Linux Command-line Tips and Tricks - ATO 2025

Linux command-line tips & tricks
Vladimir Levijev (aka dimir)
October 13, 2025
1

Outline
Before we start
Introduction
What is Linux?
Some history
What is a Shell?
Basics about Shell
Shell environment
Bash commands
What is a script?
One-liners
The Bash script
Some more tricks?
Some tricks
2

About myself
My name is Vladimir Levijev (aka dimir) I’ve been in IT for 24 years.
3

About myself
• Born in Tallinn, Estonia.
3

About myself
• Joined IT in 2001 (24 years), working only on GNU/Linux since.
3

About myself
• Working as a C developer since 2003.
3

About myself
• At the age of 29 moved to Latvia.
3

About myself
• At the age of 29 moved to Latvia.
• Working at Zabbix as a C developer for the last 14 years.
3

Location
Straight-line distance: 7,500 km (4,600 mi)
4

Some facts
Estonia:
• Estonia has produced global tech companies like Skype, TransferWise
(Wise), and Bolt.
• Alfred Neuland won a gold medal (1920 Antwerp Olympics, Belgium)
in Men’s lightweight (67.5 kg) weightifting.
• First nation to offer Internet Voting (2005).
8

Some facts
Estonia:
• Estonia has produced global tech companies like Skype, TransferWise
(Wise), and Bolt.
• Alfred Neuland won a gold medal (1920 Antwerp Olympics, Belgium)
in Men’s lightweight (67.5 kg) weightifting.
• First nation to offer Internet Voting (2005).
Latvia:
• First Olympic Gold in Men’s BMX in 2008 in Beijing, Māris
Štrombergs.
• First Olympic Gold in 3x3 Basketball in 2024, Paris.
• First Latvian Oscar Winner (2025) for the animated film Flow
(Latvian: Straume).
8

About Zabbix
• 100% Open Source monitoring solution.
9

About Zabbix
• The initial version 0.1 was released in 2001 under GPLv2.
9

About Zabbix
• The company with the same name was founded in 2005.
9

About Zabbix
• Has grown to 150 employees and 5 locations since including Latvia, Japan,
Brazil, Mexico, France.
9

About Zabbix
• GPLv2 -> AGPLv3 in 2024.
9

About Zabbix
• Features:
• Agent-based and Agentless monitoring
9

About Zabbix
• Features:
• Distributed
9

About Zabbix
• Features:
• Distributed
• Automation (auto-discovery)
9

About Zabbix
• Features:
• Distributed
• Visualization
9

About Zabbix
• Features:
• Distributed
• Visualization
• Highly customizable
9

About Zabbix
• Features:
• Distributed
• Visualization
• Highly customizable
• Global Footprint: Used by organizations in more than 160 countries,
serving both small businesses and global enterprises.
9

Zabbix company services
• Technical support
10

• Consulting
10

• Consulting
• Training and certification
10

• Consulting
• Turnkey solutions and implementation
10

• Consulting
• Integration and custom development
10

• Consulting
• Integration and custom development
• Zabbix Cloud
10

Linux documentaries
Recommended documentary movies about Linux:
The Code (2001)
Revolution OS (2001)
11

Without operating system
• Accessing the SATA controller
• Communicate with the controller via MMIO or I/O ports (usually protected
by the OS).
• Obtain access to hardware registers that control the SATA interface.
• Sending commands
• Construct and send ATA/ATAPI commands such as READ SECTOR(S).
• Place command parameters into the controller’s command registers.
• Handling DMA or PIO transfers
• Use PIO to read/write data through CPU-accessible registers, or
• Set up DMA so the controller moves data directly into memory buffers.
• Waiting for status
• Poll or check status registers to determine readiness, completion, or errors.
• Handle and interpret controller/drive error bits if they appear.
• Reading the data
• Once transfer completes, access the memory buffer (or controller data
registers) to obtain raw sector bytes.
• Verify data integrity (e.g., via status or checksums if available).
• No filesystem support
• This method reads raw sectors — the program must implement filesystem
parsing (FAT, NTFS, ext, etc.) to locate a file’s sectors.
• There is no fopen/OS-level abstraction in this approach.
12

What is a Shell?
Operating systems provide various services to their users, including file
management, process management (running and terminating applications),
batch processing, and operating system monitoring and configuration.
The term shell in computing refers to an interface that allows a user to interact
with an operating system. There are two main types: command-line shells and
graphical shells.
13

Fist shells
• The first widely used UNIX shell was the Thompson shell (sh), created by
Ken Thompson around 1971 at Bell Labs.
14

Fist shells
• It was simple, mainly for running commands and basic scripting.
14

Fist shells
• In 1977 at AT&T Bell Labs Stephen Bourne developed much more
powerful Bourne shell (also sh).
14

Fist shells
• 1978 - C Shell (csh), C-like syntax
14

Fist shells
• 1980s - Korn Shell (ksh), TENEX C Shell (tcsh), Almquist Shell (ash)
• 1980s - Z Shell (zsh), combining features from sh, ksh, and csh
14

Fist shells
• 1989 - Brian Fox developed Bourne Again Shell (bash), combines
features of sh and csh.
14

Fist shells
• 1989 - Brian Fox developed Bourne Again Shell (bash), combines
features of sh and csh.
• Modern shells (bash, ksh, dash etc.) still maintain backwards compatibility
with sh.
14

Graphical shells
Graphical shells provide means for manipulating programs based on graphical
user interface (GUI).
Graphical shells are typically build on top of a windowing system. In case of
Linux it is usually X Window System and the shell consists of an X window
manager.
Some examples:
• KDE
• GNOME
• Xfce
15

Bash configuration files
Global:
• RedHat: /etc/bashrc
• Debian: /etc/bash.bashrc
Personal:
• ~/.bashrc
16

Controlling command history
$ ls
$ ls
$ history | tail -3
498 ls
499 ls
500 history | tail -3
17

