I need to get a value between 2 special characters I use for my other purposes in the log file on the Linux server.

Problem

How to get the value between two special characters on Linux?

Solution

Special characters are the punctuation characters on your keyboard, such as !, @, #, and so on. After I searched on the internet, there were 2 solutions to get the value between these two special characters: using the grep command or using the cut command.

1. Using the grep command

To get the value between two special characters using the grep command, use the following format:

grep -Po "(?<=\special_character).*?(?=\character_special)"

For example, if the special character is brackets or (), then the format above changes to:

grep -Po "(?<=\().*?(?=\()"

Type the command below to get the value between the brackets:

echo "(test)" | grep -Po "(?<=\().*?(?=\))"

Look at the example in the image below:

2. Using the cut command

To get the value between two special characters using the grep command, use the following format:

cut -d "special_character" -f2 | cut -d "special_character" -f1

For example, if the special character is pound or #, then the format above changes to:

cut -d "#" -f2 | cut -d "#" -f1

Type the command below to get the value between the pounds:

echo "#test#" | cut -d "#" -f2 | cut -d "#" -f1

Look at the example in the image below:

Note

If you have a log file in Linux, for example, the content of the file is as image below:

nginx1 server status is [OK]
nginx1 server status is [OK]
db1 server status is [OK]
db2 server status is [OK]
redis1 server status is [OK]
redis2 server status is [OK]
monitoring server status is [OK]

You can use one of the commands above to get the value between 2 special characters, and I use the cut command as in the command below:

cat test.txt | cut -d "[" -f2 | cut -d "]" -f1

References

ers.texas.gov
stackoverflow.com

The previous article explained how the Molly-Guard tool can protect Linux servers from accidental reboot or shutdown commands. Unfortunately, this tool is only available on Debian/Ubuntu distros and their derivatives, while sysadmins generally have many Linux servers from various distros.

Problem

How to make a tool like Molly-Guard using a bash script?

Solution

To create a tool like Molly-Guard, you can use a bash script, and this script has been tested on Ubuntu Server 24.04, RockyLinux9, and OpenSUSE 15 distros. And this script should be applied throughout the Linux distro to replace the Molly Guard tool. Here are the steps:

1. Check the paths

First, check where the reboot, shutdown, poweroff, and halt commands are located on the Linux server by running the command below:

whereis -b reboot
whereis -b shutdown
whereis -b poweroff
whereis -b halt

As far as I know, Linux distributions such as RockyLinux and Ubuntu only provide one binary file for each command for the reboot, shutdown, poweroff, or halt command, usually in the folder /usr /sbin. However, on certain distros, for example, the OpenSUSE distro, when you run the command above, the result will be as shown in the image below:

From the image above, you can see that 2 files represent each of these commands. Because this article uses the commands in the /usr/sbin folder, you can rename the commands in the /sbin folder using the commands below:

mv /sbin/reboot /sbin/reboot_backup 
mv /sbin/shutdown /sbin/shutdown_backup
mv /sbin/poweroff /sbin/poweroff_backup
mv /sbin/halt /sbin/halt_backup

2. Create a bash script

Copy the bash script below into the /usr/local/bin/ folder and give it a molly-guard-costume.sh name:

#!/usr/bin/env bash

# molly-guard-custome.sh: Prevent accidental reboot or shutdown like molly-guard tool

##########################################################################################
# The functions

check_hostname_reboot() {
# Compare the user input with the actual hostname
if [ "$USER_INPUT" == "$ACTUAL_HOSTNAME" ]; then
        echo "Hostname confirmed."
        echo
        sleep 1
        echo "Proceeding with the command..."
        echo
        sleep 1
        echo "The system will reboot now!"
        echo
        sleep 1
        /usr/sbin/reboot_server 
else
        echo "Hostname mismatch. Aborting the reboot operation."
        exit 1
fi
}

check_hostname_halt() {
# Compare the user input with the actual hostname
if [ "$USER_INPUT" == "$ACTUAL_HOSTNAME" ]; then
        echo "Hostname confirmed."
        echo
        sleep 1
        echo "Proceeding with the command..."
        echo
        sleep 1
        /usr/sbin/halt_server 
else
        echo "Hostname mismatch. Aborting the halt operation."
        exit 1
fi
}

check_hostname_poweroff() {
# Compare the user input with the actual hostname
if [ "$USER_INPUT" == "$ACTUAL_HOSTNAME" ]; then
        echo "Hostname confirmed."
        echo
        sleep 1
        echo "Proceeding with the command..."
        echo
        sleep 1
        echo "The system will reboot now!"
        echo
        sleep 1
        /usr/sbin/poweroff_server 
else
        echo "Hostname mismatch. Aborting the poweroff operation."
        exit 1
fi
}

check_hostname_shutdown() {
# Compare the user input with the actual hostname
if [ "$USER_INPUT" == "$ACTUAL_HOSTNAME" ]; then
        echo "Hostname confirmed."
        echo
        sleep 1
        echo "Proceeding with the command..."
        echo
        sleep 1
        echo "The system will reboot now!"
        echo
        sleep 1
        /usr/sbin/shutdown_server 
else
        echo "Hostname mismatch. Aborting the shutdown operation."
        exit 1
fi
}

