This document will cover the generic Unix commands that are largely the same on all flavors of Unix.

File/Dir Permissions

sticky bit, setuid, setgid

chmod 1777 /tmp      = sticky bit on dir

chmod 4755 /tmp/dir  ~= chmod u+s /tmp/dir   = setgid on dir,  content will always be owned by the primary owner of the dir.
chmod 4755 /tmp/file ~= chmod u+s /tmp/file  = setgid on file, execute with owner priv. common eg: setuid root.

chmod 2755 /tmp/dir  ~= chmod g+s /tmp/dir   = setgid on dir,  content will always be owned by the group.
chmod 2755 /tmp/file ~= chmod g+s /tmp/file  = setgid on file, execute with group priv

chmod 6755 /tmp/file ~= chmod ug+s /tmp/file

newgrp	groupname	# change the default group user will create file as 
			# only last for current session
			# Can prompt for password if group is password protected?


getfacl file1				# read permissions
setfacl -m u:andy:rw  file1		# -m = modify: give (a secondary user) named andy read/write access to file1
setfacl -m g:admin:rw file1             # g for secondary group, here a group named admin, get rw access
setfacl -x u:andy     file1		# -x = remove permissions

directory can have default acl set so that all files within it will inherit such acl automatically.  use "d" to specify it as default settings.  eg:

setfacl -m d:g:admin:rw  dir1

crontab -l = list
        -e = edit
        -r = remove  (no confirmation, everything gone for the user!!)

entries stored in /var/spool/cron
# crontab file format 
# minute hour day-of-month month day-of-week0=sun cmdline 
# 0-59   0-23 1-31         1-12  0-6              echo "Hello World!"
*/5      *    *            *     *                echo "Linux can easily define job for every 5 min" > /dev/null
/etc/crontab : good for sys admin, single file for all jobs, has extra column defining user to run job as.

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name 	command to be executed

*/5  *  *  *  * root 		/usr/local/bin/pbs_check

### can change MAILTO for rest of "script"
*/5  *  *  *  * root 		/usr/local/bin/lustre_monitor



-h		= brief help, no man pages needed.
-r 		= recursive
-l1  		= depth level, default to 5
--no-parent	= don't bother with ref to parent dir (-np)
-A.gif		= download only .gif files

-c		= continue previous interrupted download
-nc		= no clobber of existing files
-b 		= process job in background, returning to prompt
--passive-ftp	= use passive ftp

-k		= change link ( convert non-relative links to relative)
-m		= mirror site  options, eg, download file only if newer.
-l=20		= retrieve to depth = 20

--http-user=USER	= web page with user/login req
--convert-links		= convert the downloaded html link to local files
-Pdownloaddir		= place downloaded file in downloaddir instead of the name.

eg download only *.gif files from server
wget -r -l1 --no-parent -A.gif

eg2, ftp with username and password as username:password@site:

eg3: download ibm patches, which is dir with set of links.
wget --glob=on --retr-symlinks --level=1* 

eg4: getting suse linux from ftp site:
wget -r -m  -np -c -l10

wget obeys robot rules. in file /robot.txt

If proxy is mandatory, set the proxy server thru env var http_proxy and ftp_proxy.  eg:
setenv http_proxy ""
export ftp_proxy=""
If auth is req, wget has parameters to submit these also.  

wget --no-verbose${KNIME_VER}-${KNIME_PLAT}.tar.gz -O $KNIME_GZ 
	-O will force output to a specified filename, overwrite if exist.

curl does many similar thing than wget...
rsync -avul source /path/to/destination
            sync ./source to /path/to/destination
            source or destination could be NFS mounted location.
            only newer files in local dir will be copied to dest
            if dest has newer file, they will not be changed.
      -a    archive mode, preserve sym link, attributes, owner/perm, etc.
      -n    dry run, use w/ -v and will list files that will be cp'ed
            w/o actually doing it.
      -l    copy sym link as sym link (like tar)
      -L    copy file refered by the sym link
      -z    use compression during transfer (when used with remote host)
	--delete	delete files in dst that is not in source
			Use this to sync/backup user /home during migration
	--preogress	show progress (useful when not in -v?)