$ ls
$ ls
$ history | tail -3
498 ls
499 ls
HISTCONTROL=ignoredups # ignore consecutive duplicates
HISTCONTROL=ignorespace # ignore commands that start with spaces
HISTCONTROL=ignoreboth # ignore both above mentioned
17

$ ls
$ ls
$ history | tail -3
498 ls
499 ls
HISTCONTROL=ignoredups # ignore consecutive duplicates
HISTCONTROL=ignorespace # ignore commands that start with spaces
HISTCONTROL=ignoreboth # ignore both above mentioned
With HISTCONTROL=ignoredups:
$ ls
$ ls
$ history | tail -3
498 cd
499 ls
17

With HISTCONTROL=ignorespace
$ ls
$ pwd
$ history | tail -3
498 cd
499 ls
18

$ ls
$ pwd
$ history | tail -3
498 cd
499 ls
$ grep HIST ~/.bashrc
HISTCONTROL=ignoredups
18

$ ls
$ pwd
$ history | tail -3
498 cd
499 ls
$ grep HIST ~/.bashrc
HISTCONTROL=ignoredups
Some other options:
HISTSIZE=500 # default
HISTFILE=~/.bash_history # default
HISTFILESIZE=500 # by default, the value of HISTSIZE
18

Bash aliases
$ alias
alias grep='grep --color=always'
alias less='less -R'
19

Bash aliases
$ alias
$ git diff --color linux-cmd.tex | less
ESC[1;33m--- a/linux-cmd.texESC[m
ESC[1;33m+++ b/linux-cmd.texESC[m
ESC[1;35m@@ -1,153 +1,321 @@ESC[m
ESC[1;31m-documentclass{beamer}ESC[m
19

Bash aliases
$ alias
$ git diff --color linux-cmd.tex | less
ESC[1;33m--- a/linux-cmd.texESC[m
ESC[1;33m+++ b/linux-cmd.texESC[m
ESC[1;35m@@ -1,153 +1,321 @@ESC[m
ESC[1;31m-documentclass{beamer}ESC[m
$ git diff --color linux-cmd.tex | less -R
--- a/linux-cmd.tex
+++ b/linux-cmd.tex
@@ -1,153 +1,321 @@
-documentclass{beamer}
19

Me listing files
$ alias l='ls -lA --color'
-l use a long listing format
-A do not list implied . and ..
20

Me listing files
$ l -tr
-t sort by modification time, newest first
-r reverse order while sorting
20

Me listing files
$ l -tr
$ l -tr ~/Downloads
[...]
linux-cmd.pdf
$
20

Me listing files
$ l -tr
$ l -tr ~/Downloads
[...]
linux-cmd.pdf
$
$ alias cl="find . -name '.#*' -o -name '*~' -o -name '#*#'

,
→
-o -name '*.rej' -o -name '*.orig' | xargs rm -fv"
$ cl
removed './.#linux-cmd.tex.bak'
removed './#linux-cmd.tex.bak#'
20

Searching through history
$ history | tail -3
592 l -tr ~/Downloads
593 cd -
594 locate -i --regex 'zbxnext.*.patch'
21

$ history | tail -3
593 cd -
For searching a command you typed some time ago hit Ctrl+r and type part of
it that you remember:
Ctrl+r <PATTERN>
21

$ history | tail -3
593 cd -
Ctrl+r <PATTERN>
More Ctrl+r to go to next match
21

$ history | tail -3
593 cd -
Ctrl+r <PATTERN>
More Ctrl+r to go to next match
E. g.: searching for command that contained "loca":
(reverse-i-search)`loca': locate -i --regex 'zbxnext.*.patch'
21

XON/XOFF flow control
In Unix-like terminals, Ctrl+S and Ctrl+Q are part of the classic XON/XOFF
flow control.
22

flow control.
1. Ctrl+S (XOFF) → "stop output"
22

flow control.
2. Tells the terminal to pause sending data to the screen
22

flow control.
3. Useful if a program is spamming output too quickly (when you don’t want
to Ctrl+C)
22

flow control.
to Ctrl+C)
4. Ctrl+Q (XON) → "resume output"
22

flow control.
to Ctrl+C)
5. Tells the terminal to continue sending data after a pause
22

flow control.
to Ctrl+C)
• If you accidentally hit Ctrl+S, the terminal looks "frozen" but the program
is still running. Pressing Ctrl+Q unfreezes it.
22

flow control.
to Ctrl+C)
• If you accidentally hit Ctrl+S, the terminal looks "frozen" but the program
is still running. Pressing Ctrl+Q unfreezes it.
• You can disable this behavior with:
$ stty -ixon
then Ctrl+S and Ctrl+Q won’t pause/resume output anymore
22

Clearing the terminal screen
Clearing the terminal in Linux can be done in several ways, depending on what
you want to achieve.
23

• Purpose: clears the visible terminal screen
• How it works: moves all previous output off-screen but doesn’t remove it
from the terminal’s scrollback buffer so you can still scroll up to see it
• Usage:
$ clear
• Shortcult: Ctrl+L
23

• Usage:
$ clear
Sometimes you get garbled text on the screen and clearing doesn’t help. In such
case you need to fully reset the terminal.
23

• Usage:
$ clear
Sometimes you get garbled text on the screen and clearing doesn’t help. In such
case you need to fully reset the terminal.
• Purpose: reset the terminal session
• How it works: resets the terminal modes, colors and settings, clears
garbled text
• Usage:
$ cat /dev/random | head
[...]
• ï¿½*ï¿½ï¿½+ï¿½ï¿½,ï¿½ reset
23

Who am I?
$ whoami
vl
$ echo $USER
vl
24

Who am I?
$ whoami
vl
$ echo $USER
vl
$ id
uid=1000(vl) gid=1000(vl) groups=1000(vl),4(adm),999(docker)
24

