This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
coproc cat # Start cat in background | |
echo Hello >&${COPROC[1]} # Say "Hello" to cat | |
read LINE <&${COPROC[0]} # Read response | |
echo $LINE # cat replied "Hello"! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env perl | |
use strict; | |
use warnings; | |
use Zabbix::Tiny; | |
$|++; | |
my %hostgroups = ( | |
'Test' => "42", | |
); | |
my $zabbix = Zabbix::Tiny->new( | |
server => 'https://myzabbix.something.com/api_jsonrpc.php', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
auditctl -a always,exit -F arch=x86_64 -F path=/root/.ssh/authorized_keys -F perm=wa -F key=keychange | |
ausearch -ts today -k keychange | |
#https://www.cyberciti.biz/tips/linux-audit-files-to-see-who-made-changes-to-a-file.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
writer.c | |
#include <fcntl.h> | |
#include <sys/stat.h> | |
#include <sys/types.h> | |
#include <unistd.h> | |
int main() | |
{ | |
int fd; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
find /proc/ -maxdepth 1 -user root -type d |egrep '[0-9]'|while read ; do head -1 $REPLY/cmdline;done | |
egrep 'Uid:' /proc/*/status|awk '{if ($3 != '0' && $2 == '0') print $0}' | |
egrep 'Uid:' /proc/*/status|awk '{if ($3 != '0' && $2 == '0') print $0}'|cut -d\/ -f3|while read pid;do ps -p $pid -o comm,user,pid,ppid,uid,euid,ruid,suid,lwp,nlwp,etime,time,ni,pri_foo,sgi_p,psr,stat,wchan=WIDE-WCHAN-COLUMN,min_flt,maj_flt,cls,f,pcpu,pmem,rss,vsz,sz,args;done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#from https://www.cyberciti.biz/faq/linux-which-process-is-using-swap/ | |
# find-out-what-is-using-your-swap.sh | |
# -- Get current swap usage for all running processes | |
# -- | |
SCRIPT_NAME=`basename $0`; | |
SORT="kb"; # {pid|kB|name} as first parameter, [default: kb] | |
[ "$1" != "" ] && { SORT="$1"; } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lsblk -ao NAME,KNAME,MAJ:MIN,FSTYPE,MOUNTPOINT,LABEL,UUID,RA,RO,RM,MODEL,SIZE,STATE,OWNER,GROUP,MODE,ALIGNMENT,MIN-IO,OPT-IO,PHY-SEC,LOG-SEC,ROTA,SCHED,RQ-SIZE,TYPE,DISC-MAX,DISC-ZERO | |
blockdev -v --getra --getfra --getmaxsect --getiomin --getioopt --getalignoff --getbsz --getpbsz --getsize --getsize64 --getss --getsz $device |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
autrace /bin/ls /tmp | |
ausearch --start recent -p 2442 -i | |
and for resource usage mode: | |
autrace -r /bin/ls | |
ausearch --start recent -p 2450 --raw | aureport --file --summary | |
ausearch --start recent -p 2450 --raw | aureport --host --summary |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#execute | |
auditctl -a exit,always -S execve | |
#auditctl -d exit,always -S execve | |
#auditctl -a exit,always -S execve -F subj_type=passenger_t | |
#kills | |
#-a entry,always -F arch=b64 -S kill -k kill_signals | |
#ausearch -k kill_signals | |
auditctl -l | |
#auditctl -a exit,always -F arch=b64 -S kill -F a1=9 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#run following in screen session: | |
#if [ ! -d /home/itsatrap ]; then mkdir -p /home/itsatrap;fi | |
#while true ; do sar -r 1 |unbuffer -p gawk '{print $NF}'|grep --line-buffered -oP '^[0-9]+' | while read N; do if (( N > 100 )); then bash /home/itsatrap/itsatrap.sh;date;sleep 10;fi;done; done | |
# | |
#(date ; ps fauxw|egrep 'httpd|php|mysql' )| tee -a /home/itsatrap/_psdata_`date +%s` | |
#pidstat -rud|tee -a /home/itsatrap/_piddata_`date +%s` | |
ps fauxwwwe|tee -a /home/itsatrap/_psfaux_`date +%s` | |
mysqladmin pr|tee -a /home/itsatrap/_mydata_`date +%s` | |
mysql INFORMATION_SCHEMA -t -e " SELECT USER,CPU_TIME,TOTAL_CONNECTIONS,BUSY_TIME,BYTES_RECEIVED,BYTES_SENT,SELECT_COMMANDS,DENIED_CONNECTIONS,LOST_CONNECTIONS FROM USER_STATISTICS WHERE USER like '%' ORDER BY BUSY_TIME DESC,TOTAL_CONNECTIONS DESC LIMIT 128;"|tee -a /home/itsatrap/_mystat_`date +%s` |