rsync -avuL /f /cygdrive/p/backup_of_master_data_DrvF
            cmd used at home in win2003 to backup all data to removeble ide drv.
            does not support funky chinese mp3 filename :(

rsync -avl -e ssh  --rsync-path=/usr/local/bin/rsync remote-svr:/dir/* ./local/storage
	use ssh as transfer protocol with remote machine
	allow specification of where rsync is located on remote host
	either source or destination machine could be a server: kind of entry

work as usual

screen -r  = resume
screen -rd = resume, detach all other sessions
screen -w  = list screens
screen -d -r  reatach remote and retach here
screen -x = allow for multiple attach to a screen (mirror!)

Can use named screen sessions, so don't have to lookup pid using screen -ls
screen -S scr1
screen -r scr1  = resume the specified named session scr1

ctrl-a,d  = detach
crtl-a,x  = lock keyboard
ctrl-a,?  = help
ctrl-a,c  = create new window ( or enter screen  w/in an existing screen window)
ctrl-a,n  = switch to next window
ctrl-a,p  = switch to prev window 
ctrl-a,w  = show list of window
ctrl-a,"  = prompt for window name or number to switch to
ctrl-a,0  = switch to window number 0 (to 9, enter - for blank window)
ctrl-a, A = prompt for a title name for current window
ctrl-a, N = show number and title of current window
ctrl-a, k = kill current window
ctrl-a, S = create split window mode
ctrl-a, ^I= move focust to next split window (^I=TAB).
ctrl-a, [ = history, allow scroll back, but really for cutting text into buffer.  
            Enter marks begin pt, move around.  Enter again marks end pt.

ctrl-a,a  = send ctrl-a to the terminal
ctrl-a,tab= switch input focus to next region
ctrl-a,ctrl-b= send a break


find /home -name myfile.txt -exec ls -ld {} \;

find options
-user UID		: find all files owned by user UID
-exec CMD {} \;		: {} represent the matched entry (full path)
			  CMD will be executed with {} as arg
			  \; is required to end exec section


finding files: 
find . | grep 'FILENAME' 		# not 'correct' usage, but works :)
find . -name FILENAME -print

find . -user root  -exec chown weblogic:weblogic {} \;
	run in weblogic dir, replace all files owned by root to weblogic
	(remember to change back to root the back to root)

find . -ctime +30 -exec mv -t OLD_LOG {} \;	# move files (eg logs) more than 30 days (creation time) old to a target dir named OLD_LOG   
						# (-t in mv puts destination dir first, then take args for files to be moved)

find . -perm -o+w -exec ls -l {} \;
	long listing of all files whose permission is world writable

find . ! -user tho01 -print
	list all files whose owner is not tho01

other cmd: ls -l, so to see full listing of file instead of just path, 
but any entry that is a dir will return rather long listing...  (can use  type=file only to skip dir)

find . -type f -ctime -5 -exec ls -l {} \;		# files modified less than 5 days ago. ie NEW file w/in past 5 days.   eg script looking for new files to backup
find . -type f -ctime +5 -exec ls -l {} \;		# files modified more than 5 days ago. ie OLD files older than 5 days. eg use in auto delete script
find . -type f -ctime  5 -exec ls -l {} \;		# files modified exactly   5 days ago. ie EXACTLY 5 days old (seldom use).

find . -name ZQ\*DAT -type f -ctime +5 -exec rm {} \;	# rm ZQ*DAT older than 5 days.

find  /usr/local/jboss-6.0.0.Final/server/default/log -type f \! -name \*gz -ctime +4 -exec gzip --best {} \;
find  /usr/local/jboss-6.0.0.Final/server/default/log -type f -ctime +30 -exec rm {} \;
	# compress log files older than 4 days, delete everything more than 30 days old

find /home/USERNAME -path /home/USERHOME/.snapshot -prune -o -print 
	# find all files from the user home dir, but exclude .snapshot dir from NetApp
	# find and .snapshot is strange, sometime it will enter .snapshot (typically full path
	# to the "root" of the mount, other it won't (typically relative path from lower level of the tree) ??
	# I guess it depends on how the dir was stat'd...

find /nfshome -uid 501 -exec chown -h 8001 {} \;
	# change UID of all files beloging to user with UID 501, change it to 8001
	# -h option of chmod effectively leave destination of sym link with original owner

chown -R 8001:2000 --from=501:201 .
	# chown can do matching before it actually change ownership
	# maybe able to archive similar result without the find command above.