Who am I?
$ whoami
vl
$ echo $USER
vl
$ id
$ id -u
1000
24

Who am I?
$ whoami
vl
$ echo $USER
vl
$ id
$ id -u
1000
$ lastlog -u vl
Username Port From Latest
vl pts/4 192.168.3.68 Tue Jan 16 09:40:05
24

What is my Shell?
$ echo $SHELL
/bin/bash
25

What is my Shell?
$ echo $SHELL
/bin/bash
$ grep vl /etc/passwd
vl:x:1000:1000:Vladimir Levijev,,,:/home/vl:/bin/bash
25

What is my Shell?
$ echo $SHELL
/bin/bash
$ grep vl /etc/passwd
vl:x:1000:1000:Vladimir Levijev,,,:/home/vl:/bin/bash
$ chsh
Password:
Changing the login shell for vl
Enter the new value, or press ENTER for the default
Login Shell [/bin/bash]:
25

Where am I?
$ pwd
/tmp
$ echo $PWD
/tmp
26

Where am I?
$ pwd
/tmp
$ echo $PWD
/tmp
$ export PWD=/tmp/non-existent
26

Where am I?
$ pwd
/tmp
$ echo $PWD
/tmp
$ pwd
/home/vl/git/linux-cmd
$ echo $PWD
/tmp/non-existent
26

Where am I?
$ pwd
/tmp
$ echo $PWD
/tmp
$ pwd
$ echo $PWD
/tmp/non-existent
$ export PWD=$(pwd)
26

Where am I?
$ pwd
/tmp
$ echo $PWD
/tmp
$ pwd
$ echo $PWD
/tmp/non-existent
$ export PWD=$(pwd)
$ export PWD=`pwd`
26

Where am I?
Debian:
$ cat /etc/timezone
Europe/Riga
RedHat:
$ readlink /etc/localtime
../usr/share/zoneinfo/Europe/Riga
27

Where am I?
Debian:
$ cat /etc/timezone
Europe/Riga
RedHat:
$ readlink /etc/localtime
../usr/share/zoneinfo/Europe/Riga
$ timedatectl
Local time: Sun 2025-10-12 20:43:49 EEST
Universal time: Sun 2025-10-12 17:43:49 UTC
RTC time: Sun 2025-10-12 17:43:49
Time zone: Europe/Riga (EEST, +0300)
System clock synchronized: yes
27

Where I just was?
$ echo $OLDPWD
/etc
28

Where I just was?
$ echo $OLDPWD
/etc
$ env | grep WD
OLDPWD=/etc
PWD=/home/vl
28

Where I just was?
$ echo $OLDPWD
/etc
$ env | grep WD
OLDPWD=/etc
PWD=/home/vl
$ cd -
- is not a regular argument — it’s a special option/operand to cd
that means "previous working directory" ($OLDPWD)
28

Where I just was?
$ echo $OLDPWD
/etc
$ env | grep WD
OLDPWD=/etc
PWD=/home/vl
$ cd -
$ ls -
ls: cannot access '-': No such file or directory
28

Where I just was?
$ echo $OLDPWD
/etc
$ env | grep WD
OLDPWD=/etc
PWD=/home/vl
$ cd -
$ ls -
ls: cannot access '-': No such file or directory
$ export OLDPWD=/tmp/non-existent
$ cd -
-bash: cd: /tmp/non-existent: No such file or directory
28

Environment variable glitch
$ USERNAME=john echo "USERNAME=$USERNAME"
29

USERNAME= ???
29

USERNAME= ???
$ USERNAME=john; echo "USERNAME=$USERNAME"
USERNAME=john
29

USERNAME= ???
USERNAME=john
• USERNAME=john in the first case sets environment variable for echo
29

USERNAME= ???
USERNAME=john
• But before launching the command, the shell (your running shell) first
parses and expands arguments USERNAME=$USERNAME.
29

USERNAME= ???
USERNAME=john
• Since current shell session has no idea about this variable it expands it to
USERNAME=.
29

USERNAME= ???
USERNAME=john
USERNAME=.
After expanding the arguments shell calls:
$ USERNAME=john echo "USERNAME="
29

USERNAME= ???
USERNAME=john
USERNAME=.
After expanding the arguments shell calls:
$ USERNAME=john echo "USERNAME="
$ USERNAME=john sh -c 'echo "USERNAME=$USERNAME"'
USERNAME=john
29

Where can I go?
Home!
$ cd
~$
30

Where can I go?
Home!
$ cd
~$
Alternatives:
$ cd $HOME
$ cd ~
the tilde ~ is not specific to cd, it’s handled by the shell itself
30

Where can I go?
Home!
$ cd
~$
Alternatives:
$ cd $HOME
$ cd ~
Parent directory!
~$ cd ..
/home
30

Where can I go?
Home!
$ cd
~$
Alternatives:
$ cd $HOME
$ cd ~
Parent directory!
~$ cd ..
/home
Stay where you are.
$ cd .
/home
30

Where is that file?
$ locate zbxnext-3106.patch
31

Where is that file?
Debian:
$ sudo apt install plocate
RedHat:
$ sudo yum install mlocate
31

Where is that file?
Debian:
RedHat:
$ sudo updatedb
31

Where is that file?
Debian:
RedHat:
$ sudo updatedb
/etc/cron.daily/plocate
31

Where is that file?
Debian:
RedHat:
$ sudo updatedb
$ locate -i zbxnext-3106.patch
/home/vl/work/ZBXNEXT-3106/zabbix-2.2.14-ZBXNEXT-3106.patch
31

Where is that file?
Debian:
RedHat:
$ sudo updatedb
$ locate -i zbxnext-3106.patch
$ locate -i –regex ’zbxnext.*ṗatch’
/home/vl/work/zabbix-2.0.10-zbxnext-300-zbx-8992.patch
31

