Red Hat System Administration II

Bookmark this page
P1234567891011121314
PreviousNext

Guided Exercise: Match Text in Command Output with Regular Expressions

Search for text in the system logs and the output of commands to find information more efficiently.

Outcomes

  • Efficiently search for text in log files and configuration files.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command ensures that all required resources are available.

[student@workstation ~]$ lab start console-regex

Instructions

  1. Log in to the servera machine as the student user and switch to the root user.

    [student@workstation ~]$ ssh student@servera
...output omitted...
[student@servera ~]$ sudo -i
[sudo] password for student: student
[root@servera ~]#

  2. Use the grep command to find the GID and UID for the postfix and postdrop groups and users. To do so, use the rpm -q --scripts command, which queries the information for a specific package and shows the scripts that are used as part of the installation process.

    [root@servera ~]# rpm -q --scripts postfix | grep -e 'user' -e 'group'
# Add user and groups if necessary
# generated from postfix.sysusers
getent group 'postfix' >/dev/null || groupadd -f -g '89' -r 'postfix' || :
        useradd -r -u '89' -g 'postfix' -d '/var/spool/postfix' -s '/sbin/nologin' -c '' 'postfix' || :
        useradd -r -g 'postfix' -d '/var/spool/postfix' -s '/sbin/nologin' -c '' 'postfix' || :
getent group 'postdrop' >/dev/null || groupadd -f -g '90' -r 'postdrop' || :
getent group 'mail' >/dev/null || groupadd -f -g '12' -r 'mail' || :
getent group 'mail' >/dev/null || groupadd -r 'mail' || :
    useradd -r -g 'postfix' -d '/' -s '/usr/sbin/nologin' -c '' 'postfix' || :
if getent group 'mail' >/dev/null; then
    usermod -a -G 'mail' 'postfix' || :
        setgid_group=postdrop \

  3. Modify the previous regular expression to display the first two messages in the /var/log/maillog file. In this search, you do not need to use the caret character (^), because you are not searching for the first character in a line.

    [root@servera ~]# grep 'postfix' /var/log/maillog | head -n 2
Apr  1 15:27:16 servera postfix/postfix-script[3121]: starting the Postfix mail system
Apr  1 15:27:16 servera postfix/master[3123]: daemon started -- version 3.5.9, configuration /etc/postfix

  4. Find the name of the queue directory for the Postfix server. Search the /etc/postfix/main.cf configuration file for all information about queues. Use the grep command -i option to ignore case distinctions.

    [root@servera ~]# grep -i 'queue' /etc/postfix/main.cf
# testing.  When soft_bounce is enabled, mail will remain queued that
# The queue_directory specifies the location of the Postfix queue.
queue_directory = /var/spool/postfix
# QUEUE AND PROCESS OWNERSHIP
# The mail_owner parameter specifies the owner of the Postfix queue
# is the Sendmail-compatible mail queue listing command.
# setgid_group: The group for mail submission and queue management

  5. Confirm that the postfix service writes messages to the /var/log/messages file. Use the less command and then the slash character (/) to search the file. Press n to move to the next entry that matches the search. Press q to quit the less command.

    [root@servera ~]# less /var/log/messages
...output omitted...
Apr  1 15:27:15 servera systemd[1]: Starting Postfix Mail Transport Agent...
...output omitted...
Apr  1 15:27:16 servera systemd[1]: Started Postfix Mail Transport Agent.
...output omitted...
/Postfix

  6. Use the ps aux command to confirm that the postfix server is currently running. Use the grep command to limit the output to the necessary lines.

    [root@servera ~]# ps aux | grep postfix
root        3123  0.0  0.2  38172  4384 ?        Ss   15:27   0:00 /usr/libexec/postfix/master -w
postfix     3124  0.0  0.4  45208  8236 ?        S    15:27   0:00 pickup -l -t unix -u
postfix     3125  0.0  0.4  45252  8400 ?        S    15:27   0:00 qmgr -l -t unix -u
root        3228  0.0  0.1 221668  2288 pts/0    S+   15:55   0:00 grep --color=auto postfix

  7. Confirm that the qmgr, cleanup, and pickup queues are correctly configured. Use the grep command -e option to match multiple entries in the same file. The /etc/postfix/master.cf file is the configuration file.

    [root@servera ~]# grep -e qmgr -e pickup -e cleanup /etc/postfix/master.cf
pickup    unix  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr

  8. Return to the workstation machine as the student user.

    [root@servera ~]# exit
logout
[student@servera ~]$ exit
logout
Connection to servera closed.
[student@workstation ~]$

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish console-regex

PreviousNext
Revision: rh134-9.3-5fd2368