Here are things I tend to forget and not always remember... -------------------------------------------------------------------- scanning all network devices using arp-scan on 192.168.254.0 network: arp-scan --interface=eth1 192.168.254.0/24 or using nmap: nmap -sP 10.25.100.0/24 -------------------------------------------------------------------- iptables -t nat -A PREROUTING -p tcp -i eth0 -d 192.168.2.109 --dport 10001 -j DNAT --to 192.168.1.32:10000 iptables -A INPUT -i eth0 -s 192.168.254.2 -j DROP iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables-t nat-A PREROUTING -i eth0 -p TCP --dport4662 -j DNAT --to 192.168.0.10:4662 iptables-t nat-A PREROUTING -i eth0 -p UDP --dport4672 -j DNAT --to 192.168.0.10:4672 ------------- proxy port forwarding linux. ssh -f -L 8080:localhost:8080 leming@ehion.com sleep 9999 ------------- ------------------------- Limit traffic on the interface down to 220kbit/s tc qdisc add dev eth0 root tbf rate 220kbit latency 50ms burst 1540 ------------------------- ------------------------------------ fixing table in mysql after crash: DEBUG MODE SQL Error : 145 Table './c64forum/phpbb_config' is marked as crashed and should be repaired mysqlcheck --auto-repair c64forum phpbb_config c64forum.phpbb_config warning : Table is marked as crashed warning : 2 clients are using or haven't closed the table properly status : OK ------------------------------------- ----------------------------------------------------- Quick backup (dump) of mysql database: mysqldump -u user -p nameofdatabase > ch01032010.sql ----------------------------------------------------- ------------------- piping ls to xargs: ls -la|grep 2010-03-03|awk '{print $8}'|xargs -i -t mv {} /home/leming/perl/tmp/03032010/ ------------------- cat access_log|egrep -o [0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+|uniq| while read q; do echo -n "IP:$q,";host $q|awk -F'pointer ' '{print "hostname="$2}'; done sed -i 's/ugly/beautiful/g' /home/bruno/old-friends/sue.txt ---------------------------- W: GPG error: http://ftp2.de.debian.org etch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9AA38DCD55BE302B apt-get install debian-archive-keyring apt-get update or rather this: (replace the key with the key thats popped up) gpg --keyserver pgpkeys.mit.edu --recv-key 010908312D230C5F gpg -a --export 010908312D230C5F | sudo apt-key add - -------------- bacula compression on the fly - check the options in fileset. FileSet { Name = "Full Set" Include { Options { signature = MD5 compression = GZIP } File = /etc File = /home } ----------- compare two folders -------------- /usr/bin/comm -12 <(ls /home/www/) <(ls /home/free/) ---------------------------------------------- You can use different iptables parameters to limit connections to the SSH service for specific time periods. You can use the /second, /minute, /hour, or /day switch in any of the following examples. In the first example, if a user enters the wrong password, access to the SSH service is blocked for one minute, and the user gets only one login try per minute from that moment on: iptables -A INPUT -p tcp -m state --syn --state NEW --dport 22 -m limit --limit 1/minute --limit-burst 1 -j ACCEPT iptables -A INPUT -p tcp -m state --syn --state NEW --dport 22 -j DROP In a second example, iptables are set to allow only host 193.180.177.13 to connect to the SSH service. After three failed login tries, iptables allows the host only one login try per minute: iptables -A INPUT -p tcp -s 193.180.177.13 -m state --syn --state NEW --dport 22 -m limit --limit 1/minute --limit-burst 1 -j ACCEPT iptables -A INPUT -p tcp -s 193.180.177.13 -m state --syn --state NEW --dport 22 -j DROP ------------------------------------------------ reverse SSH 2222 is the port that will appear on remote server. ssh -nNT -R 2222:localhost:22 host.dot.com ---------------------------------------------------- /usr/bin/rsync -avCzu --progress --timeout=999 -e ssh root@remotehost.com:/home/user/ /local/folder/ ------------------------ list unique hosts with $9 cat /var/log/daemon.log|grep Compiled|awk '{print $9}'|sort|uniq ----------------------------------------------------------------- #list directories and chown each own name find . -maxdepth 1 -type d|sed 's/.