Get a grip on searching file contents with grep

Who doesn’t have to search files for specific content in them. At some point, when working with computers, you would like to find files containing specific text/data/string/content/information or whatever term you use. Linux users have always boasted of being able to use grep utility. Windows users have relied on finding files using easy user interface and Select-String cmdlet. With WSL2, you can use traditional linux utilities to assist with your work on Windows OS as well. Let’s see the few variants of grep to help us searching the information that we seek.

Read More »

Unsharing is Caring – User Namespace, Rootless containers and Security

Those who have been working with containers, have long been worried about security aspects associated with underlying containers. One of the vulnerability associated with containers is with running containers as root user. Containers have often required to do some privileged tasks such as mount filesystems, associated with packet route tables on the host networks etc which have historically needed privileged access on the underlying host machine. So this has allowed malicious actors to try to exploit vulnerabilities in containers host.

With rootless containers, we are slowly shifting to overcome this scenario. Rootless containers refers to the ability for an unprivileged user to create, run and otherwise manage containers. This term also includes the variety of tooling around containers that can also be run as an unprivileged user.

Read More »

Working with arguments in Bash Scripting

Bash scripting has many special shell variables like $*, $#, $?, etc. to help users write more powerful and versatile scripts. One can code for many scenarios, using these shell variables, which are otherwise not possible.

One of the common requirements is to write a more generic code and run it specifically using the arguments supplied at the run time. Since script users can’t be always trusted with supplying all arguments properly, its beneficial to adjust script to properly check for conditions like how many arguments are supplied, if arguments are proper, etc. Since bash also does not natively offer a way to write parameters for the scripts, you also need to process the arguments in the correct order. For this, bash offers special variables $1, $2$9 as positional parameters.

Read More »

Get timestamps in Bash history

Although history command utility in Linux is already nice, it would have been great if we can have timestamp to understand when certain commands were run. This is particularly useful for organizations, that needs to match certain audit requirements. We can easily configure timestamps by using HISTTIMEFORMAT environmental variable in following way:

HISTTIMEFORMAT="%d/%m/%y %T "  # for e.g. "13/03/21 15:59:59"
HISTTIMEFORMAT="%F %T "        # for e.g. "2021-03-13 15:59:59"
Read More »

Solve your CIDR calculations without leaving terminal in Linux

Every system admin in this world has ran into problem of calculating IP address range, network masks, usable IP addresses, etc. for one or the other reason. It is very important part of networking related operations and what a server would be without any clients or IP addresses. Some people consider it so important, they expect you to do calculations like these in your mind in your job interviews. There are also various websites online to just run CIDR calculations. However its all additional steps and a hassle.

Fortunately, if you are a linux user, you can make life easy for yourself by using utility sipcalc. It is a simple command line tool which is available in epel repo.

Read More »

Convert JKS and P12 to Crt and Key files with OpenSSL

PKCS#12 is a successor to Microsoft’s PFX format. It defines an archive file format for storing many cryptography objects as a single file. It is commonly used to bundle a private key with its X509 certificate or to bundle all the members of a chain of trusted certificates, starting from the root certificate authority. The files PFX (.pfx) and PKCS#12 (.p12), including terms, are somewhat used interchangeably and refer to same standard.

PKCS#12 are normally generated using OpenSSL, which is an open-source tool. We can use the same tool to convert JKS, which is Java keystore and PKCS#12 certs to crt and key files.

Read More »

Debug Bash Shell Scripts in Linux

Debugging code can be time consuming and tricky at times. Programmers have traditionally taken advantage of the techniques like syntax highlighting, code completion, intellisense, etc while writing and debugging code. Also no amount of such features can reduce logic based errors, where the script executes but not in a way we expected. This is more problematic with complex bash scripts as bash itself has no support for advanced features like these and most of the sysadmins spend their time with the editors like vi/nano/atom. Sometimes, even simple mistakes like missing a space, can make your scripts fail to run. In this blog post, we’ll discuss some of the common ways to debug bash shell scripts.

Read More »