How locate works
/var/lib/plocate/plocate.db
• specific binary format
• zstd compressed
• faster than mlocate, might be notable on big systems with millions of files
32

Listing directory permissions
$ ls -l /var/lib/mysql
33

drwx------ 2 mysql mysql 4096 May 3 2023 zabbix6_0
drwx------ 2 mysql mysql 4096 Jun 15 2024 zabbix7_0
33

$ ls -l /var/lib | grep mysql
drwxr-xr-x 33 mysql mysql 4096 Sep 22 14:01 mysql
drwx------ 2 mysql mysql 4096 Dec 8 2016 mysql-files
-rw-rw---- 1 mysql mysql 18278 Feb 27 2025 ib_buffer_pool
-rw-rw---- 1 mysql mysql 66562688 Sep 22 10:45 ibdata1
33

$ ls -l /var/lib | grep 'mysql$'
33

$ ls --color -l /var/lib | grep 'mysql$'
$
33

$ ls --color -l /var/lib | grep 'mysql$'
$
$ ls -l -d --color /var/lib/mysql
drwxr-xr-x 33 mysql mysql 4096 Sep 22 14:01 /var/lib/mysql
-d, --directory list directories themselves, not their contents
33

Securing files
$ echo pass123 > secret.pw
-rw-r––r–– 1 vl adm 8 Jan 25 16:35 secret.pw
34

Securing files
$ umask
0022
34

Securing files
$ umask
0022
New files : 666 – 022 = 644
New directories : 777 – 022 = 755
34

Securing files
$ umask
0022
New files : 666 – 022 = 644
New directories : 777 – 022 = 755
The first digit in a umask value (if present) controls special permission bits:
• 0 — no special restrictions
• 1 — disables the sticky bit
• 2 — disables the setgid bit
• 4 — disables the setuid bit
These bits are rarely masked, so the first digit is usually 0.
34

Securing files
$ umask 0266
35

Securing files
$ umask 0266
New files : 666 – 266 = 400
$ touch /tmp/foo
$ l /tmp/foo
-r-------- 1 root root 0 Oct 11 23:30 /tmp/foo
35

Securing files
$ umask 0266
New files : 666 – 266 = 400
$ touch /tmp/foo
$ l /tmp/foo
$ chmod 600 secret.pw
-rw------- 1 vl adm 8 Jan 25 16:35 secret.pw
35

Securing files
$ umask 0266
New files : 666 – 266 = 400
$ touch /tmp/foo
$ l /tmp/foo
$ chmod u=rw,g=,o= secret.pw
35

Securing files
$ umask 0266
New files : 666 – 266 = 400
$ touch /tmp/foo
$ l /tmp/foo
$ chmod g+r secret.pw
-rw-r----- 1 vl adm 8 Jan 25 16:35 secret.pw
35

Securing files
$ umask 0266
New files : 666 – 266 = 400
$ touch /tmp/foo
$ l /tmp/foo
$ chmod g+r secret.pw
-rw-r----- 1 vl adm 8 Jan 25 16:35 secret.pw
$ chmod g-r secret.pw
35

Appending to a file
$ l secret.pw
-rw------- 1 root vl 8 Oct 1 18:47 secret.pw
36

Appending to a file
$ l secret.pw
$ echo foobar >> secret.pw
-bash: secret.pw: Permission denied
36

Appending to a file
$ l secret.pw
$ sudo echo foobar >> secret.pw
36

Appending to a file
$ l secret.pw
$ sudo echo foobar >> secret.pw
Who handles the redirection?
• The >> secret.pw redirection is handled by your shell, before sudo is
applied.
• sudo only applies to echo, not to the redirection.
36

Appending to a file
$ echo foobar | sudo tee -a secret.pw
foobar
-a, --append
append to the given FILEs, do not overwrite
37

Appending to a file
$ echo foobar | sudo tee -a secret.pw
foobar
-a, --append
append to the given FILEs, do not overwrite
$ sudo cat secret.pw
pass123
foobar
37

File attributes
In Linux, file attributes are special flags that control additional behaviors of
files and directories beyond the normal read, write, and execute permissions.
These are supported on ext2, ext3, ext4, and some other file systems.
Key points:
• Independent of permissions
• Persistent at the filesystem level
• Attributes control:
• Modification
• Access time updates
• Deletion behavior
• Compression
• Analogy:
• Permissions = keys to the cabinet with documents
• Attributes = seals, instructions on the document
38

Securing a file
$ lsattr /etc/passwd
--------------e------- /etc/passwd
39

Securing a file
--------------e------- /etc/passwd
$ echo -n --------------e------- | wc -c
22
39

Securing a file
--------------e------- /etc/passwd
$ echo -n --------------e------- | wc -c
22
A file with the ’i’ attribute cannot be modified: it cannot be deleted or re-
named, no link can be created to this file.
39

Securing a file
--------------e------- /etc/passwd
$ echo -n --------------e------- | wc -c
22
$ sudo chattr +i /etc/passwd
----i---------e------- /etc/passwd
39

Securing a file
--------------e------- /etc/passwd
$ echo -n --------------e------- | wc -c
22
----i---------e------- /etc/passwd
$ sudo useradd -M -r -s /usr/sbin/nologin tempuser
useradd: cannot open /etc/passwd
39

Securing a file
--------------e------- /etc/passwd
$ echo -n --------------e------- | wc -c
22
----i---------e------- /etc/passwd
$ sudo useradd -M -r -s /usr/sbin/nologin tempuser
useradd: cannot open /etc/passwd
$ sudo chattr -i /etc/passwd
39

Securing a file
$ whoami
vl
$ touch /tmp/foo
$ chattr +i /tmp/foo
Pchattr: Operation not permitted while setting flags on /tmp/foo
40

Common filesystem attributes
Attribute Effect
i Immutable: cannot modify, delete, or rename
a Append-only: can only add data
A No atime updates: read does not change access time
c Compressed: filesystem handles compression
s Secure deletion: wiped securely when deleted
41

