Version : 2024.01
Dernière mise-à-jour : 2024/03/11 09:31
Les commandes externes au shell sont des binaires exécutables ou des scripts, généralement situés dans /bin, /sbin, /usr/bin ou /usr/sbin :
trainee@debian11:~$ type ip ip is /usr/bin/ip
L'aide d'une commande externe au shell peut être visualisée dans la plupart des cas en passant le paramètre - -help en argument à la commande en question :
trainee@debian11:~$ ip --help
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
ip [ -force ] -batch filename
where OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
vrf | sr | nexthop | mptcp }
OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
-h[uman-readable] | -iec | -j[son] | -p[retty] |
-f[amily] { inet | inet6 | mpls | bridge | link } |
-4 | -6 | -I | -D | -M | -B | -0 |
-l[oops] { maximum-addr-flush-attempts } | -br[ief] |
-o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
-rc[vbuf] [size] | -n[etns] name | -N[umeric] | -a[ll] |
-c[olor]}
Les commandes internes au shell sont des commandes telles type, cd ou umask. Pour vérifier le type de commande, il faut utiliser la commande type :
trainee@debian11:~$ type type type is a shell builtin
Le shell possède la commande help. Utilisée seule, cette commande fournit la liste des commandes internes :
trainee@debian11:~$ help
GNU bash, version 5.1.4(1)-release (x86_64-pc-linux-gnu)
These shell commands are defined internally. Type `help' to see this list.
Type `help name' to find out more about the function `name'.
Use `info bash' to find out more about the shell in general.
Use `man -k' or `info' to find out more about commands not in this list.
A star (*) next to a name means that the command is disabled.
job_spec [&] history [-c] [-d offset] [n] or history>
(( expression )) if COMMANDS; then COMMANDS; [ elif COMM>
. filename [arguments] jobs [-lnprs] [jobspec ...] or jobs -x >
: kill [-s sigspec | -n signum | -sigspec>
[ arg... ] let arg [arg ...]
[[ expression ]] local [option] name[=value] ...
alias [-p] [name[=value] ... ] logout [n]
bg [job_spec ...] mapfile [-d delim] [-n count] [-O origi>
bind [-lpsvPSVX] [-m keymap] [-f filenam> popd [-n] [+N | -N]
break [n] printf [-v var] format [arguments]
builtin [shell-builtin [arg ...]] pushd [-n] [+N | -N | dir]
caller [expr] pwd [-LP]
case WORD in [PATTERN [| PATTERN]...) CO> read [-ers] [-a array] [-d delim] [-i t>
cd [-L|[-P [-e]] [-@]] [dir] readarray [-d delim] [-n count] [-O ori>
command [-pVv] command [arg ...] readonly [-aAf] [name[=value] ...] or r>
compgen [-abcdefgjksuv] [-o option] [-A > return [n]
complete [-abcdefgjksuv] [-pr] [-DEI] [-> select NAME [in WORDS ... ;] do COMMAND>
compopt [-o|+o option] [-DEI] [name ...> set [-abefhkmnptuvxBCHP] [-o option-nam>
continue [n] shift [n]
coproc [NAME] command [redirections] shopt [-pqsu] [-o] [optname ...]
declare [-aAfFgiIlnrtux] [-p] [name[=val> source filename [arguments]
dirs [-clpv] [+N] [-N] suspend [-f]
disown [-h] [-ar] [jobspec ... | pid ...> test [expr]
echo [-neE] [arg ...] time [-p] pipeline
enable [-a] [-dnps] [-f filename] [name > times
eval [arg ...] trap [-lp] [[arg] signal_spec ...]
exec [-cl] [-a name] [command [argument > true
exit [n] type [-afptP] name [name ...]
export [-fn] [name[=value] ...] or expor> typeset [-aAfFgiIlnrtux] [-p] name[=val>
false ulimit [-SHabcdefiklmnpqrstuvxPT] [limi>
fc [-e ename] [-lnr] [first] [last] or f> umask [-p] [-S] [mode]
fg [job_spec] unalias [-a] name [name ...]
for NAME [in WORDS ... ] ; do COMMANDS; > unset [-f] [-v] [-n] [name ...]
for (( exp1; exp2; exp3 )); do COMMANDS;> until COMMANDS; do COMMANDS; done
function name { COMMANDS ; } or name () > variables - Names and meanings of some >
getopts optstring name [arg ...] wait [-fn] [-p var] [id ...]
hash [-lr] [-p pathname] [-dt] [name ...> while COMMANDS; do COMMANDS; done
help [-dms] [pattern ...] { COMMANDS ; }
L'aide concernant une commande spécifique peut être obtenu en passant la commande concernée en argument à la commande help :
trainee@debian11:~$ help type
type: type [-afptP] name [name ...]
Display information about command type.
For each NAME, indicate how it would be interpreted if used as a
command name.
Options:
-a display all locations containing an executable named NAME;
includes aliases, builtins, and functions, if and only if
the `-p' option is not also used
-f suppress shell function lookup
-P force a PATH search for each NAME, even if it is an alias,
builtin, or function, and returns the name of the disk file
that would be executed
-p returns either the name of the disk file that would be executed,
or nothing if `type -t NAME' would not return `file'
-t output a single word which is one of `alias', `keyword',
`function', `builtin', `file' or `', if NAME is an alias,
shell reserved word, shell function, shell builtin, disk file,
or not found, respectively
Arguments:
NAME Command name to be interpreted.
Exit Status:
Returns success if all of the NAMEs are found; fails if any are not found.
La commande man donne accès au manuel de la commande passée en argument. Par exemple man passwd :
trainee@debian11:~$ man passwd
PASSWD(1) User Commands PASSWD(1)
NAME
passwd - change user password
SYNOPSIS
passwd [options] [LOGIN]
DESCRIPTION
The passwd command changes passwords for user accounts. A normal user may only change the password for their own account, while the superuser may change the password for any account. passwd also
changes the account or associated password validity period.
