Perl

Using Perl

You're skills as a system administrator will improve immeasurably if you learn Perl - even just a working knowledge of it.

What is Perl

Perl is a general purpose language that can be used for system administration. In fact, it was created by Larry Wall specifically for that purpose. Many of the examples that we have seen before in which we used other separate programs can be done by using Perl alone. This section is not meant to be an exhaustive explanation on how to use Perl nor should it be considered a tutorial on the Perl language. Before using Perl, you should familiarize yourself with it by typing:

perldoc perlintro

Which will give you a basic tutorial. Perl is installed on almost all standard Linux distributions, so perldoc should be available.

If you use perl for system administration, you will find yourself using a lot of short perl expressions known among administrators as one-liners. Here are some one-liners that you may want to study, change and adapt and then use later on.

The following will print out specific lines of a file just like more, less or cat.

perl -ne 'print if 1 .. 5' our_file

We can also choose not to print lines:

perl -ne 'print unless 1 .. 5' our_file

The unless option means not to print lines 1 through 5.

One of the best ways of using perl one-liners is as a substitute for sed Here is an example of how we use Perl like sed:

perl -p -i.bkp -e 's/SCO/Satan/' SCO_news

Here, we have substituted the word SCO for the word Satan in the file SCO_news and besides, we have created a backup file. This is a good idea because if we hadn't used the -i.bkp option, we would have overwritten the SCO_news file forever.

We can also use Perl like awk. Here is an example

ls -l | perl -lane 'print $F[+8]'

This will print out just the name of the file. That's not particularly useful because we can do this just as easily by typing ls -1 . But if we add a little pizazz to it, it becomes extremely useful.

ls -l|perl -lane 'print join " ",@F[5..8]'

This will print out the month, year and hour of the file's creation or last modification and the file name.

Here's another one that you may find useful. If you know someone who's a caps lock freak, they may name all their files in CAPITAL LETTERS. Here's a way to use perl to rename files to lower case names.

perl -e 'for (@ARGV) { rename $_, lc($_) ; }' *

All of the files (*) in that particular directory will be renamed to the lowercase equivalent.

If you happen to be like me and you feel you don't have to use a fancy word processor with bells and whistles in order to write what you're thinking, this following one-liner may come in handy. The spell checker that I use, ispell, won't catch the occasional upper-case letter that should be lower case. I will usually mess up when it comes to a person's title vs. talking about him/her generically. (eg. President Clinton or Clinton was the president in 1999) This will print all the words that begin with a capital in the file. You can then make corrections if you've capitalized something that shouldn't be.

perl -ne 'push@w,/(\b[A-Z]\S*?\b)/g;END{print"@w"}'

As far as system administration goes, if you've written some script, you might want to check it for capitalized words. Remember /home/bob/Report and /home/bob/reports are two different directories, so this could come in handy to debug some problem with a script. Typos cause a lot of heartache to programmers as you may know!

Speaking of heartache (or rather headache) the problem of spam has reached epidemic proportions. It's fairly easy to lock down a mail server, but you never know if people from inside your organization, particularly if you're an administrator of a school, college or university, are giving aid to spammers. Here's a way to get a list of who's on the receiving end of mail coming from your server. We'll get list of addresses to which we've sent from the logs of the Postfix mail server.

perl -ne 'print "$1\n" if /\sto=<([^>]+)>.*?relay=(?!local\,)/' /var/log/mail.log

Alone, this is not an effective spam fighting tool, but if you see mail addresses with clear patterns, you may be on to some spam activity.

As you can see, Perl is pretty powerful on its own. We can also use Perl with the other utilities we've seen before to get an extra boost of power.

Using Perl with other utilities

As I mentioned, you can combine Perl with other utilities to increase the manageability of the things you do with it. Here are some examples.

With the following, you get a list of open ports and who's using them:

cat /proc/net/tcp |perl -lane '(undef,$p)=split ":",$F[1]; print hex($p)."\t".getpwuid($F[7]) if $p'|sort -n|uniq -c

This is tremendously important. Ports that aren't needed should be closed. Any open port is a potential source of unwanted entry. Here we have passed a reading of our TCP ports to Perl and then, as we saw earlier, we sort them and filter out any repeat entries with uniq.

Some of our previous examples were regarding the Apache web server access logs. Well, here's another one for that group. This is a simple one-liner that gives us an ordered count of "hits" on our website from most visited to least.

cat access | perl -ne 'print "$1\n" if /GET (.*?) HTTP/'|sort|uniq -c|sort -nr|less

It's a good idea to dabble a little in Perl, even if you're not planning on using it for web projects and other programming endeavors. You can get more information at the perl site: Perl website.