There are three ways to access the command line interface in Ubuntu, as on any Linux and UNIX distribution. One is launching the terminal emulator program within the graphical user interface. The other two are about accessing the console directly, independent of the graphical user interface and the windowing system powering it (typically X server), and that’s what we’re concerned with here.

The quickest way to get to the console in Ubuntu is to just press Ctrl-Alt-F1. You will immediately be thrown out of the GUI and into the clean Linux console where you can log in and use the command line. Multiple console terminals are available this way if you press Ctrl-Alt-F2, Ctrl-Alt-F3, and so on.

However, what you might want is to get into the text console when you boot into Ubuntu instead of booting directly into the graphics mode. For that you’ll need to make some configuration changes to your GRUB bootloader. The configuration file you will need to modify is /etc/default/grub, and it is a good idea to make a backup of it first in case you ever want to come back to the original configuration:

sudo cp /etc/default/grub /etc/default/grub.backup

With that out of the way you can start modifying the configuration file by opening it, with superuser privileges, in a text editor such as nano:

sudo nano /etc/default/grub

Enter your password and the file will open. Then look for this line: GRUB_CMDLINE_LINUX_DEFAULT=”quiet splash”. Using nano you can search for this line by pressing the Ctrl-W shortcut and typing that line in. You just need to comment it out by putting a hash character in front of it so it looks like this:

# GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

As you might guess this disables booting with the splash screen, and the “quiet” mode, meaning it wouldn’t hide the console output during boot.

Next enable the text mode finding GRUB_CMDLINE_LINUX and adding the “text” option to it. The line will then look like this:

GRUB_CMDLINE_LINUX="text"

This will ensure that you see the text output, but still doesn’t enable the console login. For that find the #GRUB_TERMINAL line, which is likely commented out, uncomment it by removing the # character, and add the “console” option to it so it reads like this:

GRUB_TERMINAL=console

Finally save the file, which in nano you can do by pressing Ctrl-X and then enter, and make sure to update GRUB with the new configuration using the update-grub command:

sudo update-grub

Now you can reboot and Ubuntu should boot in the text mode, and allow you to log in to the console and run the desired commands.

You can compare the contents of two directories by their md5 hashes, which could be useful when you want to make sure that a sync operation went smoothly, for instance. By inspecting the hashes of all the files in the directory and confirming they’re identical you can rest assured all data was copied successfully and fully.

You can use md5sum to get the md5 sums of all the files in a directory, but comparing like this could be pretty daunting:

md5sum dir/*

This outputs a list of all files with their md5 sums.

A better way is using md5deep instead. If you don’t have it you can most likely install it using your package manager very easily (sudo apt-get install md5deep on Ubuntu).

Then if you run the following you’ll get a list of md5 sums of all files in the directory as well as the files of sub-directories:

md5deep -r dir/

The real solution is in the ability of md5deep to compare its own outputs. First you get the md5 sums in a file:

md5deep -r -s /dir1> dir1sums

And then have md5deep read that file and compare the second directory to it:

md5deep -r -X dir1sums /dir2

If there is no output that means the directories are identical. Otherwise it will display the hashes of files that are different. Thus the comparison has been accomplished.

If you wish to see which ports are open on your Linux system, perhaps to check your configuration, you can use the nmap tool. It’s a powerful tool, but we’ll focus on just this simple task.

If you don’t have nmap, first install it. For example, on Ubuntu just run sudo apt-get install nmap. On Fedora it should be sudo yum install nmap. On Arch it should be sudo pacman -Sy nmap.

Once you’ve got nmap just run this simple command. Note that we’re running it with superuser privileges (sudo), which is necessary.

$ nmap localhost

Your output may look something like this:

Starting Nmap 6.40 ( http://nmap.org ) at 2014-11-26 23:56 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0089s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 994 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
443/tcp open https
3306/tcp open mysql

So it shows you the open port numbers and the service that is using each. The above is pretty standard stuff. If you don’t see what you expected you should check your configuration.

If you’d like to do more with nmap you can explore the nmap built in documentation by running man nmap, which contains a breadth of information.

See Also

• 5 ways to use netstat
• Advanced Unix commands

Since you’re reading this you’re probably already aware of what Shellshock is; a number of vulnerabilities found in the widely used Bash shell system in the summer of 2014. The quickest and easiest way to patch against these vulnerabilities and ensure the safety of your system is to update your Bash to the latest version. Here are the update commands for the popular Linux distributions.

Fedora

yum update bash -y

Ubuntu

apt-get update; apt-get install --only-upgrade bash

Arch

pacman -Syu

That should have you covered. However, if for any reason you wish to apply the available patches yourself you can do so by running the following commands. We’ll explain what each does.