##########################################################################################

# Get the actual system hostname
ACTUAL_HOSTNAME=$(hostname)

# Ask the user to input the hostname
echo "Please confirm the hostname to proceed it."
read -p "Enter the hostname: " USER_INPUT

# Check the command
ps aux | grep reboot > /tmp/reboot.txt
ps aux | grep halt > /tmp/halt.txt
ps aux | grep poweroff > /tmp/poweroff.txt
ps aux | grep shutdown > /tmp/shutdown.txt

reboot_size=`ls -al /tmp/reboot.txt | awk '{print $5}'`
halt_size=`ls -al /tmp/halt.txt | awk '{print $5}'`
poweroff_size=`ls -al /tmp/poweroff.txt | awk '{print $5}'`
shutdown_size=`ls -al /tmp/shutdown.txt | awk '{print $5}'`

# Compare the command

if [ $reboot_size -gt 90 ];
then
        rm -f /tmp/reboot.txt /tmp/halt.txt /tmp/poweroff.txt /tmp/shutdown.txt
        check_hostname_reboot
elif [ $shutdown_size -gt 90 ];
then
        rm -f /tmp/reboot.txt /tmp/halt.txt /tmp/poweroff.txt /tmp/shutdown.txt
        check_hostname_shutdown
elif [ $poweroff_size -gt 90 ];
then
        rm -f /tmp/reboot.txt /tmp/halt.txt /tmp/poweroff.txt /tmp/shutdown.txt
        check_hostname_poweroff
elif [ $halt_size -gt 90 ];
then
        rm -f /tmp/reboot.txt /tmp/halt.txt /tmp/poweroff.txt /tmp/shutdown.txt
        check_hostname_halt
fi

Then run the command below so that it can be run:

chmod +x /usr/local/bin/molly-guard-costume.sh

3. Copy the commands

Use the commands below to copy the commands :

file_path=$(whereis -b "reboot" | cut -d ' ' -f 2);sudo cp $file_path ${file_path}_server > /dev/null 2>&1
file_path=$(whereis -b "shutdown" | cut -d ' ' -f 2);sudo cp $file_path ${file_path}_server > /dev/null 2>&1
file_path=$(whereis -b "poweroff" | cut -d ' ' -f 2);sudo cp $file_path ${file_path}_server > /dev/null 2>&1
file_path=$(whereis -b "halt" | cut -d ' ' -f 2);sudo cp $file_path ${file_path}_server > /dev/null 2>&1

To see the result, type the command below:

ls -al /usr/sbin/ | grep server

4. Link the script to the commands

Then, link the bash script to the commands by running the command below:

ln -sf /usr/local/bin/molly-guard-costume.sh /usr/sbin/reboot
ln -sf /usr/local/bin/molly-guard-costume.sh /usr/sbin/shutdown
ln -sf /usr/local/bin/molly-guard-costume.sh /usr/sbin/poweroff
ln -sf /usr/local/bin/molly-guard-costume.sh /usr/sbin/halt

To see the results, type the command below:

ls -al /usr/sbin/ | grep molly

5. Test the result

Now, try to do the reboot command and write the wrong hostname, and your Linux server shouldn’t reboot. However, try to write the correct hostname, then your Linux server should be rebooted, like in the image below:

You should get the same results when running other commands such as poweroff, shutdown, and halt.

Note

Unlike the Molly-Guard tool, this script will continue to work even though you run the reboot or shutdown command without an SSH connection or directly connect the keyboard to the Linux server.

References

unix.bris.ac.uk
stackoverflow.com
geeksforgeeks.org

As a Sysadmin, accessing a Linux server is a normal daily activity. But sometimes we accidentally make mistakes rebooting or shutting down the production server, causing the server to be inaccessible. Therefore, we need a tool to confirm if someone reboots or shuts down a Linux server.

Problem

How to protect the Linux server from an accidental reboot or shutdown?

