Redirection Part 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hello, Cybrarians. Welcome back to
00:00
the Linux Plus course here at Cybrary.
00:00
I'm your instructor Rob Goelz.
00:00
In today's lesson, we're going to be covering
00:00
redirection using concepts like pipe,
00:00
tee, and the bitbucket or /dev/null.
00:00
With that, in this lesson,
00:00
we're going to cover redirecting
00:00
command output through another command
00:00
that uses the pipe.
00:00
We're also going to understand the purpose
00:00
of /dev/null and /dev/tty.
00:00
We're going to work with the tee and xargs commands.
00:00
Let's go ahead and get started with some demo time.
00:00
[NOISE] Here we are in our demo environment in CentOS,
00:00
like we were the last lesson.
00:00
The first thing we're going to cover
00:00
today is command redirection.
00:00
Now, command redirection uses the pipe character.
00:00
This is used to redirect
00:00
the output of one command to another command.
00:00
Most people use it when they cut out
00:00
a file and they realize the file is too long,
00:00
and then they need to use grep
00:00
to find what they actually need.
00:00
For instance, let's say
00:00
>> we were to do /cat/etc/password,
00:00
>> [NOISE] that's way too much information.
00:00
That's way more than I needed.
00:00
What we might do is cut and then pipe to send
00:00
this to the grep command and
00:00
>> then grep for save my name.
00:00
>> We're just trying to find the user information
00:00
and /etc/password for me.
00:00
We can see that, that just returns
00:00
the line that has the string Rob in it.
00:00
That's what the grep command does.
00:00
The output of cut gets piped to
00:00
grep and then grep searches for the input,
00:00
searches the input for the string Rob.
00:00
This is just dumb. We can just use grep without a cut.
00:00
I could just do grep.rob,
00:00
/etc/password and I could achieve the same thing.
00:00
Let's use a better example. Let's do less.
00:00
Actually, let me become root for this
00:00
because I think it's going to yell at us if we're not.
00:00
Going to become root temporarily
00:00
for this just to show this.
00:00
What I'm going to do is I'm going to do less
00:00
on /var/log/audit/audit.log.
00:00
That's hideous.
00:00
That's just a ton of information.
00:00
Let's hit Q to quit out of that.
00:00
I'm going to run this through
00:00
another command called ausearch.
00:00
I'm going do an ausearch -i
00:00
to make this a little bit more readable.
00:00
That's a little bit more readable.
00:00
At least we see timestamps and things are separated
00:00
out by a couple of dash characters between lines.
00:00
Now let's pipe this to grep.
00:00
Let's pass this to grep using
00:00
command redirection with a pipe character.
00:00
We'll do a grep for my user Rob,
00:00
and I'll pass grep at i,
00:00
so that we don't really care about the case.
00:00
Now when I hit Enter on this,
00:00
we'll see all of the lines that include the string rob.
00:00
This is basically, we're just saying ausearch,
00:00
send the output of that whole search
00:00
that we sent earlier.
00:00
But just tell me the lines
00:00
that have the name Rob on them.
00:00
That's really just how we do command redirection.
00:00
Now let's take a look at a couple of other things.
00:00
We're going to move into the dev directory here.
00:00
There are two things we
00:00
want to look at here in this directory.
00:00
The first one is something called /dev/null.
00:00
A /dev/null directory is
00:00
just a base black hole for the system.
00:00
It's called a black hole or the
00:00
Bitbucket of a Linux system.
00:00
It's where you send any
00:00
redirected output that you don't want.
00:00
If you don't care about errors,
00:00
you can send them to /dev/null and
00:00
they get deleted immediately.
00:00
It's a black hole. It's also
00:00
where you can send any output you don't want to see,
00:00
or if you wanted, like I said,
00:00
standard error or standard output messages
00:00
to not get written to
00:00
the system console tty 0 and you can do that.
00:00
You can send them to /dev/null with
00:00
the other command redirection we
00:00
talked about in the previous lesson.
00:00
Speaking of tty, the dev directory
00:00
>> holds terminal files.
00:00
>> If we do an ls here in this directory,
00:00
we can see all these files that start with
00:00
tty and then have a number after them.
00:00
Tty 0 represents the system console.
00:00
Dev tty 1,
00:00
represents a physical console
00:00
and that's actually bound to
00:00
control Alt F1 on your keyboard.
