9.1 正则介绍_grep上
9.2 grep中
9.3 grep下
扩展
把一个目录下,过滤所有*.php文档中含有eval的行
grep -r --include="*.php" ‘eval‘ /data/
# 9.1 正则介绍 grep 上
```
[root@aminglinux-01 ~]# ls
111 1_heard.txt 1.txt 1.txt.bak 2.txt 3.txt aminglinux bb.txt test
123 1_sorft.txt 1.txt~ 234 2.txt.bak 4.txt anaconda-ks.cfg.1 biji.txt
[root@aminglinux-01 ~]# mkdir grep
[root@aminglinux-01 ~]# cd grep/
[root@aminglinux-01 grep]# cp /etc/passwd .
[root@aminglinux-01 grep]# ls
passwd
[root@aminglinux-01 grep]# pwd
/root/grep
[root@aminglinux-01 grep]# ls
passwd
[root@aminglinux-01 grep]# grep ‘nologin‘ passwd
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
chrony:x:997:995::/var/lib/chrony:/sbin/nologin
user4:x:1006:1005::/home/aming111:/sbin/nologin
saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin
[root@aminglinux-01 grep]# which grep
alias grep=‘grep --color=auto‘
/usr/bin/grep
[root@aminglinux-01 grep]#
```
- grep -c 查看行数
```
[root@aminglinux-01 grep]# grep -c ‘nologin‘ passwd
19
[root@aminglinux-01 grep]#
```
- grep -n 查看行号 在最左侧显示
```
[root@aminglinux-01 grep]# grep -n ‘nologin‘ passwd
2:bin:x:1:1:bin:/bin:/sbin/nologin
3:daemon:x:2:2:daemon:/sbin:/sbin/nologin
4:adm:x:3:4:adm:/var/adm:/sbin/nologin
5:lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
9:mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
10:operator:x:11:0:operator:/root:/sbin/nologin
11:games:x:12:100:games:/usr/games:/sbin/nologin
12:ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
13:nobody:x:99:99:Nobody:/:/sbin/nologin
14:systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
15:systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
16:dbus:x:81:81:System message bus:/:/sbin/nologin
17:polkitd:x:998:996:User for polkitd:/:/sbin/nologin
18:tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
19:postfix:x:89:89::/var/spool/postfix:/sbin/nologin
20:sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
21:chrony:x:997:995::/var/lib/chrony:/sbin/nologin
26:user4:x:1006:1005::/home/aming111:/sbin/nologin
29:saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin
[root@aminglinux-01 grep]#
```
- grep -i 不区分大小写,先vim passwd 打开把第一行nologin 改成大写 NOLOGIN
```
[root@aminglinux-01 grep]# vim passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
-- 插入 --
[root@aminglinux-01 grep]# vim passwd
```
- grep -ni 和 grep -n的区别, 会把第三行忽略,grep -ni 就不会区分大小写
```
[root@aminglinux-01 grep]# grep -n ‘nologin‘ passwd
2:bin:x:1:1:bin:/bin:/sbin/nologin
4:adm:x:3:4:adm:/var/adm:/sbin/nologin
[root@aminglinux-01 grep]# grep -ni ‘nologin‘ passwd
2:bin:x:1:1:bin:/bin:/sbin/nologin
3:daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
4:adm:x:3:4:adm:/var/adm:/sbin/nologin
```
- grep -v 取反 ,所有不带nologin的行 grep -vni 看下
```
[root@aminglinux-01 grep]# grep -vni ‘nologin‘ passwd
1:root:x:0:0:root:/root:/bin/bash
6:sync:x:5:0:sync:/sbin:/bin/sync
7:shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
8:halt:x:7:0:halt:/sbin:/sbin/halt
22:aming:x:1000:1005::/home/aming:/bin/bash
23:user1:x:1001:1001::/home/user1:/bin/bash
24:user2:x:1002:1002::/home/user2:/bin/bash
25:user3:x:1004:1005::/home/user3:/bin/bash
27:user5:x:1007:1007::/home/user5:/bin/bash
28:user6:x:1008:1010::/home/user6:/bin/bash
[root@aminglinux-01 grep]#
```
- -r 遍历所有的字目录
```
[root@aminglinux-01 grep]# grep -r ‘root‘ /etc/
/etc/pki/ca-trust/ca-legacy.conf:# The upstream Mozilla.org project tests all changes to the root CA
/etc/pki/ca-trust/ca-legacy.conf:# to temporarily keep certain (legacy) root CA certificates trusted,
/etc/pki/ca-trust/ca-legacy.conf:# It may keep root CA certificate as trusted, which the upstream
/etc/pki/ca-trust/extracted/README:root CA certificates.