\///'|while read q;do chown -R $q.users $q/;done ------------------------------------- # list all files within folder and print permissions and ownerships. find /home/leming/ -type f -print0|xargs -0 stat -c "%a %U.%G %n" -------------------------------------- working on: find . -maxdepth 1 -type f|sed 's/.\///'|grep -e .com -e .net -e .uk -e .tv -e .info|grep -v '~$'|wc -l --------- Cannot find ssl headers on CentOS: required: yum install openssl-devel ------------------ Exim delete from mailq: exim -Mrm emailID or automate: mailq | grep "<>" | awk '{print $3}' | xargs exim -Mrm ----------------------------- grep -H '91.186.3.143' *.*|cut -d: -f1|while read q;do cp $q tmp/|sed -i 's/\s*[0-9]\{10\}\s*;\s*Serial/ 2010083012 ; serial/' $q|sed -i 's/91.186.3.143/178.17.35.81/g' $q;done -------------------------------- SELECT * FROM table_name WHERE MONTH(date_column) = 4; --------------- locale: Cannot set LC_CTYPE to default locale: No such file or directory locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory The fix was to add; export LC_ALL=en_GB.UTF-8 export LANG=en_GB.UTF-8 to /etc/profile and then run . /etc/profile. --------------------------------------------------- Sometimes slowish ssh on connect: Explicitly disable GSSAPI authentication in SSH client program configuration file, i.e. edit the /etc/ssh/ssh_config and add in this configuration (if it’s not already in the config file): GSSAPIAuthentication no ----------------------------------------------------- pipe output on remote ssh file: nohup iostat -dkxt 60 1440|ssh amarchwiak@10.25.1.200 'cat > /home/amarchwiak/iostat-for-a-day."f4f-uk-apps-01"' ------------------------- Last entry from yesterday select * from stats where UNIX_TIMESTAMP(date) > UNIX_TIMESTAMP(SUBDATE(CURDATE(), 1)) AND UNIX_TIMESTAMP(date) < UNIX_TIMESTAMP(CURDATE()) order by date DESC limit 1; -------------------------------- tcpdump -i eth0 -n tcp port 2506 -A -s1500 --------------------------------- simple queing. annoying ip address limit down to 20kbits. root@c2h5oh:~# tc qdisc add dev eth0 root handle 1: prio root@c2h5oh:~# tc qdisc add dev eth0 parent 1:1 handle 10: sfq root@c2h5oh:~# tc qdisc add dev eth0 parent 1:2 handle 20: sfq root@c2h5oh:~# tc qdisc add dev eth0 parent 1:3 handle 30: tbf rate 20kbit buffer 1600 limit 3000 root@c2h5oh:~# tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dst 192.168.254.60/32 flowid 1:3 root@c2h5oh:~# tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.254.60/32 flowid 1:3 ---------------------- vsftpd xferlog_std_format=no log_ftp_protocol=YES ------------------------- scsi host scan: echo "- - -" > /sys/class/scsi_host/host#/scan ------------------------ sftp logging: Subsystem sftp /usr/libexec/openssh/sftp-server -f AUTH -l VERBOSE ---------------------------- Redirect traffic port to another host: sysctl net.ipv4.ip_forward=1 iptables -t nat -A PREROUTING -p tcp --dport 1111 -j DNAT --to-destination 2.2.2.2:1111 iptables -t nat -A POSTROUTING -j MASQUERADE ----------------------------- sendmail /etc/mail/sendmail.mc to ensure that I had the correct settings DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA')dnl MASQUERADE_AS(`')dnl run make to generate a new sendmail.cf file, the result was this error WARNING: 'sendmail.mc' is modified. Please install package sendmail-cf to update your configuration. yum install sendmail-cf ----------------------------- zimbra folder with quarantined emails: /opt/zimbra/data/amavisd/quarantine -------------- after upgading php to 5.3.2 can edit your php.ini file and put in the following line: date.timezone = "Europe/London" ------------------ tail -f /var/log/httpd/access-minimal.log|while read pi;do echo "$pi"|grep 403|gawk '{print $1}'|while read pi;do /sbin/iptables -I INPUT -s $pi -j DROP;done;done ---------------------- Apache not to show version: ServerTokens Prod ServerSignature Off PHP not to show version: php.ini expose_php = Off ------------------------ redirect for squid: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.254.19:8080 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 ----------------------------- checking for CVE changes/patches on apache: rpm -q --changelog httpd ----------------------------- dirty cheap way to tell www.80legs webcrawler that hammers your precious apache to fuck off... tail -f /var/log/httpd/access_log|while read pi; do echo "$pi"|grep 'www.80legs'|gawk '{print $1}'|while read pi;do /sbin/iptables -I INPUT -s $pi -j DROP;done;done ----------------------------- esxi5 shell get all vms: vim-cmd vmsvc/getallvms get vm state: vim-cmd vmsvc/power.getstate 79 power off vm: vim-cmd vmsvc/power.off 79 ------------------------------ hardcore hdd testing - bonnie http://www.coker.com.au/bonnie++/bonnie++-1.03e.tgz bonnie++ -d scratch -u 500:500 ------------------------------- Mounting disk image of windows7 box (its been DD'd with simple 'dd of=/ssd_image if=/dev/sda') No partition has been cloned, whole disk... so now you want to get a partition from that disk and mount it. loopback mount supports an "offset" parameter that lets you mount a partition directly from within a larger full-disk image. -rwxr-xr-x 1 leming leming 6.8K 2011-10-06 09:44 sedtris.sed -rw-r--r-- 1 leming leming 66 2011-04-23 17:25 .selected_editor -rwxr-xr-x 1 root root 112G 2012-06-25 16:50 ssd_clone.img root@c2h5oh:/media/disk-1# fdisk -ul image-sda You must set cylinders. You can do this from the extra functions menu. Disk image-sda: 0 MB, 0 bytes 255 heads, 63 sectors/track, 0 cylinders, total 0 sectors Units = sectors of 1 * 512 = 512 bytes Disk identifier: 0x9c879c87 Device Boot Start End Blocks Id System image-sda1 * 63 78140159 39070048+ 7 HPFS/NTFS Partition 1 has different physical/logical endings: phys=(1023, 254, 63) logical=(4863, 254, 63) root@ubuntu:/media/disk-1# mount -o ro,loop,offset=32256 -t auto image-sda /media/image root@ubuntu:/media/disk-1# cd .. root@ubuntu:/media# cd image root@ubuntu:/media/image# ls AUTOEXEC.BAT favorites ntldr Start Menu blp INFCACHE.1 pagefile.sys System Volume Information boot.ini IO.SYS Program Files temp CONFIG.SYS MSDOS.SYS RECYCLER WINDOWS Documents and Settings NTDETECT.COM spoolerlogs root@ubuntu:/media/image# The magic "32256" offset passed to "mount" is easily explained as the start of the partition you are interested in (63 in this case) multiplied by the unit size (512 in this case). If you have more than one partition, just repeat the above steps for the other slices. --------------------------------------- # dd if=/dev/hda conv=sync,noerror bs=64K | gzip -c > /mnt/sda1/hda.img.gz "dd" is the command to make a bit-by-bit copy of "if=/dev/hda" as the "Input File" to "of=/mnt/sda1/hda.img.gz" as the "Output File". Everything from the partition will go into an "Output File" named "hda.img.gz". "conv=sync,noerror" tells dd that if it can't read a block due to a read error, then it should at least write something to its output of the correct length. Even if your hard disk exhibits no errors, remember that dd will read every single block, including any blocks which the OS avoids using because it has marked them as bad. "bs=64K" is the block size of 64x1024 Bytes. Using this large of block size speeds up the copying process. The output of dd is then piped through gzip to compress it. To restore your system: # gunzip -c /mnt/sda1/hda.img.gz | dd of=/dev/hda conv=sync,noerror bs=64K NOTE: I've had much success leaving out "conv=sync,noerror" during restore. Store extra information about the drive geometry necessary in order to interpret the partition