Linux文本三剑客grep练习

1、显示/etc/rc.d/rc.sysinit文件中以不区分大小的h开头的行;

root@shell \~\]# grep "\^\[hH\]" /etc/rc.d/rc.rc.sysinit

2、显示/etc/passwd中以sh结尾的行;

root@shell \~\]# grep "sh$" /etc/passwd root:x:0:0:root:/root:/bin/bash kxy:x:1000:1000:kxy:/home/kxy:/bin/bash fox:x:1001:1001::/home/fox:/bin/bash ![](https://file.jishuzhan.net/article/1736371495560548353/e40f364da8743699bc5915f5b757d7bc.webp)

3、显示/etc/fstab中以#开头,且后面跟一个或多个空白字符,而后又跟了任意非空白字符的行;

root@shell \~\]# egrep "\^#\[\[:space:\]\]+\[\^\[:space:\]\]\*" /etc/fstab # /etc/fstab # Created by anaconda on Sun Sep 17 13:46:24 2023 # Accessible filesystems, by reference, are maintained under '/dev/disk/'. # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info. # After editing this file, run 'systemctl daemon-reload' to update systemd # units generated from this file. ![](https://file.jishuzhan.net/article/1736371495560548353/f21fc1da311389c8fed8f88d7b275182.webp)

4、查找/etc/rc.d/rc.local中包含"以to开始并以to结尾"的字串行;

root@shell \~\]# egrep -w -o "(to)\[a-z\]+\\1" /etc/rc.d/rc.local

5、查找/etc/inittab中含有"以s开头,并以d结尾的单词"模式的行;

root@shell \~\]# grep -w -o "s\[a-z\]\*d" /etc/inittab systemd systemd ![](https://file.jishuzhan.net/article/1736371495560548353/b02e8761db86b566bc8556d2c97abe43.webp)

6、查找ifconfig命令结果中的1-255之间的整数;

root@shell \~\]# ifconfig \| egrep -o -w "\[1-9\]{1}\|(\[1-9\]{1}\[0-9\]{1})\|\[1-2\]{1}(\[0-9\]{1,2})" \| awk '{printf "%s ",$0} END {print ""}' 192 168 110 132 255 255 255 192 168 110 255 64 29 78 73 5 3 73 127 1 255 1 128 17 1 9 17 1 9 ![](https://file.jishuzhan.net/article/1736371495560548353/09e029a3a747e022a1b6fa371289fc0a.webp)

7、显示/var/log/secure文件中包含"Failed"或"FAILED"的行

root@shell \~\]# egrep "(Failed\|FAILED)" /var/log/secure \[root@shell \~\]# grep -i "Failed" /var/log/secure

8、在/etc/passwd中取出默认shell为bash

root@shell \~\]# grep "bash$" /etc/passwd root:x:0:0:root:/root:/bin/bash kxy:x:1000:1000:kxy:/home/kxy:/bin/bash fox:x:1001:1001::/home/fox:/bin/bash

9、以长格式列出/etc/目录下以ns开头、.conf结尾的文件信息

root@shell \~\]# ll /etc/ \| grep '\^.\*/ns.\*\\.conf$' lrwxrwxrwx. 1 root root 29 Sep 17 21:55 nsswitch.conf -\> /etc/authselect/nsswitch.conf \[root@shell \~\]# ll /etc/ns\*.conf lrwxrwxrwx. 1 root root 29 Sep 17 21:55 /etc/nsswitch.conf -\> /etc/authselect/nsswitch.conf ![](https://file.jishuzhan.net/article/1736371495560548353/26e1dbb53c476c56c3c9270abea8a231.webp)

10、高亮显示passwd文件中冒号,及其两侧的字符

root@shell \~\]# grep -o ".:." /etc/passwd ![](https://file.jishuzhan.net/article/1736371495560548353/0deae0b33c33a01216fde03f48d5a058.webp)

11、匹配/etc/services中开头结尾字母一样的单词

root@shell \~\]# egrep -o -w "(\[a-z\])\[a-z\]+\\1" /etc/services ![](https://file.jishuzhan.net/article/1736371495560548353/10c1c970c779f6319d14686703f5f985.webp)

12.file.txt文件内容:

root@shell \~\]# cat file.txt 48 Dec 3BC1977 LPSX 68.00 LVX2A 138 483 Sept 5AP1996 USP 65.00 LVX2C 189 47 Oct 3ZL1998 LPSX 43.00 KVM9D 512 219 dec 2CC1999 CAD 23.00 PLV2C 68 484 nov 7PL1996 CAD 49.00 PLV2C 234 483 may 5PA1998 USP 37.00 KVM9D 644 216 sept 3ZL1998 USP 86.00 KVM9E 234