/etc/pki/ca-trust/extracted/java/README:root CA certificates.
...
```
-如果不加r ,先把etc目录下的root 过滤出来放到 tmp目录下的 grep.log 下, 再去grep.log 下找带passwd的
```
[root@aminglinux-01 grep]# grep ‘root‘ /etc/
grep: /etc/: 是一个目录
[root@aminglinux-01 grep]# grep ‘root‘ /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
[root@aminglinux-01 grep]#
[root@aminglinux-01 grep]# grep -r ‘root‘ /etc/ > /tmp/grep.log
[root@aminglinux-01 grep]# grep passwd /tmp/grep.log
/etc/passwd:root:x:0:0:root:/root:/bin/bash
/etc/passwd:operator:x:11:0:operator:/root:/sbin/nologin
/etc/passwd-:root:x:0:0:root:/root:/bin/bash
/etc/passwd-:operator:x:11:0:operator:/root:/sbin/nologin
/etc/postfix/main.cf:# the system passwd file in the chroot jail is just not practical.
[root@aminglinux-01 grep]#
```
- -A后面跟数字,表示 过滤出符合要求的行以及下面n行
- 下面过滤出passwd文件里的 带有root的行,以及下面的2行
```
[root@aminglinux-01 grep]# grep -nA2 ‘root‘ passwd
1:root:x:0:0:root:/root:/bin/bash
2-bin:x:1:1:bin:/bin:/sbin/nologin
3-daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
--
10:operator:x:11:0:operator:/root:/sbin/nologin
11-games:x:12:100:games:/usr/games:/sbin/nologin
12-ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
[root@aminglinux-01 grep]#
```
- -B后面跟数字,表示 过滤出符合要求的行以及上面n行
- 下面过滤出paswd文件里的 带有root的行 ,以及上面的 3行
```
[root@aminglinux-01 grep]# grep -nB3 ‘root‘ passwd
1:root:x:0:0:root:/root:/bin/bash
--
7-shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
8-halt:x:7:0:halt:/sbin:/sbin/halt
9-mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
10:operator:x:11:0:operator:/root:/sbin/nologin
[root@aminglinux-01 grep]#
```
- -C后面跟数字,表示 过滤出符合要求的行 以及上下n行
- 下面过滤出passwd 文件里的 带有root的行 ,以及上下2行
```
[root@aminglinux-01 grep]# grep -nC2 ‘root‘ passwd
1:root:x:0:0:root:/root:/bin/bash
2-bin:x:1:1:bin:/bin:/sbin/nologin
3-daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
--
8-halt:x:7:0:halt:/sbin:/sbin/halt
9-mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
10:operator:x:11:0:operator:/root:/sbin/nologin
11-games:x:12:100:games:/usr/games:/sbin/nologin
12-ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
[root@aminglinux-01 grep]#
```
# 9.2 grep 中
- grep ‘[0-9]‘ passwd 过滤出带有数字0-9的
```
[root@aminglinux-01 grep]# grep ‘[0-9]‘ passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
chrony:x:997:995::/var/lib/chrony:/sbin/nologin
aming:x:1000:1005::/home/aming:/bin/bash
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1002::/home/user2:/bin/bash
user3:x:1004:1005::/home/user3:/bin/bash
user4:x:1006:1005::/home/aming111:/sbin/nologin
user5:x:1007:1007::/home/user5:/bin/bash
user6:x:1008:1010::/home/user6:/bin/bash
saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin
[root@aminglinux-01 grep]#
```
- grep -vn ‘[0-9]‘ /etc/inittba 只要带数字的行都不要
```
[root@aminglinux-01 grep]# grep -vn ‘[0-9]‘ /etc/inittab
1:# inittab is no longer used when using systemd.
2:#
3:# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
4:#
5:# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
6:#
7:# systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
8:#
11:#
12:# To view current default target, run:
13:# systemctl get-default
14:#
15:# To set a default target, run:
16:# systemctl set-default TARGET.target
17:#
[root@aminglinux-01 grep]#
```
- [ ]vim 看下是 9行有个3 , 10行有个5
```
1 # inittab is no longer used when using systemd.