Common filesystem attributes
Attribute Effect
i Immutable: cannot modify, delete, or rename
a Append-only: can only add data
A No atime updates: read does not change access time
c Compressed: filesystem handles compression
s Secure deletion: wiped securely when deleted
$ sudo tune2fs -l /dev/sda3 | grep 'Filesystem features'
Filesystem features: has_journal ext_attr resize_inode
dir_index filetype needs_recovery extent 64bit flex_bg
sparse_super large_file huge_file dir_nlink extra_isize
metadata_csum
,
→
,
→
,
→
$ sudo tune2fs -l /dev/sda3 | grep 'Filesystem features' |
grep compress
,
→
$
41

Long commands
Sometimes the command may become really long...
$ while true; do output="$(pgrep -lf zabbix_server)"; if
[ -n "$output" ]; then echo Zabbix server is
running...; fi; sleep 3; done
,
→
,
→
Zabbix server is running...
Zabbix server is running...
42

Long commands
So you need to start writing scripts!
43

A shebang
#!/bin/bash
echo "Cleaning /tmp..."
rm -rfv /tmp/*
44

A shebang
#!/bin/bash
rm -rfv /tmp/*
A shebang is the special character sequence #! at the very beginning of a script
file, followed by the path to the interpreter that should be used to execute the
script.
44

A shebang
#!/bin/bash
rm -rfv /tmp/*
A shebang is the special character sequence #! at the very beginning of a script
file, followed by the path to the interpreter that should be used to execute the
script.
It’s also known as a hashbang or hash-bang, and it allows a script to be run
directly as an executable in Unix-like systems by telling the system which
program (like a shell or Python interpreter) to use.
44

A bash shebang
rm -rf /tmp/*
45

A bash shebang
rm -rf /tmp/*
$ bash cleanup.sh
45

A bash shebang
rm -rf /tmp/*
$ bash cleanup.sh
$ ./cleanup.sh
-bash: ./cleanup.sh: Permission denied
45

A bash shebang
rm -rf /tmp/*
$ bash cleanup.sh
$ ./cleanup.sh
$ chmod +x cleanup.sh
45

A bash shebang
rm -rf /tmp/*
$ bash cleanup.sh
$ ./cleanup.sh
$ ./cleanup.sh
Cleaning /tmp...
$
45

A bash shebang
rm -rf /tmp/*
$ bash cleanup.sh
$ ./cleanup.sh
$ ./cleanup.sh
Cleaning /tmp...
$
When a script without a shebang is executed directly (e.g.,
./cleanup.sh) and the current shell is Bash, the kernel will attempt to
execute the file using the current shell.
45

A bash shebang
Consider a simple perl script.
print("I am $ENV{USER}n");
46

A bash shebang
$ /tmp/echo.pl
-bash: /tmp/echo.pl: Permission denied
46

A bash shebang
$ /tmp/echo.pl
$ chmod +x /tmp/echo.pl
46

A bash shebang
$ /tmp/echo.pl
$ /tmp/echo.pl
/tmp/echo.pl: line 1: syntax error near unexpected token
`"I am $ENV{USER}n"'
46

A bash shebang
$ /tmp/echo.pl
$ /tmp/echo.pl
/tmp/echo.pl: line 1: syntax error near unexpected token
`"I am $ENV{USER}n"'
$ perl /tmp/echo.pl
I am vl
46

A shebang
Bash scripts commonly start with #!/bin/bash
47

A shebang
On many systems (Linux, macOS, BSDs, NixOS, embedded systems, custom
setups), bash might be installed elsewhere (e.g. /usr/local/bin/bash,
/opt/homebrew/bin/bash). If bash isn’t at /bin/bash, your script won’t run.
47

A shebang
Start you bash code with:
#!/usr/bin/env bash
47

A shebang
Start you bash code with:
#!/usr/bin/env bash
• On almost all modern Unix-like systems (Linux, macOS, BSD, etc.), env
is indeed located at /usr/bin/env
• That’s why it became the de facto portable way of locating interpreters
(e.g. bash, python3, perl)
• The POSIX standard requires env, but it does not require it to live in
/usr/bin — only that it be somewhere in the user’s $PATH
47

Hello, world!
#!/usr/bin/env bash
echo 'Hello, world!'
$ ./hello.sh
Hello, world!
48

Hello, world!
#!/usr/bin/env bash
echo 'Hello, world!'
$ ./hello.sh
Hello, world!
Create a backup script that:
1. Takes 2 arguments: file to back up and target directory
2. Target directory is optional, default $HOME/backup
3. If target directory does not exist - create it.
48

Reading command-line arguments
#!/usr/bin/env bash
49

#!/usr/bin/env bash
if [ $1 == "" ]; then
49

#!/usr/bin/env bash
if [ $1 == "" ]; then
# ./backup.sh /etc/resolv.conf
if [ /etc/resolv.conf == "" ]; then
49

#!/usr/bin/env bash
if [ $1 == "" ]; then
# ./backup.sh
if [ == "" ]; then
./backup.sh: line 4: [: =: unary operator expected
49

#!/usr/bin/env bash
if [ $1 == "" ]; then
# ./backup.sh
if [ == "" ]; then
./backup.sh: line 4: [: =: unary operator expected
Variant What it does Safe?
[ -z $1 ] Works, but may break with special characters. ✗
[ -z "$1" ] Correct, safe way to check for an empty argument. ✓
49

#!/usr/bin/env bash
50

#!/usr/bin/env bash
if [ -z "$1" ]; then
50

#!/usr/bin/env bash
if [ -z "$1" ]; then
echo "Usage: $0 <file> [backup directory]"
echo "default backup directory - $HOME/backup"
50

