Grep (E) Syntex


-E, –extended-regexp
Interpret PATTERN as an extended regular expression
You want to search using a fancy expression. For example parenthesis () can be used to indicate groups with | used as an OR operator.
You could run this search using -E:

grep -E ‘^no(fork|group)’ /etc/group
…to return lines that start with either “nofork” or “nogroup”.
Without the -E switch you would have to escape the special characters involved because with normal pattern matching they would just
search for that exact pattern;

grep ‘^no\(fork\|group\)’ /etc/group

You have a file with a list of say ten Unix usernames in plain text.
You want to search the group file on your machine to see if any of the ten users listed are in any special groups:

grep -F -f user_list.txt /etc/group



Unix Shell Tips: Change Login Shell From Bash to Others

Question: How do I find out what Unix shell I’m currently running? Can you also explain how can I change my Unix shell both temporarily and permanently? (For example, from bash to tsh).

Answer: You can achieve these using $0, exec, chsh -s. In this article, let us review how to do these in detail.


1. What is my current Unix shell?

Use echo $0 command to get your current shell name as shown below.

$ echo $0

2. How to change my current shell to another type – temporarily ?

Use exec command to change your shell temporarily as shown below.

$ echo $0

$ exec /bin/sh

$ echo $0

Note: The above change is temporary. When you relogin, you’ll go back to the original shell.

3. How to change my current shell to another type – permanently ?

To change your shell permanently, use chsh command as shown below.


$ chsh -s /bin/sh

Note: The above change is permanent. Even after relogin, you’ll see only the new shell.

4. How can I find out all available shells in my system ?

All available shells are located in the /etc/shells file.

$ cat /etc/shells
# /etc/shells: valid login shells

For changing your login shell, you can do only from the above output. But for changing the current shell, you can go to any available shell.

5. Installing New Shell

You can install a new shell (for example, ksh) as shown below. After installing new shell, you can use it as your permanent login shell, or temporary shell for your command line operations.

$ sudo apt-get install ksh

Init and boot scripts:

The main startup process is initiated by the program init, which spawns all other processes. The purpose of init is to bring the system into a usable state. init reads the file /etc/inittab

■First, the main initialization script is run, /etc/rc.sysinit (a Bash script).

■If started in single user mode (runlevel 1 or S), the script /etc/rc.single is run.

■If in any other runlevel (2-5), /etc/rc.multi is run instead.

■The last script to run is /etc/rc.local (via /etc/rc.multi), which is empty by default


/etc/rc.sysinit is a script and not a place for settings. It sources (i.e. reads and inherits variables and functions) rc.conf for settings and /etc/rc.d/functions for the functions that produce its graphical output (nice colors, alignments, switching ‘busy’ to ‘done’, etc.). This file should not be edited as it is overwritten on upgrade.

The tasks of rc.sysinit are:

1.sources the /etc/rc.conf and /etc/rc.d/functions scripts.

2.displays a welcome message.

3.mounts various virtual file systems.

4.make sure rootfs is mounted read-only (if needed).

5.starts bootlogd.

6.print deprecation warnings.

7.configures the hardware clock.

8.starts udev, loads modules from the MODULES array defined in rc.conf, and waits for udev to finish processing coldplug events.

9.starts the loopback interface.

10.configures RAID, btrfs and encrypted filesystem mappings.

11.check partitions (fsck).

12.remount the rootfs in order to apply the options from /etc/fstab.

13.mounts local filesystems (networked drives are not mounted before a network profile is up).

14.start monitoring lvm groups.

15.activates swap areas.

16.configure timezone.

17.initialize the random seed.

18.removes various leftover/temporary files, such as /tmp/*.

19.sets the hostname, locale and system clock as defined in rc.conf.

20.configures the locale, console, and keyboard mappings.

21.sets the console font.

22.writes output from dmesg to /var/log/dmesg.log.

B. /etc/rc.single:

/etc/rc.single Single-user mode boots straight into the root user account and should only be used if one cannot boot normally. This script ensures no daemons are running except for the bare minimum: syslog-ng and udev.

The single-user mode is useful for system recovery where preventing remote users from doing anything that might cause data loss or damage is necessary

C. /etc/rc.multi :

/etc/rc.multi is run on any multi-user (i.e. normal) runlevel (i.e. 2, 3, 4, and 5). Typically, users do not notice the transition from rc.sysinit to rc.multi because rc.multi also uses /etc/rc.d/functions for handling output. This script:

1.runs sysctl to apply the settings in /etc/sysctl.conf, modifying kernel parameters at runtime; Arch has very few of these by default (mainly networking settings).

2.starts the daemons, as per the DAEMONS array in rc.conf.

3.runs /etc/rc.local to handle user customizations.

D. /etc/rc.local:

/etc/rc.local is the local multi-user startup script. Empty by default, it is a good place to put any last-minute commands the system should run at the very end of the boot process.

Most common system configuration tasks (like loading modules, changing the console font, or setting up devices) usually have a dedicated place where they are entered.

To avoid confusion, ensure that commands entered in rc.local are not better suited elsewhere, such as /etc/profile.d.

Apache Module mod_status

Description: Provides information on server activity and performance

Module Identifier: status_module
Source File: mod_status.c


The Status module allows a server administrator to find out how well their server is performing. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state.