2 #
3 # ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
4 #
5 # Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
6 #
7 # systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
8 #
9 # multi-user.target: analogous to runlevel 3
10 # graphical.target: analogous to runlevel 5
11 #
12 # To view current default target, run:
13 # systemctl get-default
14 #
15 # To set a default target, run:
16 # systemctl set-default TARGET.target
17 #
~
~
~
:set nu
```
- grep -n ‘^#‘ inittab 过滤以#开头的行
```
[root@aminglinux-01 grep]# grep -n ‘^#‘ /etc/inittab
1:# inittab is no longer used when using systemd.
2:#
3:# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
4:#
5:# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
6:#
7:# systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
8:#
9:# multi-user.target: analogous to runlevel 3
10:# graphical.target: analogous to runlevel 5
11:#
12:# To view current default target, run:
13:# systemctl get-default
14:#
15:# To set a default target, run:
16:# systemctl set-default TARGET.target
17:#
```
- 先拷贝一下这个/etc/inittab 文件到当前目录下来,不能直接修改文件/etc/inittab 系统配置文件,改错了,会会容易导致系统启动不了,出问题
```
[root@aminglinux-01 grep]# cp /etc/inittab ./
[root@aminglinux-01 grep]# vim inittab
1 # inittab is no longer used when using systemd.
2 #
3 # ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
4 #
5 # Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
6 #
7 # systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
8 #
9 # multi-user.target: analogous to runlevel 3
10 # graphical.target: analogous to runlevel 5
11 ldldldldl
12 #
13 # To view current default target, run:
14 # systemctl get-default
15 #
16 # To set a default target, run:
17 # systemctl set-default TARGET.target
18 #
~
:set nu
```
- 在11行 随便加了点东西,再来grep -n ‘^#‘ inittab, 找出以#开头的行找出来,发现第11行 没有了
```
[root@aminglinux-01 grep]# grep -n ‘^#‘ inittab
1:# inittab is no longer used when using systemd.
2:#
3:# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
4:#
5:# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
6:#
7:# systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
8:#
9:# multi-user.target: analogous to runlevel 3
10:# graphical.target: analogous to runlevel 5
12:#
13:# To view current default target, run:
14:# systemctl get-default
15:#
16:# To set a default target, run:
17:# systemctl set-default TARGET.target
18:#
[root@aminglinux-01 grep]#
```
- grep -nv ‘^#‘ inittab 把不以#开头的 行找出来
```
[root@aminglinux-01 grep]# grep -nv ‘^#‘ inittab
11:ldldldldl
[root@aminglinux-01 grep]#
```
- 再进入vim inittab 里面修改下文件
```
[root@aminglinux-01 grep]# vim inittab
# inittab is no longer used when using systemd.
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
&*&*&*&*
# multi-user.target: analogous to runlevel 3
aaaaaaaaaaaaa
# graphical.target: analogous to runlevel 5
ldldldldl
#
# To view current default target, run:
# systemctl get-default
11111111111
# To set a default target, run:
# systemctl set-default TARGET.target
#
:wq
[root@aminglinux-01 grep]# vim inittab
[root@aminglinux-01 grep]# pwd
/root/grep
[root@aminglinux-01 grep]#
```
-再过滤下
```
[root@aminglinux-01 grep]# grep -v ‘^#‘ inittab
&*&*&*&*
aaaaaaaaaaaaa
ldldldldl
11111111111
[root@aminglinux-01 grep]#
```
- grep ‘[^0-9]‘ inittab 表示 过滤出 非数字的带有一个字符的 地方,在[^0-9]表示 选 非0-9
```
[root@aminglinux-01 grep]# grep ‘[^0-9]‘ inittab
# inittab is no longer used when using systemd.
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
&*&*&*&*
# multi-user.target: analogous to runlevel 3
aaaaaaaaaaaaa
# graphical.target: analogous to runlevel 5
ldldldldl
#
# To view current default target, run:
# systemctl get-default
# To set a default target, run:
# systemctl set-default TARGET.target
#
[root@aminglinux-01 grep]#
```
-再编辑下 inittab文件
```
[root@aminglinux-01 grep]# vim inittab
# inittab is no longer used when using systemd.
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
111111111aaa23333333
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
&*&*&*&*
# multi-user.target: analogous to runlevel 3
aaaaaaaaaaaaa
# graphical.target: analogous to runlevel 5
ldldldldl
#
# To view current default target, run:
# systemctl get-default
11111111111
# To set a default target, run:
# systemctl set-default TARGET.target
```
- 以 非数字的一个字符 grep ‘[^0-9]‘ inittab
```
[root@aminglinux-01 grep]# grep ‘[^0-9]‘ inittab
# inittab is no longer used when using systemd.
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
111111111aaa23333333
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
&*&*&*&*
# multi-user.target: analogous to runlevel 3
aaaaaaaaaaaaa
# graphical.target: analogous to runlevel 5
ldldldldl
#
# To view current default target, run:
# systemctl get-default
# To set a default target, run:
# systemctl set-default TARGET.target
#
[root@aminglinux-01 grep]#
```
- 符合非数字的行开头的行 grep ‘^[^0-9]‘ inittab
```
[root@aminglinux-01 grep]# grep ‘^[^0-9]‘ inittab
# inittab is no longer used when using systemd.
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses ‘targets‘ instead of runlevels. By default, there are two main targets:
&*&*&*&*
# multi-user.target: analogous to runlevel 3
aaaaaaaaaaaaa
# graphical.target: analogous to runlevel 5
ldldldldl
#
# To view current default target, run:
# systemctl get-default
# To set a default target, run:
# systemctl set-default TARGET.target
#
```
-符合数字开头的 grep -vn ‘^[^0-9]‘ inittab
```
[root@aminglinux-01 grep]# grep -vn ‘^[^0-9]‘ inittab
3:111111111aaa23333333
16:11111111111
[root@aminglinux-01 grep]#
```
# 9.3 grep 下
- grep ‘r.o‘ passwd .代表任意一个字符
```
[root@aminglinux-01 grep]# grep ‘r.o‘ passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
[root@aminglinux-01 grep]#
```
1. 随便在passwd文件里 编辑一些
```
[root@aminglinux-01 grep]# vim passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
dskdklldkdddkdkrao:222
daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
222222:r>o:ldkdkdkd
```
2. 再看下
```
[root@aminglinux-01 grep]# grep ‘r.o‘ passwd
root:x:0:0:root:/root:/bin/bash
dskdklldkdddkdkrao:222
222222:r>o:ldkdkdkd
operator:x:11:0:operator:/root:/sbin/nologin
[root@aminglinux-01 grep]#
```
4. .也可以匹配到
```
[root@aminglinux-01 grep]# vim passwd
222222:r.o:ldkdkdkd
[root@aminglinux-01 grep]# grep ‘r.o‘ passwd
root:x:0:0:root:/root:/bin/bash
dskdklldkdddkdkrao:222
222222:r.o:ldkdkdkd
operator:x:11:0:operator:/root:/sbin/nologin
[root@aminglinux-01 grep]#
```
- grep ‘o*o‘ passwd *表示 *左边的字符重复0-n次 n表示随意的数字
```
[root@aminglinux-01 grep]# grep ‘o*o‘ passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
dskdklldkdddkdkrao:222
daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
222222:r.o:ldkdkdkd
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
chrony:x:997:995::/var/lib/chrony:/sbin/nologin
aming:x:1000:1005::/home/aming:/bin/bash
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1002::/home/user2:/bin/bash
user3:x:1004:1005::/home/user3:/bin/bash
user4:x:1006:1005::/home/aming111:/sbin/nologin
user5:x:1007:1007::/home/user5:/bin/bash
user6:x:1008:1010::/home/user6:/bin/bash
saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin
[root@aminglinux-01 grep]#