#!/usr/bin/env bash
if [ -z "$1" ]; then
exit 1
fi
50

#!/usr/bin/env bash
if [ -z "$1" ]; then
exit 1
fi
FILE="$1"
50

#!/usr/bin/env bash
if [ -z "$1" ]; then
exit 1
fi
FILE="$1"
BACKUP_DIR="$2"
50

#!/usr/bin/env bash
if [ -z "$1" ]; then
exit 1
fi
FILE="$1"
BACKUP_DIR="$2"
if [ -z "$BACKUP_DIR" ]; then
# default backup directory
BACKUP_DIR="$HOME/backup"
fi
50

#!/usr/bin/env bash
if [ -z "$1" ]; then
exit 1
fi
FILE="$1"
BACKUP_DIR="$2"
fi
# create backup directory if it doesn’t exist
mkdir -p "$BACKUP_DIR"
50

#!/usr/bin/env bash
if [ -z "$1" ]; then
exit 1
fi
FILE="$1"
BACKUP_DIR="$2"
fi
# create backup directory if it doesn’t exist
mkdir -p "$BACKUP_DIR"
cp "$FILE" "$BACKUP_DIR/"
echo "Backup of ’$FILE’ saved to ’$BACKUP_DIR/’"
50

$ ./backup.sh
Usage: ./backup.sh <file> [backup directory]
default backup directory - /home/vl/backup
51

$ ./backup.sh
$ echo $?
$ 1
51

$ ./backup.sh
$ echo $?
$ 1
$ ./backup.sh 2> /dev/null || echo "Backup failed on $(date
--rfc-3339=date)"'!'
,
→
Backup failed on 2025-09-30!
51

$ ./backup.sh
$ echo $?
$ 1
--rfc-3339=date)"'!'
,
→
$ ./backup.sh backup.sh
Backup of 'backup.sh' saved to '/home/vl/backup/'
51

$ ./backup.sh
$ echo $?
$ 1
--rfc-3339=date)"'!'
,
→
Backup of 'backup.sh' saved to '/home/vl/backup/'
$ ./backup.sh backup.sh /tmp
Backup of 'backup.sh' saved to '/tmp/'
$ ls ~/backup/backup.sh /tmp/backup.sh
/home/vl/backup/backup.sh /tmp/backup.sh
51

Error handling
$ ./backup.sh non-existent.txt
cp: cannot stat 'non-existent.txt': No such file or directory
Backup of ’non-existent.txt’ saved to ’/home/vl/backup/’
52

Error handling
if [ $? -ne 0 ]; then
echo "An error occured, see above."
exit 1
fi
52

Error handling
if [ $? -ne 0 ]; then
exit 1
fi
cp: cannot stat 'non-existent.txt': No such file or
directory
,
→
An error occured, see above.
52

Error handling
if [ $? -ne 0 ]; then
exit 1
fi
directory
,
→
if ! cp "$FILE" "$BACKUP_DIR/"; then
exit 1
fi
52

Error handling
if [ $? -ne 0 ]; then
exit 1
fi
directory
,
→
exit 1
fi
directory
,
→
52

Error handling
if ! mkdir -p "$BACKUP_DIR/"; then
exit 1
fi
exit 1
fi
if ! ls "$BACKUP_DIR/$(basename $FILE)" > /dev/null;
then
,
→
exit 1
fi
53

Error handling
if ! mkdir -p "$BACKUP_DIR/"; then
exit 1
fi
exit 1
fi
if ! ls "$BACKUP_DIR/$(basename $FILE)" > /dev/null;
then
,
→
exit 1
fi
mkdir -p "$BACKUP_DIR/" || exit 1
cp "$FILE" "$BACKUP_DIR/" || exit 1
ls "$BACKUP_DIR/$(basename FILE)" > /dev/null || exit 1
53

Error handling
#!/usr/bin/env bash
set -e
54

Error handling
#!/usr/bin/env bash
set -e
#!/usr/bin/env bash
set -e
mkdir -p "$BACKUP_DIR/"
ls "$BACKUP_DIR/$(basename FILE)"
54

Error handling
#!/usr/bin/env bash
set -e
#!/usr/bin/env bash
set -e
mkdir -p "$BACKUP_DIR/"
ls "$BACKUP_DIR/$(basename FILE)"
mkdir: cannot create directory ‘/home/vl/backup/’:
Permission denied
,
→
$ echo $?
1
54

Error handling
#!/usr/bin/env bash
set -e
false | true
echo "continue with the script"
55

Error handling
#!/usr/bin/env bash
set -e
false | true
$ ./test.sh
continue with the script
55

Error handling
#!/usr/bin/env bash
set -e
false | true
$ ./test.sh
#!/usr/bin/env bash
set -e
set -o pipefail
false | true
55

Error handling
#!/usr/bin/env bash
set -e
false | true
$ ./test.sh
#!/usr/bin/env bash
set -e
set -o pipefail
false | true
$ ./test.sh
$ echo $?
1
55

Debugging
$ ./backup.sh backup.sh "/opt/backup dir"
./backup.sh: line 12: [: /opt/backup: binary operator
expected
,
→
56

Debugging
expected
,
→
12: if [ -z $BACKUP_DIR ]; then
13: BACKUP_DIR="$HOME/backup"
14: fi
56

Debugging
expected
,
→
14: fi
set -x
if [ -z $BACKUP_DIR ]; then
fi
set +x
56

Debugging
expected
,
→
14: fi
set -x
if [ -z $BACKUP_DIR ]; then
fi
set +x
+ '[' -z /opt/backup dir ']'
./backup.sh: line 12: [: /opt/backup: binary operator expected
+ set +x
56

Functions
dbg()
{
[ "$DEBUG" = "1" ] || return
echo "DBG: $*"
}
msg()
{
echo "MSG: $*"
}
err()
{
echo "ERR: $*"
exit 1
}
57