table stored within the image. The most important of which is the cylinder size. # fdisk -l /dev/hda > /mnt/sda1/hda_fdisk.info ------------------------------------------- cloning datastore thick to thin from console. vmkfstools -i /vmfs/volumes/datastore2-2/adp-vmman-01/adp-vmman-01.vmdk -d thin /vmfs/volumes/datastore2-3/adp-vmman-01.vmdk ------------------------------------------- For filled up VM's on vmware with thin disk space (download http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx utils) on windows to clean free space with zeros: sdelete -c D:\ then svmotion it or migrate to different storage. --------------------------------------------- vsphere 5 shell command to disconnect serial port: vim-cmd vmsvc/device.connection 720 9000 0 where 720 is vm number, 9000 is the serial port and 0/1 off/on ----------------------------------------------------- find /opt -type f -size +10000k -exec ls -lh {} \; | awk '{print $5 ": " $NF}' -------------------------------------------------------- adding disk to LVM fdisk newpartition - type 8E - Linux LVM partition pvcreate /dev/newpartition pvdisplay vgextend VolGroup00 /dev/newpartition verify: vgdisplay lvextend -L+16G /dev/VolGroup00/LogVol00 (exted LogVol00 by 16Gig) resize filesystem: resize2fs /dev/VolGroup00/LogVol00 ----------------------------------------------- netstat -pant|grep pns|gawk '{print $5}'|cut -d":" -f1|while read pi;do /sbin/iptables -I FORWARD -s $pi -j DROP;done; --------------------------------------------------- Exchange Server 2010 Enterprise Edition GVMTV-GMXWH-C234M-8FMWP-TFPFP Exchange Server 2010 Standard Edition XJG6B-4D4YV-4M338-Q42H6-39VT2 --------------------------------------------------- juniper ssg-140 command set admin manager-ip 85.234.154.199 255.255.255.255 --------------------------------------------------- testing if SSLv2 is available: openssl s_client -no_tls1 -no_ssl3 -connect 85.92.199.246:443 --------------------------------------------------- exchange Server: set logs on receive: (turnt off by default) Set-ReceiveConnector "Connector Name" -ProtocolLoggingLevel verbose Set-Mailbox -Identity "leming" -MailTip "Fuck off, do not email me." Set-DynamicDistributionGroup "Everybody" -ModerationEnabled $true -Moderated "username" Set-DynamicDistributionGroup "Everybody" -RecipientFilter {((RecipientType -eq 'UserMailbox' -and HiddenfromAddresslistsEnabled -ne $true) -and -not(Name -like "za.support") -and -not(Name -like "accounts") -and -not(Name -like "intranet") -and -not(Name -like "za.pdf") -and -not (Name -like "emint") -and -not(Name -like "etrading") -and -not(Name -like "za.epg"))} remove emails from empty addresses: (shouldn't they be blocked in the first place? :)) Get-Message -Filter {FromAddress -eq "<>"} -Server shadow|Remove-Message ---------------------------------------------------------- top -p $(pgrep -d',' http) ----------------------------------------------------------- [11:00:55] Chris Williams: I installed tftp-server on uk-tstsrv-01 - it runs in xinetd [11:01:16] Chris Williams: that creates it's own "data" folder called /tftpboot [11:01:38] Chris Williams: then you need to touch a file that you want to use: touch juiperlog.txt [11:02:15] Alex Marchwiak: right but what ip you use to connect? [11:02:16] Alex Marchwiak: external? [11:02:23] Chris Williams: and get session > tftp 10.25.1.10 juniperlog.txt [11:02:29] Alex Marchwiak: internal [11:02:30] Alex Marchwiak: right [11:02:41] Chris Williams: I have stopped xinetd now so it won't connect [11:03:20] Alex Marchwiak: no worries just for future ref [11:03:24] Chris Williams: cool [11:04:16] Chris Williams: [root@uk-tstsrv-01 VM ~] cd /etc/xinetd.d [root@uk-tstsrv-01 VM /etc/xinetd.d] cat tftp # default: off # description: The tftp server serves files using the trivial file transfer \ # protocol. The tftp protocol is often used to boot diskless \ # workstations, download configuration files to network-aware