First enter your home directory, create (mkdir) the “bash” directory in it, and enter it.

cd ~/ && mkdir bash && cd bash

Download the bash source package from the official server.

wget https://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz

Then download the relevant patches. This command should automatically get the ones you need.

while [ true ]; do i=`expr $i + 1`; wget -N https://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$(printf '%03g' $i); if [ $? -ne 0 ]; then break; fi; done

Extract the bash package and enter its directory.

tar zxvf bash-4.3.tar.gz && cd bash-4.3

Apply all of the patches that have been previously downloaded with this:

for p in `ls ../bash43-[0-9][0-9][0-9]`; do patch -p0 < $p; done

And then recompile the newly patched bash and install.

./configure && make && make install

If you want to just compile it, but not install to your system, simply remove the && make install part from the command.

Or you could simply run this one line that downloads the above as a script and does it all for you automatically:

curl https://shellshocker.net/fixbash | sh

The script is provided by Shellshocker.net, which has detailed information about the vulnerabilities, testing, updating and patching.

If you’re on a Mac just download and install the patches provided by Apple. It should be pretty straightforward. Here they are for Mavericks, Mountain Lion, and Lion.

And that’s all there is to it.

Shellshock refers to a set of vulnerabilities discovered in late summer 2014 that affects Bash (Bourne again shell), a command line shell program used on all Linux systems and almost all UNIX systems, including Mac OSX. If Bash on your system is still vulnerable it could allow an attacker to take control of parts of your systems and run potentially harmful programs by manipulating the environment variables using this Bash vulnerability.

Fortunately, it is fairly easy to check whether your system is vulnerable, and just as easy to fix it. Just run this one command to test your system:

$ curl https://shellshocker.net/shellshock_test.sh | bash

This is provided by Shellshocker.net, which allows you to easily check your system for the shellshock vulnerability and provides detailed information about it, and how to fix it. The command simply downloads and runs their shellshock_test.sh bash script that probes your installation for all known vulnerabilities and tells you if you’re vulnerable and to which. They list the commands that this script will run on the site, and you can also inspect the script’s code by opening it in a text editor.

If you are vulnerable it just means you need to upgrade Bash on your system to the latest patched version, or apply provided patches. On most Linux distributions just a simple security update should do the trick or you could opt to update only Bash specifically. Here are example update commands for popular distributions:

Fedora

# yum update bash -y

Ubuntu

# apt-get update
# apt-get install --only-upgrade bash

Arch
This is the command to use:

# paceman -Syu

More detailed information including how to build from source if you want to take that route are available at Shellshocker.net.

If you are on Mac OSX you just need to install a patch Apple made available for Mavericks, Mountain Lion, and Lion depending on which of these OSX versions you are on. Installing an update should be as straightforward as launching and running it.

This vulnerability shows just how plausible it is for a massive number of systems to become vulnerable due to a bug in a single ubiquitous piece of software, but more importantly, it underscores the importance of keeping your systems up to date at all times.

There are multiple ways to rename a disk partition in OSX, and both should work well depending on your situation.

Use Finder to rename disk partition

You can simply use the Finder to change the disk partition name. In Finder click on the name of your computer, which should be at the top of your file tree, find your partition there, and then just right click on it and click Get info. In the dialog that opens you can easily enter a new name.

Rename MacOS disk partition using command line

In OSX you can also use a command line diskutil tool to rename your partition. Open up the Terminal app, and enter the following command, replacing “old” with your old name, and “new” with your new desired name.

$ /usr/sbin/diskutil rename old new

For example you could do this to change a partition named “Macintosh HD” to My Mac:

$ /usr/sbin/diskutil rename "Machintosh HD" "My Mac"

As you can see you can use quotes in the name.

Note that depending on your set up, that is if your user home directory is not in the root partition, you may have to update your home directory path in System Preferences.

See Also

• MacOS
• List disks and partitions in MacOS
• Creating bootable USB from ISO in MacOS

The netstat command, which stands for “network statistics”, can show you a lot of information about your network including statistics on connections to and from others on the network, used network interfaces, services, ports, and routing tables.

So what could all this information be used for? Just running netstat alone will give you an overview of your network, which will show a list of addresses connected to your system, over which port they’re connected, and what services or programs they’re talking to.

Here are five relatively simple examples of what you can actually do with netstat.

Show who is connected to your system

One of the most useful things you can do with netstat is show exactly who is connected to your system either through an incoming or outgoing connection (whether it is your system which initiated it or the other system). This will simply list all of them:

netstat -a

Look at the “Foreign Address” column to see where the connection is coming from, and “Local Address” to see what on the local machine is it connected.