```
- 改下文件passwd 增加3个o, 4个o
```
[root@aminglinux-01 grep]# vim passwd
user5:x:1007:1007::/hoooome/user5:/bin/bash
user6:x:1008:1010::/hooome/user6:/bin/bash
[root@aminglinux-01 grep]# grep ‘o*o‘ passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
dskdklldkdddkdkrao:222
daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
222222:r.o:ldkdkdkd
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
chrony:x:997:995::/var/lib/chrony:/sbin/nologin
aming:x:1000:1005::/home/aming:/bin/bash
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1002::/home/user2:/bin/bash
user3:x:1004:1005::/home/user3:/bin/bash
user4:x:1006:1005::/home/aming111:/sbin/nologin
user5:x:1007:1007::/hoooome/user5:/bin/bash
user6:x:1008:1010::/hooome/user6:/bin/bash
saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin
[root@aminglinux-01 grep]#
```
- .* 表示任意个任意字符 所有的都匹配
```
[root@aminglinux-01 grep]# grep ‘.*‘ passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
dskdklldkdddkdkrao:222
daemon:x:2:2:daemon:/sbin:/sbin/NOLOGIN
222222:r.o:ldkdkdkd
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
chrony:x:997:995::/var/lib/chrony:/sbin/nologin
aming:x:1000:1005::/home/aming:/bin/bash
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1002::/home/user2:/bin/bash
user3:x:1004:1005::/home/user3:/bin/bash
user4:x:1006:1005::/home/aming111:/sbin/nologin
user5:x:1007:1007::/hoooome/user5:/bin/bash
user6:x:1008:1010::/hooome/user6:/bin/bash
saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin
[root@aminglinux-01 grep]# grep ‘aming.*bash‘ passwd
aming:x:1000:1005::/home/aming:/bin/bash
[root@aminglinux-01 grep]#
```
- grep ‘o\{2\}‘ passwd 表示匹配o出现俩次的字符 o{2}表示前面字符o的重复范围位 o重复2次
```
[root@aminglinux-01 grep]# grep ‘o{2}‘ passwd
[root@aminglinux-01 grep]# grep ‘o\{2\}‘ passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
user5:x:1007:1007::/hoooome/user5:/bin/bash
user6:x:1008:1010::/hooome/user6:/bin/bash
[root@aminglinux-01 grep]#
```
- 如果觉得过 o\{2\} 太麻烦 可以使用 grep -E 或者 egrep
```
[root@aminglinux-01 grep]# grep -E ‘o{2}‘ passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
user5:x:1007:1007::/hoooome/user5:/bin/bash
user6:x:1008:1010::/hooome/user6:/bin/bash
[root@aminglinux-01 grep]# egrep ‘o{2}‘ passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
user5:x:1007:1007::/hoooome/user5:/bin/bash
user6:x:1008:1010::/hooome/user6:/bin/bash
[root@aminglinux-01 grep]#
```
- grep -E ‘(oo){2}‘ passwd 表示一个组合 出现2次 oo的
```
[root@aminglinux-01 grep]# grep -E ‘(oo){2}‘ passwd
user5:x:1007:1007::/hoooome/user5:/bin/bash
[root@aminglinux-01 grep]#
```
- egrep 不需要加 脱义 或者 grep -E
- egrep ‘o+o‘ passwd +表示1次或者一次以上出现前面的字符 ,即+号前面出现一次o或者多次o
```
[root@aminglinux-01 grep]# egrep ‘o+o‘ passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
user5:x:1007:1007::/hoooome/user5:/bin/bash
user6:x:1008:1010::/hooome/user6:/bin/bash
[root@aminglinux-01 grep]#
```
- egrep ‘o+b‘ passwd 表示+前面可以出现o一次以上 egrep ‘o+t‘ passwd
```
[root@aminglinux-01 grep]# egrep ‘o+b‘ passwd
nobody:x:99:99:Nobody:/:/sbin/nologin
[root@aminglinux-01 grep]#
[root@aminglinux-01 grep]# egrep ‘o+t‘ passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
[root@aminglinux-01 grep]#
```
- egrep ‘o?t‘ passwd ?表示0次或者1次出现 前面的字符 这里是0次或者1次出现o
```
[root@aminglinux-01 grep]# egrep ‘o?t‘ passwd
root:x:0:0:root:/root:/bin/bash
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
operator:x:11:0:operator:/root:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin
[root@aminglinux-01 grep]#
```
- egrep ‘o?1o‘ passwd 这个表示 ?前面出现0次或者1次o
- 先编辑下文件vim passwd
```
[root@aminglinux-01 grep]# vim passwd
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:1o1:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/no1ologin
[root@aminglinux-01 grep]# vim passwd
[root@aminglinux-01 grep]# egrep ‘o?1o‘ passwd
operator:x:1o1:0:operator:/root:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/no1ologin
[root@aminglinux-01 grep]# egrep ‘o?1o‘ passwd
```
- grep -E ‘root|nologin‘ passwd | 在这里表示或者的意思
```
[root@aminglinux-01 grep]# grep -E ‘root|nologin‘ passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:1o1:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
chrony:x:997:995::/var/lib/chrony:/sbin/nologin
user4:x:1006:1005::/home/aming111:/sbin/nologin
saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin
[root@aminglinux-01 grep]#
```
- grep -Ei ‘root|bus|997‘ passwd -E 因为后面有符号| -i 是不区分大小写
```
[root@aminglinux-01 grep]# grep -Ei ‘root|bus|997‘ passwd
root:x:0:0:root:/root:/bin/bash
operator:x:1o1:0:operator:/root:/sbin/nologin
systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
chrony:x:997:995::/var/lib/chrony:/sbin/nologin
[root@aminglinux-01 grep]#
```9.1 正则介绍_grep上 9.2 grep中 9.3 grep下
原文地址:http://ch71smas.blog.51cto.com/13090095/1962620
