Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2011-03-12 - Confoo 2011 presentation
Slides are available from the commandlinefu presentation at Confoo 2011: http://presentations.codeinthehole.com/confoo2011/
2011-01-04 - Moderation now required for new commands
To try and put and end to the spamming, new commands require moderation before they will appear on the site.
2010-12-27 - Apologies for not banning the trolls sooner
Have been away from the interwebs over Christmas. Will be more vigilant henceforth.
2010-09-24 - OAuth and pagination problems fixed
Apologies for the delay in getting Twitter's OAuth supported. Annoying pagination gremlin also fixed.
Hide

Tags

Hide

Functions

Commands using sudo from sorted by
Terminal - Commands using sudo - 407 results
sudo truecrypt <truecrypt-file> <mount-point>
2010-02-27 16:25:19
User: kbrill
Functions: sudo
1

It seems to completely void the benefit of having an encrypted folder if you then have a script on your unencrypted hard drive with your password in it. This command will mount a truecrypt file at a given mount point after asking you for the password.

sudo aptitude update; sudo apt-get -y --print-uris upgrade | egrep -o -e "http://[^\']+" | sudo aria2c -c -d /var/cache/apt/archives -i -; sudo aptitude -y safe-upgrade
2010-02-18 16:02:29
User: freethinker
Functions: egrep sudo
2

Please install aria2c before you try the above command. On ubuntu the command to install aria2c would be:

sudo aptitude install aria2
sudo sed -iorig '/\(up\|down\)/s/^/#/' /etc/zsh/zshrc
2010-02-02 23:17:08
User: cbrinker
Functions: sed sudo
Tags: Ubuntu vi zsh
1

Use sed to comment out any up/down bindings in zsh

sudo ping -f -s 56500 192.168.1.100
2010-01-27 17:42:33
User: alamati
Functions: ping sudo
-3

A ping flood is a simple DoS attack where the attacker overwhelms the victim with ICMP Echo Request (ping) packets. It only succeeds if the attacker has more bandwidth than the victim (for instance an attacker with a DSL line and the victim on a dial-up modem).

In this command replace 192.168.1.100 with victim IP address.

sudo arp-scan --interface=eth0 -l
2010-01-27 05:36:48
User: alamati
Functions: sudo
1

replace eth0 with your ethernet or wireless network interface.

sudo netselect -v -s3 $(curl -s http://dns.comcast.net/dns-ip-addresses2.php | egrep -o '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | sort | uniq)
2010-01-27 00:03:44
User: hackerb9
Functions: egrep sort sudo
2

Comcast is an ISP in the United States that has started hijacking DNS requests as a "service" for its customers. For example, in Firefox, one used to be able to do a quick "I'm Feeling Lucky" Google search by typing a single word into the URL field, assuming the word is not an existing domain when surrounded by www.*.com. Comcast customers never receive the correct NX (non-existent domain) error from DNS. Instead, they are shown a page full of advertising. There is a way to "opt out" from their service, but that requires having the account password and the MAC address of your modem handy. For me, it was easier just to set static DNS servers. But the problem is, which ones to choose? That's what this command answers. It'll show you the three _non-hijacked_ Comcast DNS servers that are the shortest distance away.

Perhaps you don't have Comcast (lucky you!), but hopefully this command can serve as an example of using netselect to find the fastest server from a list. Note that, although this example doesn't show it, netselect will actually perform the uniq and DNS resolution for you.

Requires: netselect, curl, sort, uniq, grep

dpkg -l | grep ^rc | awk '{print $2}' | sudo xargs dpkg -P
sudo nmap -F -O 192.168.1.1-255 | grep "Running: " > /tmp/os; echo "$(cat /tmp/os | grep Linux | wc -l) Linux device(s)"; echo "$(cat /tmp/os | grep Windows | wc -l) Window(s) devices"
2010-01-10 03:09:56
User: matthewbauer
Functions: echo grep sudo
3

Shows how many Windows and Linux devices are on your network.