FECHA=$(date "+%Y.%m%d")



gpg --symmetric myfile.txt		# symetric key, single password.
gpg -e -r username myfile.txt		# encrypt using pgp public key stuff

pgpe - Encrypts and signs messages

-a, --armor
          Turn on "ASCII Armoring."   This  outputs  a  text-only
          version  of your encrypted text.  This makes the result
          safe for mailing, but about 30% larger.

-c   Conventional  encrypting  mode.
        ie, symetric cipher, no public key stuff.


pgpe -c -t test.txt
        This encrypts test.txt using conventional, single key encryption.
        produce output file test.txt.pgp
        -t = platform independent text mode.
        Note that original file will remain, must be manually removed.

windows binary version of gnupg: (need dir c:\gnupg to exist)
gpg -c test.txt
        encrypt file with symetry key, generate test.gpg, leave original intact.
gpg -d test.gpg
        decrypt test.gpg, output to stdout.
gpg -h
        display help usage


pgpv - Decrypts and Verifies messages.
        -m : more mode.  page encrypted file using $PAGER
        This will not produce an output file.


pgpv test.txt.pgp
        decrypt file, placing output in same filename sans .pgp extension.


-e      : encrypt
-c      : symetric cipher

--decrypt [FILE]        : decrypt to stdout,
                        : read from stdin if FILE not specified

gpg -c area51
        produces simple password encrypted file area51.gpg
        original file remails!

gpg --decrypt area51.gpg
        decrypt file and write it to std out


gpg --gen-key
        Generating private/public key pair (keys, db, etc are saved in $HOME/.gnupg/)

gpg --export -a > tin-brio.gpg-public-key
        Generate a 7-bit ASCII text block of the public key, suitable for publishing on Internet

gpg --import tin-tokyo3.gpg-public-key
        Import other user public key into the db (must have these key in db before send:

gpg --delete-secret-and-public-key "Tin Ho (Tin Ho, email account)"
        will delete the entry form db, quote text string as output of --list-keys

gpg -r "RECIPIENT UID" --armor --sign --encrypt < txtfile > cryptfile
        encrypting and signing a text file to be send as email, from tho@brio to tin@tokyo3
        (if no -r specified, will be prompted.  Will also prompt for passphrase of the
        private secret key for signing").
        pgp is fairly smart in matching strings for recipient,
        any unique thing listed in --list-keys can be used
        if using full name with space or symbols, enclose in quote.
gpg --list-keys
        List keys of public signature imported into personal db.

to send data w/o signing:

gpg -e [RECIPIENT UID] < txtfile

gpg -d < cryptfile

to sign text message
This only sign message, but does NOT encrypt:
gpg --clearsign txtfile         #it will generate txtfile.asc:

verify signature in signed file:
gpg --verify txtfile.asc


od -c filename		# octal dump -C for ASCII or escaped char, to see \r \n of DOS textfile


xxd -r		# hex to ascii, need input line number a la hexdump ?

cd - (cd to previous dir)

!$   (last param of previous command)  keyboard shortcut in bash is alt+.


actually, don't think can just pipe to at.  so this won't send mail at later time... check danny's mail8r script... 
make it work in n10 only is fine...
use at for email reminder: mail -s 'subject' tho01 | at 10:00am {feb11}
type message, ctrl-d to end
note: dizzy support -s 'subject' , 
grads, sdb1, does not support -s, just have subject: in message section
n10 does not support -s option at all

sh -x CMD	cmd is the regular way of executing a bourne shell script
		invoked like this will show each command as they are carried out

tail -f FILE monitor file as it grows
sdiff  -s = do not print identical lines

scp remote-host:remote-path local-host:local-path
	secure copy b/w 2 comp on the network

edit-assign vi = edit $HOME/.hpdrc-assign/assignment file
rishen hours {project} {hrs} {supervisor_email} = report prj of past 2wk hours 

assigning {uid} = edit assignment file of other users
edit-rcs vi {filename} = edit assignment files of past employees, must be in the dir and use assignment as the filename 