(1)含有"48"字符串的行的总数

root@shell \~\]# grep "48" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/65074aabb098fda6637d575d67a2b81e.webp)

(2)显示含有"48"字符串的所有行的行号

root@shell \~\]# grep -n "48" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/a68d5921e9d230b54cdb41424d4ee0b6.webp)

(3)精确匹配只含有"48字符串的行

root@shell \~\]# grep -w "48" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/1b50e440eea2d113f3f6ca991124fbda.webp)

(4)抽取代码为484和483的城市位置

root@shell \~\]# grep "\^48\[34\]" file.txt \[root@shell \~\]# egrep "\^48(3\|4)" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/5be337551247dc0efad579c9952c1471.webp)

(5)显示行首不是4或8

root@shell \~\]# grep "\^\[\^48\]" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/d2d691338df6ed879ca48bf88e004f63.webp)

(6)显示含有九月份(Sept)的行

root@shell \~\]# grep -i "Sept" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/87ac26b4f9e1b097cb5fa8cbb43f3cd7.webp)

(7)显示以K开头,以D结尾的所有代码

root@shell \~\]# grep "K.\*D" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/ad9f82049062c9f350811794dca3d5d2.webp)

(8)显示头两个是大写字母,中间至少两个任意,并以C结尾的代码

root@shell \~\]# egrep "\[A-Z\]{2}..C" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/1d1c966a8ac57dfe265da5e36fdbac68.webp)

(9)查询所有以5开始以1996或1998结尾的所有记录

root@shell \~\]# egrep "5.\*199(6\|8)" file.txt ![](https://file.jishuzhan.net/article/1736371495560548353/bcdc0c22bd3af96ff66d7b10030c3df0.webp)

13、显示/etc/passwd文件中以bash结尾的行;

root@shell \~\]# grep 'bash$' /etc/passwd root:x:0:0:root:/root:/bin/bash kxy:x:1000:1000:kxy:/home/kxy:/bin/bash fox:x:1001:1001::/home/fox:/bin/bash ![](https://file.jishuzhan.net/article/1736371495560548353/3936e6fe2786dd30c378c15788c24005.webp)

14、找出/etc/passwd文件中的三位或四位数;

root@shell \~\]# egrep -o "\[\[:digit:\]\]{3,4}" /etc/passwd 100 6553 6553 ...... 1001 977 977 ![](https://file.jishuzhan.net/article/1736371495560548353/d41421eea2771a641dc1cc7ea8facb48.webp) 这里太多了,可以使用awk再做处理,用printf格式化输出 \[root@shell \~\]# egrep -o "\[\[:digit:\]\]{3,4}" /etc/passwd \| awk '{ printf "%s ", $0 } END { print "" }' 100 6553 6553 999 997 998 996 997 993 996 992 172 172 995 991 994 990 993 989 992 988 991 986 990 985 989 984 988 983 987 982 986 981 985 980 978 978 1000 1000 1001 1001 977 977 ![](https://file.jishuzhan.net/article/1736371495560548353/970d9c5df4bc53acf6f63f18ee020b5f.webp) 这里解释一下吧! printf "%s "注意%s后有个空格,$0为awk的内置变量,表示当前行的全部内容,这里使用格式化输出printf取消换行符并用空格隔开,END为awk的动作,这里为再结尾打印一个空行,实质上就是一个换行符

15、找出/etc/grub2.cfg文件中,以至少一个空白字符开头,后面又跟了非空白字符的行

root@shell \~\]# egrep "\^\[\[:space:\]\]+\[\^\[:space:\]\]\*" /etc/grub2.cfg load_env -f ${config_directory}/grubenv load_env set default="${next_entry}" set next_entry= save_env next_entry set boot_once=true set default="${saved_entry}" ...... source ${config_directory}/custom.cfg source $prefix/custom.cfg ![](https://file.jishuzhan.net/article/1736371495560548353/a947ddd1be372e082cb7d23213c3f92c.webp)

16、找出"netstat -tan"命令的结果中,以'LISTEN'后跟0或多个空白字符结尾的行;

root@shell \~\]# netstat -tan \| egrep "LISTEN\[\[:space:\]\]\*$" tcp 0 0 0.0.0.0:22 0.0.0.0:\* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:\* LISTEN tcp6 0 0 :::22 :::\* LISTEN tcp6 0 0 ::1:631 :::\* LISTEN ![](https://file.jishuzhan.net/article/1736371495560548353/eec462c2126f1cb8452ca4ef0eb7046f.webp)