May add support for others, but that's all that are on my network right now.

mkfifo /tmp/fifo; ssh-keygen; ssh-copyid root@remotehostaddress; sudo ssh root@remotehost "tshark -i eth1 -f 'not tcp port 22' -w -" > /tmp/fifo &; sudo wireshark -k -i /tmp/fifo;
sudo ssh -Y remoteuser@remotehost sudo wireshark
2010-01-05 14:35:20
User: Code_Bleu
Functions: ssh sudo
-8

This allows you to display the wireshark program running on remote pc to your local pc.

sudo find /etc/rc{1..5}.d -name S99myservice -type l -exec sh -c 'NEWFN=`echo {} | sed 's/S99/K99/'` ; mv -v {} $NEWFN' \;
2010-01-03 00:56:57
User: zoomgarden
Functions: find mv sed sh sudo
0

Change run control links from start "S" to stop "K" (kill) for whatever run levels in curly braces for a service called "myservice". NEWFN variable is for the new filename stored in the in-line shell. Use different list of run levels (rc*.d, rc{1,3,5}.d, etc.) and/or swap S with K in the command to change function of run control links.

sudo tcpdump -nnvvXSs 1514 -i lo0 dst port 5432
2009-12-18 17:12:44
User: ethanmiller
Functions: sudo tcpdump
1

It's certainly not nicely formatted SQL, but you can see the SQL in there...

watch -d 'sudo smartctl -a /dev/sda | grep Load_Cycle_Count ; sudo smartctl -a /dev/sda | grep Temp'
2009-12-15 00:15:24
User: vxbinaca
Functions: grep sudo watch
2

This command is a great way to check to see if acpi is doing damage to your disks by agressivly parking the read arm and wearing down it's life. As you can see, mine has lost half its life. I'm sure this could be shortened though somehow. It will use smartctl to dump the stats and then grep out just the temperature and load cycles for the disk (a load cycle is when a the read arm comes out of park and wears on the drive).

sudo ls -RFal / | gzip > all_files_list.txt.gz
2009-12-14 21:40:56
User: roryokane
Functions: gzip ls sudo
2

This command is meant to be used to make a lightweight backup, for when you want to know which files might be missing or changed, but you don't care about their contents (because you have some way to recover them).

Explanation of parts:

"ls -RFal /" lists all files in and below the root directory, along with their permissions and some other metadata.

I think sudo is necessary to allow ls to read the metadata of certain files.

"| gzip" compresses the result, from 177 MB to 16 MB in my case.

"> all_files_list.txt.gz" saves the result to a file in the current directory called all_files_list.txt.gz. This name can be changed, of course.

sudo lsof -P -i -n -sTCP:LISTEN
sudo arp-scan 192.168.1.0/24 -interface eth0
sudo strace -pXXXX -e trace=file
sudo echo 0 > /sys/block/sdb/queue/rotational
2009-11-27 12:16:17
User: nickleus
Functions: echo sudo
5

if you still get a permissions error using sudo, then nano the file:

sudo nano -w /sys/block/sdb/queue/rotational

and change 1 to 0

this thread:

http://www.ocztechnologyforum.com/forum/showpost.php?p=369836&postcount=15

says that this will "help the block layer to optimize a few decisions"

sudo mount -t cifs -o credentials=/path/to/credenials //hostname/sharename /mount/point
2009-11-23 23:55:20
User: magma_camel
Functions: mount sudo
-2

mounts a samba share on a remote machine using a credentials file that can be in a file tht is not accessable by other users the file will look like:

username="username"

password="password"

best option i belive

sudo mount -t cifs -o user,username="samba username" //$ip_or_host/$sharename /mnt
sudo mount -t cifs //$ip_or_host/$sharename /mnt
2009-11-23 14:24:02
User: sb
Functions: mount sudo
-2

Mount a Windows share. Usually the IP is needed for the $ip_or_host option. Getting hostnames working on a local network never seems to work.

mount | awk '/:/ { print $3 } ' | xargs sudo umount
sudo ifconfig -a | grep eth | grep HW | cut -d' ' -f11
sudo touch /forcefsck
2009-10-29 17:04:47
User: johnraff
Functions: sudo touch
37

The empty file /forcefsck causes the file system check fsck to be run next time you boot up, after which it will be removed.

This works too:

sudo >/forcefsck
sudo mount -t vfat /dev/sdb1 /mnt/sdb1