#/home/rvc-d1/mgutie01/rsi/envi/bin/envi to run demo ver of envi
#/disk/73/agonza24/envi_3.0/bin/envi  for new version of envi on sdb1
envi run as aliased command now


gimp        image editor in Linux, avail for solaris
sdtimage	image viewer in solaris CDE default setup, in /usr/dt/bin

last        see who last logged on to the sys (a long log)
acroread    launch acrobat reader for .pdf file
xpsview     adobe ps viewer that comes with irix 6.5
ghostview   view .ps file
gs          view .ps file, command mode
ghost       my script to launch gs in alex linux box
ps2pdf      convert from ps to pdf file

pushd .     push current dir into stack  (aliased to pu)
popd        pop the pushed dir (ie change back to old dir; alias po)
pushd \!*   jump b/w last pushed dir (aliased to xd)

tar -zxvf file {-C dir}   untar and uncompress
tar -zcvf file  *         tar and compress current dir, files still remain

kill -9 -1 kill every single process i own w/in the server.
fold -w80    wrap long line to max 80 column

fmt -w{72}   wrap long line to less than 72, keeping word together

mail user < filename
mailx -s "subject" < filename (solaris)
      -v	# verbose, give SMTP session dump, good for debugging.

to log out of sgi session remotely:
/usr/bin/X11/endsession -f -display n10:0

sendpage -q -p USERNAME "msg, myname"

lpr  -P{PrinterName} {FileName}	 print file
lp   -d {PrinterName} 
lpq  -P{PrinterName}             show lpr queue 
lprm -P{PrinterName} [JobNum]    mustang (delete) print job 
                                 if no JobNum, remove 1st submitted job
# in solaris, will print two page per sheet, double sided.
# mp is an ascii to ps prettyfier 
# -l landscape, print two sheet per page
# -o format ascii
# mp is in /bin, /usr/bin, /usrlocal/bin , cs is /usr/openwin/bin/mp
mp -l -o -s "subject/title" < infile | lp  -o nobanner -d chicago-duplex

/etc/printers.conf contain list of installed printer 

tar  -zxvf FILE [-C DIR ]      untar (and ungzip with z option)
gzip -d    FILE.gz              ungzip .gz file
uncompress File.Z               uncompress .Z file


df -k              free hd space
df -k .            free hd spcace on current hd only
cat -vte			-vte = display all tab as ^I, eof marked by $   

ypcat passwd	show /etc/passwd file from dns server
yppasswd	change password on all system

smbclient "\\hills\tho01"      connect to nt drive

f45desm    form designer for oracle/unix in Motif
r25desm    report designer, but does not seem to work

/disk/1/app/oracle/product/732/bin/browser20em    oracle databrowser

snapshot     screen/capture program for unix, diff version for sun and sgi

run a program on remote computer w/o first logging in
{host} {prog-name} -d {display-name} [param]
eg:   n103 nxterm 
      grads netscape -d n10:0 &

grep pattern 	-A 3 	# show the maching line and 2 more lines AFTER  it (no space works, ie -A3)
		-B 3	# show the maching line and 2 more lines BEFORE it
		-C 3    # show n lines before and after the match
		-n3	# POSFIX, similar to -C 3, but add a line number column.  there must be NO spaces between n and the number!!

xargs    	# grab a list of lines with single entry and turn it into a multi item single line list.  eg:
		# ls -1  | xargs echo       			# will be equiv of echo *
		# find /nfshome -name .rhosts | xargs chmod 600 


/usr/bin/logger -p daemon.notice "test msg by tin"
		append message to syslog, at level indicated by -p.

[Doc URL:]
(cc) Tin Ho. See main page for copyright info.