Functions
dbg()
{
[ "$DEBUG" = "1" ] || return
echo "DBG: $*"
}
msg()
{
echo "MSG: $*"
}
err()
{
echo "ERR: $*"
exit 1
}
• Less lines
• Consistency
57

Catching signals
#!/usr/bin/env bash
TMP_FILE="$(mktemp)" || exit 1
cleanup()
{
echo "Cleaning up..."
rm -fv "$TMP_FILE"
exit $1
}
trap "cleanup 1" INT TERM
[...]
cleanup
58

Built-in string operations
If you use bash 4 or later, don’t bother with ’tr’ and ’expr’:
$ str=Shell; echo $str | tr [a-z] [A-Z]
SHELL
59

If you use bash 4 or later, don’t bother with ’tr’ and ’expr’:
$ str=Shell; echo $str | tr [a-z] [A-Z]
SHELL
Use bash built-in string operations power:
str=shell; echo ${str^}; echo ${str^^}; echo ${str„}
Shell
SHELL
shell
59

${variable#pattern}
Removes the shortest match of pattern from the beginning.
${variable##pattern}
Removes the longest match of pattern from the beginning.
${variable%pattern}
Removes the shortest match of pattern from the end.
${variable%%pattern}
Removes the longest match of pattern from the end.
60

${variable#pattern}
Removes the shortest match of pattern from the beginning.
${variable##pattern}
Removes the longest match of pattern from the beginning.
${variable%pattern}
Removes the shortest match of pattern from the end.
${variable%%pattern}
Removes the longest match of pattern from the end.
Example:
filename="report.2025.txt"
echo "${filename%.*}" # Output: report.2025
echo "${filename##*.}" # Output: txt
60

Brace expansion
Brace expansion in Bash is a feature that generates strings from patterns
without loops or external commands.
61

Brace expansion
Ranges:
$ echo file{1..3}.txt
file1.txt file2.txt file3.txt
61

Brace expansion
Ranges:
Lists:
$ echo {A,B,C}
A B C
61

Brace expansion
Ranges:
Lists:
$ echo {A,B,C}
A B C
$ rm -fv server.c.{orig,rej,bak}
# translates to -> rm -fv server.c.orig server.c.rej server.c.bak
removed 'server.c.bak'
61

Randomize
$ echo $[RANDOM]
11419
62

Randomize
$ echo $[RANDOM]
11419
$ [ $[RANDOM % 2] -eq 0 ] && echo -n Gleb || echo -n dimir; echo will go
to India'!'
,
→
dimir will go to India!
62

Randomize
$ echo $[RANDOM]
11419
to India'!'
,
→
$ sleep $(( RANDOM % 5 + 1 )) # sleep for 1–5 seconds
62

Randomize
$ echo $[RANDOM]
11419
to India'!'
,
→
$ sleep $(( RANDOM % 5 + 1 )) # sleep for 1–5 seconds
This is called bash arithmetic evaluation.
• (( )) evaluates arithmetic expressions
• $(( )) expands to the numeric result
• Works with standard arithmetic operators (+, -, *, /, %, ++, --, etc.)
• No need for $ before variable names inside (( ))
62

Arithmetic evaluation
$ (( 2 + 3 ))
$ echo $?
0
63

$ (( 2 + 3 ))
$ echo $?
0
$ (( 2 - 2 ))
$ echo $?
1
63

$ (( 2 + 3 ))
$ echo $?
0
$ (( 2 - 2 ))
$ echo $?
1
$ a=5
$ (( a = a + 2 ))
$ echo $a
7
63

$ (( 2 + 3 ))
$ echo $?
0
$ (( 2 - 2 ))
$ echo $?
1
$ a=5
$ (( a = a + 2 ))
$ echo $a
7
$ rv=$(( 5 + 5 ))
$ echo $rv
10
63

Wildcard expansion
$ ls * | grep bashrc
$ ls .* | grep bashrc
.bashrc
64

Wildcard expansion
.bashrc
Make sure you never delete hidden files like this:
$ rm -rf .*
because ".*" matches ".." (higher-level directory)!
$ ls -R .* | grep bashrc
bash.bashrc
bash.bashrc
bash.bashrc
bash.bashrc
64

Wildcard expansion
.bashrc
Make sure you never delete hidden files like this:
$ rm -rf .*
because ".*" matches ".." (higher-level directory)!
$ ls -R .* | grep bashrc
bash.bashrc
bash.bashrc
bash.bashrc
bash.bashrc
Correct way of doing this:
$ rm -rfv .[a-zA-Z]*
64

Following the log file
Log file rotated by logrotate.
$ tail -f /var/log/zabbix_server.log
29631:20160927:152455.721 In substitute_functions()
29631:20160927:152455.721 In zbx_extract_functionids()
tr_num:1
,
→
tail: /tmp/foo.log: file truncated
65

Following the log file
Log file rotated by logrotate.
$ tail -f /var/log/zabbix_server.log
29631:20160927:152455.721 In zbx_extract_functionids()
tr_num:1
,
→
$ tail -F /var/log/zabbix_server.log
29631:20160927:152455.721 In zbx_extract_functionids() tr_num:1
29631:20160927:152455.721 End of zbx_extract_functionids() functionids_num:1
29631:20160927:152455.721 In zbx_populate_function_items() functionids_num:1
29631:20160927:152455.721 End of zbx_populate_function_items() ifuncs_num:1
29631:20160927:152455.721 In zbx_evaluate_item_functions() ifuncs_num:1
29631:20160927:152455.721 In evaluate_function() function:'Zabbix server:test.strle
29631:20160927:152455.721 In evaluate_STRLEN()
29631:20160927:152455.721 In evaluate_LAST()
65

History expansion
The History library provides a history expansion feature that is similar to the
history expansion provided by csh. It is used to manipulate the history
information. The following are event designators. It is a reference to a
command line entry in the history list
!^ first argument
!$ last argument
!* all arguments
!:2 second argument
!:2-3 second to third arguments
!:2-$ second to last arguments
!:2* second to last arguments
!:2- second to next to last arguments
!:0 the command itself
!! repeat the previous line
66