00:00
For instance, if we wanted to see this in action,
00:00
I can switch the dev/tty 3 by hitting Control,
00:00
Alt, F3 on my keyboard.
00:00
That'll bring us to just a basic shell.
00:00
The tech shell, not a graphic shell.
00:00
I can log in as me.
00:00
[NOISE] Then when I log in,
00:00
if I type the command tty,
00:00
it's going to display /dev/tty3.
00:00
Let me go back to tty 1.
00:00
Alt Control F1 on my keyboard.
00:00
This is going to bring us back to
00:00
the normal graphic user interface here.
00:00
Let me log back in
00:00
and get back to our screen where we were.
00:00
Now let me type in tty and just hit Enter.
00:00
It's going to display that we're
00:00
>> actually on /dev/pts 0.
00:00
>> What does that mean? Well, that is
00:00
a pseudo tty terminal.
00:00
It's not actually consistent
00:00
with you logging in physically in front of the machine,
00:00
like I would be on tty 3.
00:00
This is a pseudo terminal that we're using through
00:00
this graphical user interface on this VM.
00:00
Now let's take a look at the tee command.
00:00
The tee command is useful when you want to spend
00:00
the output to the file,
00:00
like we saw with output redirection.
00:00
But you also want to see on the screen
00:00
>> at the same time.
00:00
>> Maybe you want to capture in both places,
00:00
so that you can see things as they're going on,
00:00
as you're running commands,
00:00
>> but you also want to save it
00:00
>> later in case you
00:00
miss something and you want to go back and look at it.
00:00
For instance, let's look at our terrible,
00:00
terrible command we ran earlier.
00:00
Let's do a cut on /var/log/audit.log
00:00
>> and then pipe that,
00:00
>> again, remember command redirection, we use the pipe.
00:00
We're going to send it to the tee command
00:00
and we're going to call this audit capture.
00:00
Now when we run this, it's going to
00:00
display all this messy output.
00:00
But we also have captured
00:00
all that output in the audit capture file.
00:00
If we hit Enter on that,
00:00
we see all that terrible output too.
00:00
Now if we wanted to append to
00:00
this file and make it even more God awful and long,
00:00
we could use the tee a command because
00:00
the a option is for append.
00:00
Now when we run that,
00:00
we can run cut on audit
00:00
capture and we see that it runs on
00:00
>> and on and on and on.
00:00
>> It's a much longer file.
00:00
It now has the contents of audit.log,
00:00
or for instance, if you want to get two logs together,
00:00
two files together, we could do
00:00
a cut /var/log/audit/log. We already have that.
00:00
Let's go ahead and cut it in the content of
00:00
the etc host file in here, and then hit Enter.
00:00
Now we do a cabin on a capture,
00:00
we see at the very bottom
00:00
we have the content of etc hosts.
00:00
That's basically the two ways
00:00
that you're going to use tee.
00:00
The very last command we're going to look
00:00
at today is something called xargs.
00:00
The xargs command takes
00:00
input from another command and then
00:00
executes a second command
00:00
for each input that we send to it.
00:00
This is just used
00:00
generally when you're trying to do things,
00:00
like find a bunch of files in a directory.
00:00
Most people use this when
00:00
>> they're using the find command.
00:00
>> That's what we'll do here. Let me make
00:00
sure that I'm in my home directory.
00:00
Then what we're going to do is we're going to
00:00
find any files in this directory.
00:00
I will specify that
00:00
we're in this directory by just hitting dot.
00:00
That indicates the directory that we're in.
00:00
We can specify that they should be
00:00
size one meg or greater.
00:00
That's basically all we need to
00:00
know about the find command that's
00:00
just going to display a list of information.
00:00
But we can pass this to xargs
00:00
to get detailed information from the list command.
00:00
We go back here and then pipe.
00:00
Again, remember, pipe is our command redirection.
00:00
I'm going to do piped to xargs and then do
00:00
ls -l. Now we'll see
00:00
long information about all of these files that we
00:00
found in my home directory that
00:00
>> are larger than one meg.
00:00
>> But with that, we've reached the end of this lesson.
00:00
In this lesson, we covered
00:00
command redirection with the pipe character.
00:00
We also talked about the purpose
00:00
of /dev/null and /dev/tty.
00:00
We talked about working with a tee command and xargs.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in our next lesson.
Up Next