NF}' | sort | uniq -c
MP3TAG_DECODE_UTF8=0 mp3info2 -p "%a - %l\n" -R . | sort | uniq
for k in `git branch -r|awk '{print $1}'`;do echo -e `git show --pretty=format:"%Cgreen%ci_%C(blue)%c r_%Cred%cn_%Creset" $k|head -n 1`$k;done|sort -r|awk -F"_" '{printf("%s %17s %-22s %s\n",$1,$2,$3,$4)}'
ls /var/log/sa/sa[0-9]*|xargs -I '{}' sar -u -f {}|awk '/^[0-9]/&&!/^12:00:01|RESTART|CPU/{print "%user: "$4" %system: "$6" %iowait: "$7" %nice: "$5" %idle: "$9}'|sort -nk10|head
for i in $(ps -eo pid|grep -v PID);do echo ""; echo -n "==$i== ";awk '/^read|^write/{ORS=" "; print}' /proc/$i/io 2>/dev/null; echo -n " ==$i=="; done|sort -nrk5|awk '{printf "%s\n%s %s\n%s %s\n%s\n\n",$1,$2,$3,$4,$5,$6}'
find /test -type f -printf "%AY%Aj%AH%AM%AS---%h/%f\n" | sort -n
tshark -qr [cap] -z conv,tcp | awk '{printf("%s:%s:%s\n",$1,$3,$10)}' | awk -F: '{printf("%s %s %s\n",$1,$3,substr($5,1,length($5)-10))}' | sort | uniq -c | sort -nr
ps axo %mem,pid,euser,cmd | sort -nr | head -n 10
du -sm /home/* | sort -n | tail -10
for i in $(seq 1 100 | sort -R); do echo $i; sleep 5; done
2012-09-25 17:47:32
Functions: echo seq sleep sort
3

Random choose numbers from 1 to 100 with 5 seconds interval without duplicates.

find . \( -iname '*.cpp' -o -iname '*.h' \) -exec wc -l {} \; | sort -n | cut --delimiter=. -f 1 | awk '{s+=$1} END {print s}'
2012-09-19 15:21:01
User: jecxjoopenid
Functions: awk cut find sort wc
0

Searches for *.cpp and *.h in directory structure, counts the number of lines for each matching file and adds the counts together.

sudo -s du -sm /Users/* | sort -nr | head -n 10
2012-09-13 10:15:23
User: mematron
Functions: du head sort sudo
0

In OSX you would have to make sure that you "sudo -s" your way to happiness since it will give a few "Permission denied" errors before finally spitting out the results. In OSX the directory structure has to start with the "Users" Directory then it will recursively perform the operation.

Your Lord and master,

Mematron

du -sh /home/*|sort -rh|head -n 10
2012-09-12 11:54:06
User: toaster
Functions: du head sort
0

the -h option of du and sort (on appropriate distrib) makes output "Human" readable and still sorted by "reversed size" (sort -rh)

sudo lastb | awk '{if ($3 ~ /([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}/)a[$3] = a[$3]+1} END {for (i in a){print i " : " a[i]}}' | sort -nk 3
2012-09-11 14:51:10
User: sgowie
Functions: awk lastb sort sudo
1

The lastb command presents you with the history of failed login attempts (stored in /var/log/btmp). The reference file is read/write by root only by default. This can be quite an exhaustive list with lots of bots hammering away at your machine. Sometimes it is more important to see the scale of things, or in this case the volume of failed logins tied to each source IP.

The awk statement determines if the 3rd element is an IP address, and if so increments the running count of failed login attempts associated with it. When done it prints the IP and count.

The sort statement sorts numerically (-n) by column 3 (-k 3), so you can see the most aggressive sources of login attempts. Note that the ':' character is the 2nd column, and that the -n and -k can be combined to -nk.

Please be aware that the btmp file will contain every instance of a failed login unless explicitly rolled over. It should be safe to delete/archive this file after you've processed it.

du -sm /home/* | sort -nr | head -n 10
cut -c23-37 /var/log/squid3/access.log | cut -d' ' -f1 | sort | uniq
2012-09-07 14:57:26
User: dan
Functions: cut sort
Tags: squid webproxy
3

Generates the list of clients (IPs addresses) that have used the Squid webproxy according to the most recent log. Every IP appears only once in the list.

sed -n -e "/^\[/h; /priority *=/{ G; s/\n/ /; s/ity=/ity = /; p }" /etc/yum.repos.d/*.repo | sort -k3n
2012-09-06 00:09:09
User: eddieb
Functions: sed sort
0

This probably only works without modifications in RHEL/CentOS/Fedora.

grep -H voluntary_ctxt /proc/*/status |gawk '{ split($1,proc,"/"); if ( $2 > 10000000 ) { printf $2 " - Process : "; system("ps h -o cmd -p "proc[3]) } }' | sort -nk1,1 | sed 's/^/Context Switches: /g'
2012-09-01 19:43:47
User: jperkster
Functions: gawk grep printf sed sort
0

This command will find the highest context switches on a server and give you the process listing.

SUBNET="192.168.41" ; diff -y <(nmap -sP -n ${SUBNET}.0/24 | grep ${SUBNET}. | awk '{print $5}' | sort -t"." -k4 -n) <(for i in $(seq 1 254); do echo ${SUBNET}.$i; done)
2012-08-28 09:11:18
User: michel_p
Functions: awk diff echo grep seq sort
0

The command will make it easy to determine free IP ranges in a crowded sub-net.

tcpdump -ntr NAME_OF_CAPTURED_FILE.pcap 'tcp[13] = 0x02 and dst port 80' | awk '{print $4}' | tr . ' ' | awk '{print $1"."$2"."$3"."$4}' | sort | uniq -c | awk ' {print $2 "\t" $1 }'
dpkg-query -Wf '${Package} - ${Version}\n' | sort -n
curl url | egrep -o '(http|https)://[a-z0-9]*\.[a-z0-9]*\.[a-z0-9]*'|sort |uniq