History expansion
$ mkdir -p /usr/local/bin
67

History expansion
$ cp backup.sh !$
cp backup.sh /usr/local/bin
67

History expansion
$ cp backup.sh !$
$ chmod +x !$/backup.sh
chmod +x /usr/local/bin/backup.sh
67

History expansion
$ cp backup.sh !$
$ chmod +x !$/backup.sh
chmod +x /usr/local/bin/backup.sh
$ !$ list.pl
/usr/local/bin/backup.sh list.pl
Backup of 'list.pl' saved to '/home/vl/backup/'
67

History expansion
$ ls /var/log/mysql/error.log /var/log/mysql.err
/var/log/mysql.err /var/log/mysql/error.log
68

History expansion
$ cp !:1 /backup/
cp /var/log/mysql/error.log /backup/
68

History expansion
$ cp !:1 /backup/
$ apt install openssh-server build-essential binutils make
pkg-config libldns-dev automake libssl-dev emacs-nox
php-mbstring php-bcmath php-gd php-ldap php-mysql
php-curl locales python3 faketime libnet-dns-perl less
wget curl tmux git jq
,
→
,
→
,
→
,
→
E: Could not open [...] (13: Permission denied)
68

History expansion
$ cp !:1 /backup/
$ apt install openssh-server build-essential binutils make
pkg-config libldns-dev automake libssl-dev emacs-nox
php-mbstring php-bcmath php-gd php-ldap php-mysql
php-curl locales python3 faketime libnet-dns-perl less
wget curl tmux git jq
,
→
,
→
,
→
,
→
E: Could not open [...] (13: Permission denied)
$ sudo !!
sudo apt install [...]
68

End of command-line options
$ diff -ur master master.new | grep ---
69

grep: unrecognized option '---'
Try 'grep --help' for more information.
69

$ diff -ur master master.new | grep '---'
--- master/src/libs/zbxservice/service.c 2025-10-10
08:01:16.942685012 +0000
,
→
--- master/src/zabbix_server/server.c 2025-10-10
08:01:16.944685012 +0000
,
→
69

08:01:16.942685012 +0000
,
→
08:01:16.944685012 +0000
,
→
$ diff -ur master master.new | grep –– ---
--- a/src/libs/zbxservice/service.c
--- a/src/zabbix_server/server.c
-- stop reading command-line options
69

08:01:16.942685012 +0000
,
→
08:01:16.944685012 +0000
,
→
$ diff -ur master master.new | grep –– ---
--- a/src/libs/zbxservice/service.c
--- a/src/zabbix_server/server.c
-- stop reading command-line options
$ man grep | grep -- -R
-R, --dereference-recursive
69

Viewing diff
$ apt install dwdiff
72

Viewing diff
$ cat /usr/local/bin/vldiff
#!/usr/bin/env bash
dwdiff --color=bred,bgreen -d ',;&*()[]{}=".' --diff-input $@
72

Viewing diff
$ cat /usr/local/bin/vldiff
#!/usr/bin/env bash
dwdiff --color=bred,bgreen -d ',;&*()[]{}=".' --diff-input $@
$ git diff | vldiff
72

grep not working
$ ssh | grep --color bind_address
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] [-b
bind_address]
,
→
[-c cipher_spec] [-D [bind_address:]port] [-E log_file]
[-e escape_char] [-F configfile] [-I pkcs11] [-i identity_file]
[-J destination] [-L address] [-l login_name] [-m mac_spec]
[-O ctl_cmd] [-o option] [-P tag] [-p port] [-R address]
[-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
destination [command [argument ...]] ssh [-Q query_option]
73

grep not working
$ ssh | grep --color bind_address
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] [-b
bind_address]
,
→
[-c cipher_spec] [-D [bind_address:]port] [-E log_file]
[-e escape_char] [-F configfile] [-I pkcs11] [-i identity_file]
[-J destination] [-L address] [-l login_name] [-m mac_spec]
[-O ctl_cmd] [-o option] [-P tag] [-p port] [-R address]
[-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
destination [command [argument ...]] ssh [-Q query_option]
$ ssh 2>&1 | grep --color bind_address
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] [-b bind_address]
73

Working with processes
$ ps ax | grep zabbix_proxy
28559 ? S 0:00 sbin/zabbix_proxy
74

$ pgrep zabbix_proxy
28559
28560
74

$ pgrep zabbix_proxy
28559
28560
$ pgrep -la zabbix_proxy
28559 sbin/zabbix_proxy -c /etc/zabbix/zabbix_proxy.conf
28560 sbin/zabbix_proxy: configuration syncer [syncing configuration]
-l, --list-name
List the process name as well as the process ID (pgrep only)
-a, --list-full
List the full command line as well as the process ID (pgrep only)
74

$ pgrep -lfa poller
28564 sbin/zabbix_proxy: browser poller
28573 sbin/zabbix_proxy: agent poller
28575 sbin/zabbix_proxy: snmp poller
-f, --full
The pattern is matched against the full command line
75

$ pgrep -lfa poller
-f, --full
$ pkill -e zabbix_proxy
zabbix_proxy killed (pid 31152)
75

$ pgrep -lfa poller
-f, --full
-e, --echo
Display name and PID of the process being killed (pkill only)
75

$ pgrep -lfa poller
-f, --full
-e, --echo
Display name and PID of the process being killed (pkill only)
$ pkill -fe poller
75

Thank you
Thank you for listening!
Questions?
76

Linux Command-line Tips and Tricks - ATO 2025

More Related Content

Similar to Linux Command-line Tips and Tricks - ATO 2025

More from All Things Open

Recently uploaded

Linux Command-line Tips and Tricks - ATO 2025