The following command will show just the TCP (-t) and UDP (-u) connections:

netstat -tua

If you want to turn off hostnames, or domain names, and display only IP numbers just add the -n option.

netstat -tuan

If you want it to display this continuously to see as connections come and go add the -c option.

netstat -tuanc

Needless to say, perhaps, with IP addresses of everyone connecting revealed you can use other tools like traceroute to determine where exactly is it coming from.

Show listening ports with netstat

If you’d like to see which services are actually listening for incoming connections, perhaps to ensure you don’t have something listening that you don’t want to be listening, just use the -l option.

netstat -l

You can also limit this to only a specific type of traffic, like TCP in this example (for UDP just use -u):

netstat -lt

Find the port used by a program

We can get a little bit more specific by combining the netstat command with other common UNIX utilities like grep, in this example, where we make it easier to find which port is used by a program. We use grep to conveniently dig this info out of the netstat output:

netstat -ap | grep znc

In this example we get a list of all connections mentioning ZNC with the ports it is using, and addresses it is connected to.

Show the network routing table

With netstat you can easily see the kernel IP routing table being used on your system using the -r option:

netstat -r

Show all netstat statistics

Being a statistics utility you can of course see a summary of a great number of statistics about your system’s networking. Just run the netstat command with the -s option:

netstat -s

This will display a huge list of statistics, but you’ll immediately recognize the most interesting ones depending on what you’re looking for. For example you can see a total number of packets received, number of active TCP connections, and a number of extended more detailed statistics for each protocol.

Note

These examples are based on netstat in Linux, where it has been succeeded by the ss command from the iproute2 package, but it should apply to most UNIX and UNIX like systems. You can also check the manual page readily available via the man netstat command for more information.

See Also

• netstat unix
• Advanced Unix commands

GRUB bootloader starts up what’s necessary for your Linux or UNIX system to boot up. You can edit its settings, like various boot options and which operating systems to select from, by editing the the /boot/grub/grub.cfg or /etc/grub.conf depending on your system. Graphical programs are also available for this purpose. See our GRUB Boot Loader overview for more.

Once you’ve edited your configuration you’ll need to update grub to use it. This is very easily done by this single command:

$ sudo update-grub

Then once you reboot your new config should be active.

See Also

• Unix Glossary
• sudo command
• Unix How-To

Some properties of ext2, ext3, and ext4 file systems on Linux and UNIX can be tuned on the fly using the tune2fs command. This includes the file system’s label.

First of all let’s list the existing values of a given file system using the -l option:

$ tune2fs -l /dev/sda1

You can also use dumpe2fs /dev/sda1 to list a lot more of the information about the file system, but the above command will neatly list all of the tunable values including the “Filesystem volume name”, which is the file system label.

To change the label use the -L or –volume-label option followed by the new desired label. Keep in mind ext2 file system labels can be only 16 characters long, and will otherwise be truncated.

$ tune2fs -L /dev/sda1 MyFilesystem

Of course, replace “MyFilesystem” with your own desired label and /dev/sda1 with your own device. After you set the label you can specify this file system by its label when using programs like fsck and mount or in the /etc/fstab configuration file by using LABEL=MyFilesystem.

See Also

• tune2fs command
• Advanced Unix Commands

The iptables command on Linux allows setting the rules for the Linux built-in firewall to follow when filtering packets flowing through the system. The iptables command applies to IPv4 packets and the ip6tables applies to IPv6 packets. When you make modifications to your set up you can save them using the iptables-save command for IPv4 rules and ip6tables-save for IPv6 rules:

In Debian or Ubuntu systems you would therefore do this for IPv4:

iptables-save > /etc/iptables/rules.v4

And this for IPv6:

ip6tables-save > /etc/iptables/rules.v6

And the same for RedHat Enterprise Linux or CentOS:

iptables-save > /etc/sysconfig/iptables
ip6tables-save > /etc/sysconfig/ip6tables

Then you would use the iptables-restore command to restore the saved rules:

iptables-restore < /etc/iptables/rules.v4

Manually restoring your own rules every time you boot the system may be a chore. Luckily there is an easy way to do this automatically. On Debian or Ubuntu just use the iptables-persistent package:

apt-get install iptables-persistent

If you saved your rules in /etc/iptables/rules.v4 as specified above they will load automatically on every boot.

For RHEL or CentOS systems you can simply enable the iptables service:

chkconfig iptables on

And make sure your rules are saved:

service iptables save