Chris Cera
This document assumes that you have some basic knowledge of the UNIX environment, or atleast, access to manual pages. Its an extremely brief introduction to some of the more useful facilities. It's time to convert!! Hopefully you will find everything useful, please let me know if anything is incorrect.
This article is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Bottom Line, if somebody hacks into your home directory and erases your existence : it's not my fault.
Contents:
Recursive Grep
Duplex Printing a Postscript file
Securing your Home Directory, but Allowing Web Access
slang
slrn
mutt
lynx
vim
Useful Unix Things Everyone Should Know
This command searches all *.txt files in the current directory and up for the word 'nslookup'. Please note that the print statement will come after grep returns, NOT before, which is what you would probably expect.
$ find . -name '*.txt' -exec grep 'nslookup' {} \; -print
|
The -exec option is awesome, but requires the archaic syntax at the end of the statement, which I still don't totally understand. Other commands can be derived easily in this way. The find command works in a left-2-right fashion (ie. -name -> -exec -> -print), if -name returns, then it goes to -exec, and if -exec returns, then it goes to -print, etc. -print is something that always returns true, so putting -print in front of -exec, like:
$ find . -name '*.txt' -print -exec grep 'nslookup' {} \; (not as useful as the above)
|
would print all '*.txt' files without regard to the -exec grep command, and the grep would work as you would expect.
Use the following sed command (or download it here). This will place the setpagedevice command for duplexing just before the end of the Prolog portion of a postscript document.
s/^%%EndProlog/ \<\< \/Duplex true \>\> setpagedevice\
%%EndProlog/g
|
I don't think that this can be invoked on the command line only b/c the newline will blow up most shells. My suggestion is to save the above link, and make an alias in one of your rc files like:
alias duplexps 'sed -f /home/sbslave/sed/duplexps.sed'
|
It is your responsibility to protect your work, don't rely on sysadmins to protect your home directory. Certainly if a hacker could get past the sysadmins and "root" the network, then nothing can save you. BUT, don't think that everyone within the company itself is honest and won't steal your work. Force the sysadmins to make an explicit group of the people you trust. That is just a warning, and I won't speak about some of the odd behavior I have encountered in my days at SB, but just be aware that you should "watch your back", and your work. Force the sysadmins to make an expli
The easiest way to check permissions in your home and public_html directory is to try this:
$ cd
$ ls -la | head -2 | tail -1
drwxrwx--x 52 cerac001 cix 4096 Jul 28 14:23 ./
$ ls -l public_html
drwxr-x--x 5 cerac001 cix 4096 Jul 28 19:02 public_html/
|
This permission schema was done with:
$ cd /home
$ chmod 771 $USER
$ cd $USER
$ chmod 751 public_html
|
Remember:
0 000 ---
1 001 --x
2 010 -w-
3 011 -wx
4 100 r--
5 101 r-x
6 110 rw-
7 111 rwx
I'm trusting the people in the cix group to rwx in my home directory, but nobody else. You may wish to block out your own group for added security in case somebody compromises their account. In order to allow WEB access to your ~/public_html/ directory, the execute permssion is the tricky parameter for access to your home directory. Somebody needs execute permission in order to cd into your directory (web browser must perform this operation). Somebody needs read permission to ls your directory (not necessary for the web browser so long as index.html is defined in the ~/public_html directory. Basically, somebody can cd passed your home directory IF they already KNOW something else exists. If you don't have read access, then you would have to previously know that something existed.
A web browser already KNOWS about ~/public_html and already LOOKS for index.html, it ONLY needs execute permission to cd into it. From there, if your anchors in your web page are linked properly, a person can get around. The browser will also need read permission on your *.html files because it needs the html source obviously.
I want my web pages to be accessible by anyone, thus the world permissions must be tweaked. Some systems force the web browser to run as the user nobody who needs world permissions to operate, but it is possible for the browser to run as a group member so if you want added security, you should run your browser in this manner, only make your permissions for the directories within the group context. This is certainly possible, but it may take some tweaking. I, personally, don't do this b/c this information your reading is not corporate sensitive material.
One of the drawbacks of having the public_html directory in your home directory is that you must give your $HOME directory execute permission as described above. This means that everything in that home directory is open to interpretation by individual permissions. Thus, you are then forced to further secure everything above the home directory that is sensitive to ensure that snooping is not allowed. It is also helpful to use the umask and newgrp commands, to ensure that newly created files have restrictions set upon them immediately. Since somebody can cd into the directory, you must make sure that they can not continue doing this up your directory tree. Make sure you understand the distinctions between file and directory permissions. They are very different, but not being aware of the directory permissions is just asking for trouble.
