Linux / Unix Command Examples

Here are links to some useful Linux tips:

Awesome. VIM “for people who don’t want to use it , but have to…”. Or see my page

sudo is the right choice for granting admin rights on the CentOS Linux 8 server. Learn how to create a new user and grant her admin rights


  1. Tomi Engdahl says:

    Hack Another ELF On The Stack

    dropbear] recently found herself in a pickle. Dumping some data out of an Android app at a specific point for reverse engineering purposes. While it worked great in the simulator, it was painfully slow on hardware via lldb. The solution was to write a patch and apply it to the ELF file.

    dropbear] found a NOTE section that just contained some metadata. She created a new section at the end of the file for her custom assembly and modified the header to declare the NOTE section as a LOAD section that pointed at her new section, which would get mapped into memory. All that was left to do was tweak the assembly in the actual code to jump to her new code that dumps.

    Adding code to an existing ELF file

  2. Tomi Engdahl says:

    Linux Fu: Easy Widgets

    Here’s a scenario. You have a microcontroller that reads a number of items — temperatures, pressures, whatever — and you want to have a display for your Linux desktop that sits on the panel and shows you the status. If you click on it, you get expanded status and can even issue some commands. Most desktops support the notion of widgets, but developing them is a real pain, right? And even if you develop one for KDE, what about the people using Gnome?

    Turns out there is an easy answer and it was apparently inspired by, of all things, a tool from the Mac world. That tool was called BitBar (now XBar). That program places a widget on your menu bar that can display anything you want. You can write any kind of program you like — shell script, C, whatever. The output printed from the program controls what appears on the widget using a simple markup-like language.

    That’s fine for the Mac, but what about Linux? If you use Gnome, there is a very similar project called Argos. It is largely compatible with XBar, although there are a few things that it adds that are specific to it. If you use KDE (like I do) then you’ll want Kargos, which is more or less a port of Argos and adds a few things of its own.

    Good News, Bad News

    The good news is that, in theory, you could write a script that would run under all three systems. The bad news is that each has its own differences and quirks. Obviously, too, if you use a complied program that could pose a problem on the Mac unless you recompile.

  3. Tomi Engdahl says:

    Optimizing Linux Pipes

    In CPU design, there is Ahmdal’s law. Simply put, it means that if some process is contributing to 10% of your execution, optimizing it can’t improve things by more than 10%. Common sense, really, but it illustrates the importance of knowing how fast or slow various parts of your system are. So how fast are Linux pipes? That’s a good question and one that [Mazzo] sets out to answer.

    The inspiration was a highly-optimized fizzbuzz program that clocked in at over 36GB/s on his laptop. Is that a common speed? Nope. A simple program using pipes on the same machine turned in not quite 4 GB/s. What accounts for the difference?

    Did he finally get to 36GB/s? No, he actually got to 65 GB/s! There is a lot to learn both in specific techniques and the approach.

    How fast are Linux pipes anyway?

  4. Tomi Engdahl says:

    Need A Linux Kernel Module? Scratch That

    If you have been for (or against) Rust in the Linux kernel, get ready for a Linux kernel module written in… Scratch. That’s right. Scratch, the MIT-developed language with blocks popular for teaching kids to code. We didn’t mean “from scratch.” We meant IN Scratch. The bootstrap code and Makefile is out there on GitHub.

    Of course, it is a simple module and the reason it is possible is because of the scratchnative system that lets you compile Scratch into C code. If you want to look at the decidedly simple code, you can open it in your browser.

  5. Tomi Engdahl says:

    Here is a quick tutorial explaining how to convert JSON files to CSV format per applications needs using the Linux, macOS or Unix/*BSD system CLI.

  6. Tomi Engdahl says:

    For any novice Linux users out there. Here’s a few examples of how to record and playback audio from the Linux command line (console). These examples are all centred around creating sine waves, but of course you can play music (including formats other than wav).
    # some examples to play and record audio using arecord and sox
    # all examples process 24 or 32 bits of audio at 96khz
    # aplay -l will list playback devices
    # arecord -l will list capture devices
    # arecord – capture 60 seconds of 2 channel audio from hw:2,0 and write it to tmpwav.wav
    arecord -D hw:2,0 -c 2 -r 96000 -fS24_3LE -d 60 tmpwav.wav
    # sox – capture 60 seconds of 2 channel audio from hw:2,0 and write it to tmpwav2.wav
    sox -b 24 -r 96000 -c 2 -t alsa hw:2,0 tmpwav2.wav trim 0 60
    # generate a tone using play (part of sox)
    # generate a sinewave – this will generate a 2 channel 1khz sinewave at -9dB
    # of 100 seconds duration on playback hardware device 3,0 using a sample rate of 96khz
    AUDIODEV=hw:3,0 play -r 96000 -n -b 24 -c 2 synth 100 sin 1000 vol -9dB
    # create a file with the above instead of generating a tone
    sox -b 32 -r 96000 -c 2 -n soundfile.wav synth 100 sine 1000 vol -9dB
    # play a .wav file with aplay – the “-f” switch here is crucial (as with arecord above) and will vary according to your hardware
    # most likely options are S24_3LE or S32_LE (there are many more – see the aplay man page for details)
    aplay -D hw:3,0 -f S24_3LE
    # do the same with the play (sox) utility
    AUDIODEV=hw:3,0 play
    # the AUDIODEV variable is not required if ~/.asoundrc is configured correctly.