17、找出"fdisk -l"命令的结果中,包含以/dev/后跟sd或hd及一个字母的行;

root@shell \~\]# fdisk -l \| egrep "/dev/(sd\|hd)\[\[:alpha:\]\]" #这里没有结果

18、找出"ldd /usr/bin/cat"命令的结果中文件路径;

root@shell \~\]# ldd /usr/bin/cat linux-vdso.so.1 (0x00007fff8df01000) libc.so.6 =\> /lib64/libc.so.6 (0x00007f3f05dec000) /lib64/ld-linux-x86-64.so.2 (0x00007f3f0600b000) \[root@shell \~\]# ldd /usr/bin/cat \| grep -o "/\[\^ \]\*" /lib64/libc.so.6 /lib64/ld-linux-x86-64.so.2 ![](https://file.jishuzhan.net/article/1736371495560548353/d21975a530050cff827ce0b6caba33d9.webp)

19、找出/proc/meminfo文件中,所有以大写或小写s开头的行;至少用三种方式实现;

root@shell \~\]# egrep "\^(S\|s)" /proc/meminfo \[root@shell \~\]# grep -i "\^s" /proc/meminfo \[root@shell \~\]# egrep "\^\[sS\]" /proc/meminfo ![](https://file.jishuzhan.net/article/1736371495560548353/d74e819833849af95b9aab912108a10c.webp)

20、显示当前系统上root、apache或nginx用户的相关信息;

root@shell \~\]# egrep "\^(root\|apache\|nginx)" /etc/passwd root:x:0:0:root:/root:/bin/bash apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin nginx:x:977:977:Nginx web server:/var/lib/nginx:/sbin/nologin ![](https://file.jishuzhan.net/article/1736371495560548353/0b18257a598ee6e603afde216c78d08e.webp)

21、echo输出一个绝对路径,使用egrep取出其基名;

root@shell \~\]# echo "/var/www/html/index.html" \| egrep -o \[\^/\]+$ # \[\^/\]表示不包含/ index.html ![](https://file.jishuzhan.net/article/1736371495560548353/26c6631f293b67a05230d7e721a68af1.webp)

22、找出ifconfig命令结果中的1-255之间的整数;

root@shell \~\]# ifconfig \| egrep -o -w "\[1-9\]{1}\|(\[1-9\]{1}\[0-9\]{1})\|\[1-2\]{1}(\[0-9\]{1,2})" \| awk '{printf "%s ",$0} END {print ""}' 192 168 110 132 255 255 255 192 168 110 255 64 29 78 73 5 3 73 127 1 255 1 128 17 1 9 17 1 9 ![](https://file.jishuzhan.net/article/1736371495560548353/09e029a3a747e022a1b6fa371289fc0a.webp)

23、找出系统中其用户名与shell名相同的用户。

root@shell \~\]# egrep "\^(.+):.\*\\1$" /etc/passwd \| cut -d: -f1 sync shutdown halt \[root@shell \~\]# egrep "\^(sync\|shutdown\|halt)" /etc/passwd #检测一下是否正确 sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt ![](https://file.jishuzhan.net/article/1736371495560548353/99d0736613762d77a4d0e6aa19595b30.webp)

相关推荐
宇钶宇夕4 分钟前
SIMATIC S7-1200的以太网通信能力:协议与资源详细解析
运维·服务器·数据库·程序人生·自动化
杰夫贾维斯12 分钟前
CentOS Linux 8 的系统部署 Qwen2.5-7B -Instruct-AWQ
linux·运维·人工智能·机器学习·centos
kfepiza38 分钟前
Netplan 配置网桥(Bridge)的模板笔记250711
linux·tcp/ip·ubuntu
kfepiza1 小时前
用Netplan配置网桥bridge笔记250711
linux·ubuntu·debian
CodeWithMe1 小时前
【Note】Linux Kernel 实时技术深入:详解 PREEMPT_RT 与 Xenomai
linux·运维·服务器
muyun28002 小时前
安全访问云端内部应用:用frp的stcp功能解决SSH转发的痛点
运维·安全·ssh·frp
AI迅剑2 小时前
模块三:现代C++工程实践(4篇)第三篇《C++与系统编程:Linux内核模块开发入门》
linux·运维·服务器
专一的咸鱼哥2 小时前
Linux驱动开发(platform 设备驱动)
linux·运维·驱动开发
Leinwin2 小时前
微软上线 Deep Research 预览版:o3+必应赋能研究自动化
运维·microsoft·自动化
不脱发的程序猿2 小时前
SoC程序如何使用单例模式运行
linux·嵌入式