For further reading in this topic, I refer you to the chapter on permissions in "Essential System Administration" by O'Reilly & Associates.
What is s-lang?
s-lang is an alternative to curses or ncurses (the program that handles how terminals behave). s-lang was developed by John E. Davis (JED) at NASA. He develops so much free software I wonder if he does any work at all while working at NASA. He is also well known for developing the jed editor as an alternative to emacs and vi. I have never used either of these programs before, sorry, next co-op please. s-lang libraries must be installed, then programs using s-lang have to link to those libraries at compile-time. Usually this is done with command-line arguments when you run the configure script. The web page at the time of writing is at www.s-lang.org.
Why use s-lang instead of curses?
Color. You may say that ncurses supports color too, BUT can you change them easily? Not really if your just a typical end-user and not an admin. s-lang has its very own language and is rapidly finding its way through many major software applications in the free software community. This is extremely useful b/c you can source the same coloring schemes among all applications that use s-lang in their respective configuration files. This allows you to have a specific coloring scheme for use among all of your s-lang - compliant applications.
What programs use s-lang?
All of the 4 programs, to date, can be compiled with the s-lang libraries.
A comprehensive list of slrn runtime commands is available here. Be sure to check out www.slrn.org. INN is probably the most configurable newsreader, but for personal use and fast NNTP surfing, slrn is by far the BEST newsreader. It was written by John E. Davis (JED), the same guy who wrote s-lang. slrn is for just normal people browsing Usenet while, INN is more for people who run an NNTP server and want filtering control,etc. at the server level. This program provides mouse support, but is like a typical UNIXy program, in that your hands should never leave the home keys of the keyboard. slrn requires a .slrnrc file to be in your home directory. I have provided mine right here. One of the best parts about slrn is that it is still being developed, whereas new releases of tin are scarce. There is a strong community of slrn developers. The configuration file includes s-lang commands for the terminal configurations (ie. colors). This configuration file won't work with the slrn version that comes with Redhat 6.1, b/c this is slightly older. A note about some other newsreaders, in case your curious, but I wouldn't recommend any of them:
Inn - meant to be bigtime server.
slrn - seems to be the most recommended.
tin - probably the oldest.
leafnode - can run as miniserver
pine - has some bunk news features
netscape - by far, the absolute worst
If your really interested in researching more newsreaders check out www.newsreaders.com
A comprehensive list of mutt runtime commands is available here. Be sure to check out www.mutt.org. Mutt was originally written by Michael Elkins. PGP encryption is fully supported in this MUA. Mutt is an elm-like MUA designed for use in a terminal. I heard that elm had some MIME compatibility issues, and it is no longer being developed. I was originally a Pine user until I jumped onto the s-lang application boat. Mutt surfaced around 1998 and is brand new, and its perfect for elm users since many of the commands are the same. Elm commands are just scratching the surface of what mutt is capable of, I urge you to go to the website and see for yourself. Mutt supports s-lang commands within it's configuration file, of course.
A comprehensive list of mutt runtime commands is available here. Lynx is a raw html browser that supports html-only. It does not support graphics, cgi, javascript, or any other jazzy riff-raff. You may say, what is the point? Well, SPEED!! It is invokable on the command-line, and also has a --source flag which does exactly what the CURL application does, and dumps the html source to stdout. It is extremely useful for quickly navigating through slow connections since it need not load any pictures or anything. The interface is trivial: forward (>), backward (<), and [BACKSPACE] to view history (also shown as links. There is much more than this, but all you need to start cruising through web pages.
If your already an emacs or jed user, there is no saving you now. You have been polluted! Likewise, some will say the same about me. I included a partial list of standard runtime commands here. vim stands for Vi-IMproved and was written by Bram Moolenaar. Mostly, the stuff that nobody else really has time to worry about. The best feature, IMHO, is the ability to dynamically load vim configuration files for every type of file. These files include the styles, layouts, colors, of the source file that you are editing. The syntax highlighting features are clearly superiour. You can get more information about vim at www.vim.org.
This sight was maintained by Chris Cera
Last Updated: 7/28/2000