  7. Tomi Engdahl says:

    Adding comments to ufw rules helps understand the purpose of firewall rules easily. It also supports other Linux users /dev why the firewall rules were added by previous IT staff. Hence, I strongly suggest you document adding rules to your ufw firewall.

  8. Tomi Engdahl says:

    11 dangerous Linux terminal commands every Linux user must be aware of (don’t run).

  9. Tomi Engdahl says:

    A sysadmin’s guide to network interface configuration files
    Simplify the complex world of interface configuration files with this handy tutorial.

  10. Tomi Engdahl says:

    Old post: Shell script to watch the disk space and send an email if running out disk space >=90%. Useful for solo developers or home Linux and Unix server users.

  11. Tomi Engdahl says:

    Universal Unix tool AWK gets Unicode support
    In Unix terms, this news is akin to Moses appearing and announcing an amendment to the 10 commandments. AWK, a programming language for analyzing text files, is a core part of the Unix operating system, including Linux, all the BSDs and others. For an OS to be considered POSIX compliant, it must include AWK. AWK first appeared in 1977 and was included in Version 7 UNIX in 1979 the last version of UNIX from Bell Labs, before AT&T turned it into a commercial product. What is notable about the tool gaining Unicode support is not so much the feature itself, but who wrote it: Canadian computer scientist Brian Kernighan.

  12. Tomi Engdahl says:

    There is no excuse for NOT configuring a host firewall to block unwanted traffic and allow selected ports. Here is how to set up and configure UFW, a super easy frontend to the Netfilter on Ubuntu Linux 22.04 LTS desktop and server. Give it a try.

  13. Tomi Engdahl says:

    Somebody emailed me this one. I think it is pretty cool. The Linux file system hierarchy. Download pdf version
    Ps: typing `man 7 hier` is better than this graph tho, but i shared in hope that someone might find it useful.

  14. Tomi Engdahl says:

    QEMU/KVM for absolute beginners

    On this episode of Veronica Explains, I explain the absolute basics of hypervisors generally, KVM specifically, and virt-manager graphically.

  15. Tomi Engdahl says:

    Linux Fu: Atomic Power

    People are well aware of the power of virtual machines. If you want to do something dangerous — say, hack on the kernel — you can create a virtual machine, snapshot it, screw it up a few times, restore it, and your main computer never misses a beat. But sometimes you need just a little shift in perspective, not an entire make belive computer. For example, you are building a new boot disk and you want to pretend it is the real boot disk and make some updates. For that there is chroot, a Linux command that lets you temporarily open processes that think the root of the filesystem is in a different place than the real root. The problem is, it is hard to manage a bunch of chroot environments which is why they created Atoms.

  16. Tomi Engdahl says:

    How to protect Linux against rogue USB devices using USBGuard

    You deployed a perfect firewall and other network security policies preventing unauthorized access to the user’s desktop computer over a network. However, you still need to block USB device access. We can configure a Linux desktop security policy to protect your computer against rogue USB devices (a.k.a. BadUSB) by implementing essential allow and blocklisting capabilities based on device attributes. For instance, I can define what kind of USB devices are authorized and how a USB device interacts with the Linux system. For example, I can define policy allowing Yubikey with serial number “XYZ” and USB LTE modem with serial # “ABC.” Every other USB device access is denied by default.

    USBGuard only works on Linux, and the following tutorial will not work with other operating systems such as *BSD or macOS.

    We need to install USBGuard as follows as per your Linux distro version.

    Use the systemctl command to configure the usbguard service at boot time or restart it when you apply new policy.
    Use the lsusb command or usb-devices command for displaying information about USB buses in the system and the devices connected to them.
    Want a graphical summary of USB devices connected to the system? Try:
    sudo usbview
    Next cd into /etc/usbguard directory as the root user.
    The usbguard service reads its default and options from a file named /etc/usbguard/usbguard-daemon.conf

    Almost all Linux distros ship with no rules. Hence the file is empty. To generate a rule set (policy) that authorizes the currently connected USB devices, run:
    sudo usbguard generate-policy -X >/etc/usbguard/rules.conf

    The reject or block policy as the base policy is recommended because:

    It defined a permanent USBGuard policy that allows a specific USB device to interact with the Linux system.
    In other words, currently, connected devices are accepted, but USBGuard will block or reject any additional USB devices.

  17. Tomi Engdahl says:

    Here are various ways to ssh into remote Linux or Unix/BSD machines and run multiple commands in Bash

  18. Tomi Engdahl says:

    Linux monitoring script with attitude
    here is how to send push notification from your Linux or Unix


Leave a Comment

Your email address will not be published. Required fields are marked *