Solution

In the Debian/Ubuntu distribution, the molly-guard tool can be used to protect the Linux server from an accidental reboot or shutdown. Use the two commands below to install molly-guard:

sudo apt update
sudo apt-get install molly-guard

After that, try to reboot the server, and there should be a notification like the image below:

Someone who wants to reboot the server must write the server’s hostname. If the nameserver does not match the hostname on the server, the reboot process will not be continued, but if it matches the hostname on the server, the reboot process will be continued.

This is very useful if the sysadmin accidentally types the reboot command on the server. However, this tool not only protects the server from the reboot command, but also other commands such as the poweroff, shutdown, coldreboot, pm-hibernate, pm-suspend, and pm-suspend-hybrid commands.

Note

Keep in mind that this molly-guard tool can only work in the Debian/Ubuntu distribution and its derivatives, and this tool only works on SSH connections. If you access the Linux server without an SSH connection, for example, by directly connecting the keyboard to the Linux server, this tool will not work, so if you run the reboot command, the Linux server will immediately reboot.

References

manpages.ubuntu.com
launchpad.net
techbits.io

By default, if you open the vi application on Linux (especially using PuTTY), the color for comments is blue. However, sometimes this makes it very difficult for me to read the comments, especially if the background color of the terminal is black.

Problem

How to change the color of comments in the vi application?

Solution

Below is an image of a /etc/crontab file opened using Putty:

For me, it’s very difficult to read the comments in the Linux file if they’re blue like in the image above. So, if you want to change the color of comments in the vi application, for example, if you want to change the color of comments to yellow, then open the .vimrc file by:

vi ~/.vimrc

Type the script below into the file:

highlight Comment ctermfg=yellow

After that, open the file using the vi application, and the comments on the file should change to yellow as in the image below:

You can see that the comment color is changed to yellow after you configure the .vimrc file.

Note

Currently, the vi application can support up to 256 colors that can be used in the vi application. So if you want to use more colors supported by the vi application, in the .vimrc file type the script below:

set t_Co=256

Then you can choose the colors on this page, for example, you want to use purple for comments, then enter the script below in the .vimrc file:

set t_Co=256
highlight Comment ctermfg=93

Then the comments in the vi/vim application should be purple as in the image below:

References

spinspire.com
linode.com

Crontab, which stands for cron table, is used to run one or more scripts in Linux based on a specific time. Usually, if you want to change something in the crontab, you use the crontab -e command and then change the crontab. But I want to change crontab using a shell script.

Problem

How to change crontab using a bash script?

Solution

I create a bash script to execute something on my Linux server, and in my script, I want to change the crontab so the script will add, change, or remove the script in the crontab. Here are ways to change crontab using a script:

1. Add a script in crontab

For example, if you want to add a random.sh script which is in the /root/scripts folder in crontab and will run every 5 minutes, then use the command below:

(crontab -l 2>/dev/null || true; echo "*/5 * * * *		/root/scripts/random.sh") | crontab -

Or if you want to add the script to the crontab in another form of writing, then you can use the command below:

(crontab -l 2>/dev/null || true; echo "*/5 * * * *             cd /root/scripts;./random.sh") | crontab -

2. Change the script in crontab

If you want to change the file in crontab to once every 10 minutes (previously every 5 minutes) for the random.sh script in the /root/scripts folder, then use the command below:

crontab -l | sed 's/\*\/5 \* \* \* \*                \/root\/scripts\/random.sh/\*\/10 \* \* \* \*                \/root\/scripts\/random.sh/g' | crontab -

Or, you can execute the command below if your script uses another form of writing in crontab:

crontab -l | sed 's/\*\/5 \* \* \* \*             cd\ \/root\/scripts\;\.\/random.sh/\*\/10 \* \* \* \*             cd\ \/root\/scripts\;\.\/random.sh/g' | crontab -

3. Disable and enable the script

If you want to disable the random.sh script in crontab, then use the command below:

crontab -l | sed 's/\*\/10 \* \* \* \*             cd\ \/root\/scripts\;\.\/random.sh/\#\*\/10 \* \* \* \*             cd\ \/root\/scripts\;\.\/random.sh/g' | crontab -

But if you want to enable it, use the command below:

crontab -l | sed 's/\#\*\/10 \* \* \* \*             cd\ \/root\/scripts\;\.\/random.sh/\*\/10 \* \* \* \*             cd\ \/root\/scripts\;\.\/random.sh/g' | crontab -

4. Deleting the script in crontab

Use the command below if you want to delete the random.sh file in crontab:

crontab -l | sed '/\*\/5 \* \* \* \*         \/root\/scripts\/random.sh/d' | crontab -

Or, you can execute the command below if your script uses another form of writing in crontab:

crontab -l | sed '/\*\/5 \* \* \* \*             cd\ \/root\/scripts\;\.\/random.sh/d' | crontab -

Note

You have to pay attention to whether the script in the crontab uses spaces or tabs because it greatly affects whether the script that you run can change something in the crontab or not. You have to put a backslash(\) if you want to change or delete your script in crontab that uses symbols like an asterisk(*), forward slash(/), hash(#), space, and so on.