printers, \ # and to start the installation process for some operating systems. service tftp { socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = -s /tftpboot disable = yes per_source = 11 cps = 100 2 flags = IPv4 } [11:04:41] Chris Williams: I set the service to disable=true - but xinetd is not actually running [11:05:13] Chris Williams: to start it up you need to edit the file and set disable = no [11:05:20] Chris Williams: then service xinetd start [11:05:34] Chris Williams: make sure you touch the file before you start or it fails --------------------------------------- usb to serial driver http://wch.cn/download/list.asp?id=5 -------------------------------------- zimbra whitelist: /opt/zimbra/conf/salocal.cf.in whitelist_from *@domain.com whitelist_from user@domain.com restart services after changes being made: zmmtactl restart && zmamavisdctl restart --------------------------------------- vmware upgrade/install VCenter 5.1 Error 26002 Setup failed to register VMware vCenter Server to VMware vCenter Inventory #1 Rename C:\ProgramData\VMware\VMware VirtualCenter\SSL to fx C:\ProgramData\VMware\VMware VirtualCenter\SSL-BACKUP #2 Create new folder C:\ProgramData\VMware\VMware VirtualCenter\SSL #3 Copy contens of C:\ProgramData\VMware\Infrastructure\Inventory Service\ssl to C:\ProgramData\VMware\VMware VirtualCenter\SSL #4 Restart vCenter Server service #5 start VCenter install/upgrade again ------------------------------------------- ps -eo pid,cmd,etime -------------------------------------------- vSphere Data Protection backups fail to start and report error E30927 This issue occurs because the system refreshes its cache of known virtual machines during a time when the connection to the vCenter Server is lost. To resolve this issue, restart the MCS services. This restarts the connection with the vCenter Server and refreshes the cached virtual machines. root@vdp:~/#: dpnctl stop mcs Identity added: /home/dpn/.ssh/dpnid (/home/dpn/.ssh/dpnid) dpnctl: INFO: Shutting down MCS... dpnctl: INFO: MCS shut down. Run this command to start the MCS services: root@vdp:~/#: dpnctl start mcs Identity added: /home/dpn/.ssh/dpnid (/home/dpn/.ssh/dpnid) dpnctl: INFO: Starting MCS... dpnctl: INFO: To monitor progress, run in another window: tail -f /tmp/dpnctl-mcs-start-output-4140 dpnctl: INFO: MCS started. ------------------------------------------------ vmkfstools --punchzero name.vmdk -------------------------------------------------- mailq | awk 'BEGIN { RS = "" } / veronica@decape.co.za$/ { print $1 }' | tr -d '*!' |postsuper -d - --------------------------------------------- esxcli network nic up -n vmnic1 ------------------------------------------------ echo -n "LATOYA" | md5sum | xxd -r -p | base64 | cut -c3-10 -------------- in mysql pager less (then command with \G) --------------- copy all file permissions: getfacl -R Concrete5 > permissions.acl restore setfacl --restore=permissions.acl ------------- cat ftp.acc|awk -F',' '{print "insert into users (" "\47" $1"\47""," "\47"$2"\47"",""\47"$3"\47"",""\47"$4"\47"",""\47"$5"\47"",""\47""UK""\47"",""CURRENT_TIMESTAMP"")"}' ------------- find duplicates mysql select `name` from `vm` group by `name` having count(*)>=2 --------------------------------------------------- juniper ssg get session output sorting the highest session IPs: grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' 01062015.txt |sort|uniq -c|sort -n -r |head -n 50 ------------- yum -y install $(cat pliczek2) --------------------- lsof -n | grep -i deleted ------------- lxc.include = /usr/share/lxc/config/fedora.common.conf ----------- ansible lemingi -b --become-method=su -m apt -a "name=mc state=absent" ------------------ # listuj klucze gpg --list-secret-keys # generuj klucz osobisty gpg --gen-key # eksport klucza publicznego BINarnie gpg --output alice.gpg --export alice@cyb.org # eksport klucza publicznego 7 bit gpg --armor --export alice@cyb.org # import klucza publicznego gpg --import blake.gpg ------------ http://vibsdepot.hp.com/hpq/apr2013/ ------------------ cat /var/log/httpd/access.log |awk '{print $1}' |sort|uniq -c |sort -n |tail perl -e '$ip{(split)[0]}++ while <>; print map "$_ : $ip{$_}\n", sort {$ip{$b} <=> $ip{$a}} keys %ip' /var/log/httpd/access_log ------------- esxcli software vib install -v .vibfile (or) -d .zip ---------------- centos7 galera cluster [mariadb] name = MariaDB baseurl = http://yum.mariadb.org/10.0/centos7-amd64 gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck=1 yum install MariaDB-Galera-server MariaDB-client galera ------------------------ firewall-cmd --get-active-zones firewall-cmd --zone=dmz --add-port=2888/tcp --permanent firewall-cmd --zone=public --add-port=2888/tcp --permanent firewall-cmd --reload ------------------------ Take the file you exported (e.g. certname.pfx) and copy it to a system where you have OpenSSL installed. Note: the *.pfx file is in PKCS#12 format and includes both the certificate and the private key. Run the following command to export the private key: openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes Run the following command to export the certificate: openssl pkcs12 -in certname.pfx -nokeys -out cert.pem Run the following command to remove the passphrase from the private key: openssl rsa -in key.pem -out server.key --------------- Centos 7 boot into single in grub edit line replace rhgb quiet with init=/bin/bash then control-x #remount to RW mount -o remount,rw / ------------- # puppet agent -t -v To clean up a messy node, do not run against all, your probably have to re-install the whole puppet again . 1) Clean up the messy cert on the master node # puppet cert clean 'hostname.certificate.domain' 2) On the Agent remove old certificate info # find /var/lib/puppet -type f -print0 |xargs -0r rm ------------------ rsync repo rsync -rltp rsync://ftp5.gwdg.de/pub/opensuse/distribution/12.1/repo/oss ~/bla ------ Readable headers from tcpdump tcpdump -i ens192 -A -s 10240 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | egrep --line-buffered "^........(GET |HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " | sed -r 's/^........(GET |HTTP\/|POST |HEAD )/\n\1/g' ---------- /opt/java/jdk1.6/bin/jstack 2042 > /tmp/stackfile.txt grep for BLOCKED ------------- TraceEnable Off httpd.conf LoadModule reqtimeout_module modules/mod_reqtimeout.so RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500 ---- nikto perl nikto.pl -host http://www.molevalleyfarmers.com sqlmap ------------ Order Deny,Allow Deny from All # this should be your IP SetEnvIf X-Forwarded-For "^193\.211\.15\.24" AllowAccess Allow from env=AllowAccess ------------- grep all ftp find users and match their IPs cat /var/log/xferlog* |awk -F ' ' '{print $14}'|sort|uniq|while read q;do echo "user:$q";cat /var/log/xferlog|grep "$q"|awk -F ' ' '{print $7}'|head -n1;done ---- convert cer to authorized_keys PKCS#8 OpenSSH format exctract key: openssl x509 -in certyfikat.crt -pubkey -noout > cert.pub.tmp convert: ssh-keygen -f cert.pub.tmp -i -m PKCS8 > nowypublicznyklucz.pub ----- python -m SimpleHTTPServer 8002 ---- rhnreg_ks --serverUrl=http://wsipueamgtp001.rbi.web.ds/XMLRPC --activationkey='1-agriculture-zone-c-centos-7' --force ----------- squid timestamp format cat access.log | perl -p -e 's/^([0-9]*)/"[".localtime($1)."]"/e' ----- rpmbuild: to copy hidden files use bash shell option %install shopt -s dotglob cp -r ./* $RPM_BUILD_ROOT/var/wwww/blah/ --------- SELECT CONCAT('ALTER TABLE ', TABLE_NAME, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;') FROM information_schema.TABLES WHERE TABLE_SCHEMA = 'my_database_name' AND TABLE_TYPE != 'VIEW'; --- terraform fmt grep -lR 'Caused by: org.xml.sax.SAXParseException; Premature'|while read q; do cat $q|grep ''|awk -F 'Account' '// {gsub("[<>/]",""); print $2}' ${q}; done --- timestamp binance eepoch14 date +%s%N | cut -b1-13