The details given are:

  • The number of worker serving requests
  • The number of idle worker
  • The status of each worker, the number of requests that worker has performed and the total number of bytes served by the worker (*)
  • A total number of accesses and byte count served (*)
  • The time the server was started/restarted and the time it has been running for
  • Averages giving the number of requests per second, the number of bytes served per second and the average number of bytes per request (*)
  • The current percentage CPU used by each worker and in total by Apache (*)
  • The current hosts and requests being processed (*)

The lines marked “(*)” are only available if ExtendedStatus is On.

Enabling Status Support

To enable status reports only for browsers from the domain add this code to your httpd.conf configuration file

<Location /server-status>
SetHandler server-status

Order Deny,Allow
Deny from all
Allow from

u can now access server statistics by using a Web browser to access the page


Bash History: Display Date And Time For Each Command

How do I display shell command history with date and time under UNIX or Linux operating systems?

If the HISTTIMEFORMAT is set, the time stamp information associated with each history entry is written to the history file, marked with the history comment character. Defining the environment variable as follows:
$ HISTTIMEFORMAT="%d/%m/%y %T "
$ echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bash_profile


%d – Day
%m – Month
%y – Year
%T – Time

Now logout and check with “history” command.

View utmp, wtmp and btmp files

In Linux/Unix operating systems everything is logged some where. Most of the system logs are logged in to /var/log folder. This folder contains logs related to different services and applications. In this folder we have some files such as utmp, wtmp and btmp. These files contains all the details about login’s and logout’s which are from local as well as from remote systems and system status such as uptime etc.

Some info about utmp, wtmp and btmp

  • utmp will give you complete picture of users logins at which terminals, logouts, system events and current status of the system, system boot time (used by uptime) etc.
  • wtmp gives historical data of utmp.
  • btmp records only failed login attempts.

Normally when we try to view these files using cat command or vi editor they used to throw some junk characters and garbage values or in encrypted form or hex values. The output of these files when open with vi or cat command are shown below to show how wtmp file look when opened with vi.

This is totally unreadable, then how we can read this file?

We can read this file with only last command. last command is one of the important command which will give you how logged in, when they logged in and when they logged out etc info on the screen.

My last command output.

[root@legacy ~]# last
root pts/0 Sun Dec 16 19:26 still logged in
root pts/0 Sun Dec 16 19:26 – 19:26 (00:00)
reboot system boot 2.6.32-042stab05 Sun Dec 16 19:25 (00:31)
root pts/0 Sun Dec 16 18:39 – 18:41 (00:01)
root pts/0 Sun Dec 16 16:48 – 16:48 (00:00)
root pts/1 Sun Dec 16 13:51 – 16:05 (02:14)
root pts/0 Sun Dec 16 11:06 – 14:17 (03:11)
root pts/0 Sat Dec 15 22:03 – 00:16 (02:12)
root pts/1 Sat Dec 15 19:57 – 00:09 (04:11)
root pts/0 Sat Dec 15 16:36 – 20:48 (04:11)
root pts/1 Fri Dec 14 16:26 – 20:37 (04:11)
root pts/0 Fri Dec 14 15:59 – 16:26 (00:27)
root pts/0 Wed Dec 12 15:06 – 23:35 (08:29)
root pts/0 Wed Dec 12 14:00 – 15:06 (01:05)
root pts/0 Tue Dec 11 18:16 – 23:27 (05:11)
reboot system boot 2.6.32-042stab05 Tue Dec 11 18:16 (5+01:08)
root pts/0 Tue Dec 11 18:13 – down (00:03)
root pts/0 Tue Dec 11 18:12 – 18:12 (00:00)
root pts/0 Tue Dec 4 11:25 – 12:05 (00:40)
root pts/0 Tue Dec 4 11:24 – 11:24 (00:00)
reboot system boot 2.6.32-042stab05 Tue Dec 4 11:23 (7+06:52)

wtmp begins Tue Dec 4 11:18:01 2012
[root@legacy ~]#

This last command display many details about user login/logout activity. The same command can be used to view wtmp, utmp and btmp files.

To open wtmp file and view its content use blow command

last -f /var/log/wtmp

To see still logged in users view utmp file use last command

last -f /var/run/utmp

To view btmp file use same command

last -f /var/log/btmp


Happy log file viewing..

Linux error “There are stopped jobs”

This error will come when you try to logout or exit from a terminal and there are some tasks which are running in background.

[root@legacy ~]# ping
PING ( 56(84) bytes of data.
64 bytes from ( icmp_seq=1 ttl=49 time=260 ms
64 bytes from ( icmp_seq=2 ttl=49 time=260 ms
64 bytes from ( icmp_seq=3 ttl=49 time=260 ms
64 bytes from ( icmp_seq=4 ttl=49 time=261 ms
64 bytes from ( icmp_seq=5 ttl=49 time=260 ms

[1]+ Stopped ping
[root@legacy ~]# exit
There are stopped jobs.
[root@legacy ~]#

If you observe I started a ping program and sent that process to background. And when I try to logout from that terminal I got an error stating that there are still some programs running. To stop this error we have to see if you really like to kill the jobs.
How to kill those jobs?
Execute/press below commands/shortcuts
How to retain job running though you try to logout?
Just press below commands/shortcuts
This will allow us to run the process in background though you try to logout.