References

techtarget.com
stackoverflow.com
webopedia.com

If you install a Linux server, you will usually install it with only one partition and not separate the other partitions. Problems will arise if one of these partitions uses a large enough hard disk, resulting in you running out of HDD space on your Linux server.

Problem

How to move the partition to a new partition in the Linux server?

Solution

In this article, I use the Ubuntu Server OS, and this article should be applied to any Linux distribution. Currently, the condition of the hard disk on my Ubuntu server is like the image below:

From the image above, the root partition only has a free HDD of 9 percent. After I checked, it turned out that the cause was the /var partition, which took up a lot of hard disk so I want to move the /var partition to the new partition.

Here are the steps to move the partition to a new partition in the Linux Server:

1. Add a new hard drive

I insert a new 10 GB HDD into my Linux server. After that, I check if the new HDD is detected by Linux using the command:

fdisk -l

From the image above, it can be seen that the new HDD was detected by Linux with a partition in sdb.

2. Create a new partition

Run the command below to create a new partition in Linux (Adjust to the hard disk partition detected on your Linux server after typing the fdisk -l command):

fdisk /dev/sdb

Press the n and p keys, then the number ,1 and enter 2x, then press the w button as seen in the image below:

Then create a filesystem from the new HDD, and I want to use ext4 for the filesystem of the new HDD using the command:

mkfs.ext4 /dev/sdb1

3. Create and mount a new folder

After that, create a new folder using the command:

mkdir /mnt/newvar

Then, mount the new partition to the new folder using the command:

mount /dev/sdb1 /mnt/newvar

4. Enter maintenance mode

Type the command below:

init 1

to enter the rescue mode:

After that, press the Enter button to enter maintenance mode.

5. Copy the folder

Go to the /var folder and copy all the files and folders in the folder into a new folder by typing the following commands:

cd /var
cp -ax * /mnt/newvar

6. Rename the folder

Once the copy process is complete, change the /var folder to the var.old folder and then create a new /var folder using the command:

cd /
mv var var.old
mkdir /var

7. Mount the new folder

Next, do umount on the /sdb1 partition by using the command:

umount /dev/sdb1

And mount the /sdb1 partition to the new /var folder using the command:

mount /dev/sdb1 /var

8. Change the fstab file

Change the /etc/fstab file by adding the following script to the file:

/dev/sdb1	/var	ext4	defaults	0 0

9. Restart the server

After that, restart the Linux server and make sure there is no problem when the Linux server reboots.

10. Delete the folder

If the Linux server has finished restarting, then you can delete the var.old folder so that the size of the hard disk of the root partition increases by using the command:

cd /
rm -rf var.old

Note

Reboot the server again to make sure there are no problems after you delete the var.old folder. You can use the steps above when you want to move another folder to a new partition in the Linux server.

References

blog.oshim.net
phoenixnap.com

The previous article explained how to install Docker on Linux. This article will explain how to manage a container in Docker.

Problem

How to manage a container in Docker?

Solution

To manage a container in Docker, you have to remember basic Docker commands. And here are the basic Docker commands:

1. Search for container images

To run containers in Docker, we need a Docker image. A Docker image is an immutable (unchangeable) file that contains the source code, libraries, dependencies, tools, and other files needed for an application to run. The place to store Docker images is known as the Docker registry, which by default uses the Docker Hub located at hub.docker.com. If you are looking for a container image in Docker, use the format below:

docker search container_name

For example, if you want to find an nginx image, then use the command below:

docker search nginx

2. Download the Docker image

To download the Docker image, use the following format:

docker image pull image_name:tag_version

where the tag_version is the version of the image, and if you don’t write the tag, it is considered that you want to install the latest version of the image. For example, if you want to download the newest version of the nginx image, use the command:

docker image pull nginx

But if you want to download nginx with a certain version, for example, version 1.27.2, then use the command:

docker image pull nginx:1.27.2

3. List the Docker image(s)

To display the Docker image that you have downloaded, use the command below:

docker image ls

Or you can use the command below:

docker images

4. Create a container

You can create the container using the format:

docker container create –name container_name image_name:tag

For example, if you want to create a container with the name webapp1, which contains the nginx application, then use the command below:

docker container create --name webapp1 nginx

When you use this command, Docker will first check whether the nginx image is on the server. If the image is not on the server, then Docker will download the nginx image, and after that, it will create an nginx container, and the image will remain on your server, as shown in the image below:

You can use an image to create multiple containers as long as the container names are different, as in the image below:

5. List the status of the container(s)

To display the container status, you can use the command:

docker ps

Maybe you are confused about why there is no container status displayed, even though you have made 2 containers before. Remember that the docker ps command only displays the ongoing container status. While the 2 containers you made had not been running, you just made a container. If you want to display all container statuses, use the command below:

docker ps -a

6. Turn on the container

To turn on a container, you can use the format:

docker container start container_id/container_name

Usually, I use container_name instead of container_id because it’s easier to memorize, so I run the following command:

docker container start webapp1

7. Pause the container

You can pause a container with the following format:

docker container pause container_id/container_name

So, you can use the command below to pause the container:

docker container pause webapp1

To resume the container, use the following format:

docker containers unpause container_id/container_name

You can use the command below to resume the container:

docker container unpause webapp1

8. Run a container with a single command

As explained above, if you want to run a container, you have to download the image first, create a container, and turn on the container (see numbers 2, 4, and 6). There is a command that can summarize the three commands above, using the format below:

docker run -d --name container_id/container_name image_name:tag

where the -d option is to run the container in the background. So if you want to run a container with the name webapp2, which contains the nginx application, then use the command below:

docker run -d --name webapp3 nginx

9. Display the size of Docker

To display how large Docker is installed on your server, use the command below:

docker system df

To display a Docker size in detail, use the command below:

docker system df -v

10. Display logs

To display logs of the running container to check something, follow the format below:

docker container logs container_id/container_name

So, run the command below to check the logs of your container:

docker container logs webapp1

If you want to display real-time logs of the container, give an option -f like in the below command:

docker container logs -f webapp1

Press Ctrl-C to exit the log.

11. Inspect the container

To display detailed information about a container, use the following format:

docker inspect container_name/container_id

So, if you want to see the detailed information about the container that you created before, use the command below:

docker inspect webapp1

If you only want to display specific items when running the inspect command, use the following format:

docker container inspect container_name/container_id -f '{{json .the item_you_want_to_display<.sub_item> }}' | python -m json.tool

So if you want to display only the network section when using the Docker inspect command, use the command below:

docker container inspect webapp1 -f '{{json .NetworkSettings.Networks }}' | python3 -m json.tool

12. Stop the container(s)

To stop the container, use the format below:

docker container stop container_id/container_name

For example, if I want to stop my container, then use the command below:

docker container stop webapp1

You can stop all the containers running with the below command:

docker stop webapp1 webapp2

Or use the below command to stop all the running containers:

docker kill $(docker ps -q)

13. Remove the container(s)

Before you remove the container, you have to stop the container first. To delete a container that’s already turned off, use the format below:

docker container rm container_id/container_name

Run the command below to remove the container:

docker container rm webapp1

By default, you can’t remove a container if the container is still running. You can use the command below to delete the container even if the container is still running, but it is not recommended:

docker container rm -f webapp2

If you have a lot of containers that are no longer used and you don’t want to delete them one by one, you can use the command below to delete all the unused containers:

docker rm $(docker ps -a -q)

You can also use the command below to delete all the stop containers:

docker container prune

14. Delete the image(s)

To delete the Docker image that you have already downloaded, use the format below:

docker image rm image_name

Run the image below if you want to delete the nginx image:

docker image rm nginx

However, you must know that you can’t delete the Docker image if the image is still running in the container. So you must remove the container first before you delete the image. If you want to delete multiple Docker images, use the following format:

docker image rm image_name1 image_name2 ...

So if you want to delete the nginx image and nginx:1.27.2 at once, then use the command below:

docker image rm nginx nginx:1.27.2

And if you want to delete all the images, you can use the command below:

docker rmi $(docker images -a -q)

Or, you can use the command below to remove the unused images:

docker image prune -a

Note

If you forget or don’t know what command to use in Docker, use the following command:

docker --help

After that, if you want to know the options in the Docker command, then use the following format:

docker command --help

For example, if you want to know the options of the run command in Docker, then type the command below:

docker run --help

You can shorten all the Docker container commands to just the docker command to shorten the typing time. For example, if you want to create a container, you can use the command:

docker create --name webapp6 nginx

References

geeksforgeeks.org
mygreatlearning.com
youtube.com
youtube.dimas-maryanto.com