Password Changes
The user is first prompted for their old password, if one is present. This password is then encrypted and compared against the stored password. The user has only one chance to enter the correct
password. The superuser is permitted to bypass this step so that forgotten passwords may be changed.
After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time. If not, passwd refuses to change the password and
exits.
The user is then prompted twice for a replacement password. The second entry is compared against the first and both are required to match in order for the password to be changed.
Then, the password is tested for complexity. As a general guideline, passwords should consist of 6 to 8 characters including one or more characters from each of the following sets:
• lower case alphabetics
• digits 0 thru 9
• punctuation marks
Care must be taken not to include the system default erase or kill characters. passwd will reject any password which is not suitably complex.
Hints for user passwords
The security of a password depends upon the strength of the encryption algorithm and the size of the key space. The legacy UNIX System encryption method is based on the NBS DES algorithm. More
recent methods are now recommended (see ENCRYPT_METHOD). The size of the key space depends upon the randomness of the password which is selected.
Compromises in password security normally result from careless password selection or handling. For this reason, you should not select a password which appears in a dictionary or which must be
written down. The password should also not be a proper name, your license number, birth date, or street address. Any of these may be used as guesses to violate system security.
You can find advice on how to choose a strong password on http://en.wikipedia.org/wiki/Password_strength
OPTIONS
The options which apply to the passwd command are:
-a, --all
This option can be used only with -S and causes show status for all users.
-d, --delete
Delete a user's password (make it empty). This is a quick way to disable a password for an account. It will set the named account passwordless.
-e, --expire
Immediately expire an account's password. This in effect can force a user to change their password at the user's next login.
-h, --help
Display help message and exit.
-i, --inactive INACTIVE
This option is used to disable an account after the password has been expired for a number of days. After a user account has had an expired password for INACTIVE days, the user may no longer
sign on to the account.
Manual page passwd(1) line 1 (press h for help or q to quit)
Une page de manuel peut contenir plusieurs sections :
| Section | Contenu |
|---|---|
| NOM / NAME | Nom et rôle de la commande |
| SYNOPSIS | Syntaxe de la commande, paramètres et arguments |
| DESCRIPTION | Mode d'emploi et les arguments principaux |
| OPTIONS | Descriptions détaillées de chaque paramètre |
| EXEMPLES / EXAMPLES | Exemples d'utilisation de la commande |
| ENVIRONNEMENT / ENVIRONMENT VARIABLES | Fonctionnement selon l'environnement du shell |
| CONFORMITÉ / STANDARDS / CONFORMING TO | Éventuelles normes auxquelles la commande se conforme |
| BOGUES / BUGS/TO DO | Éventuelles bogues connues |
| DIAGNOSTICS/RETOUR / EXIT STATUS/RETURN VALUE | Codes d'erreur et leur signification |
| VOIR AUSSI / SEE ALSO | Commandes liées à celle du manuel actuel |
La navigation dans la page de manuel se fait grâce à l'utilisation de certaines touches :
| Touche | Fonction |
|---|---|
| Espace | Faire défiler une page complète |
| Entrée | Faire défiler la page ligne par ligne |
| ↑ | Faire défiler la page une ligne vers le haut |
| ↓ | Faire défiler la page une ligne vers le bas |
| PageHaut | Faire défiler une demi-page vers le haut |
| PageBas | Faire défiler une demi-page vers le bas |
| Début | Se positionner au début du manuel |
| Fin | Se positionner à la fin du manuel |
| / | Rechercher la chaîne qui suit la touche /. La touche n recherche l'occurrence suivante. La touche N recherche l'occurrence précédente |
| Q | Quitter le manuel |
Un manuel complet est fait de plusieurs sections :
| Section | Contenu |
|---|---|
| 1 | Instructions exécutables ou commandes shell |
| 2 | Appels système |
| 3 | Appels des bibliothèques |
| 4 | Fichiers spéciaux |
| 5 | Format des fichiers |
| 6 | Jeux, économiseurs d'écrans, gadgets |
| 7 | Divers et commandes non standard |
| 8 | Commandes d'administration du système Linux |
| 9 | Sous-programmes du noyau |
Les différentes sections disponibles sont visibles grâce à l'utilisation de la commande whereis :
trainee@debian11:~$ whereis passwd passwd: /usr/bin/passwd /etc/passwd /usr/share/man/man1/passwd.1ssl.gz /usr/share/man/man1/passwd.1.gz /usr/share/man/man5/passwd.5.gz
Pour visualiser une section spécifique, il convient de préciser son numéro :
trainee@debian11:~$ man 5 passwd
PASSWD(5) File Formats and Conversions PASSWD(5)
NAME
passwd - the password file
DESCRIPTION
/etc/passwd contains one line for each user account, with seven fields delimited by colons (“:”). These fields are:
• login name
• optional encrypted password
• numerical user ID
• numerical group ID
• user name or comment field
• user home directory
• optional user command interpreter
If the password field is a lower-case “x”, then the encrypted password is actually stored in the shadow(5) file instead; there must be a corresponding line in the /etc/shadow file, or else the user
account is invalid.
The encrypted password field may be empty, in which case no password is required to authenticate as the specified login name. However, some applications which read the /etc/passwd file may decide
not to permit any access at all if the password field is blank.
A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked.
Refer to crypt(3) for details on how this string is interpreted.
If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the
system by other means).
The comment field is used by various system utilities, such as finger(1).
The home directory field provides the name of the initial working directory. The login program uses this information to set the value of the $HOME environmental variable.
The command interpreter field provides the name of the user's command language interpreter, or the name of the initial program to execute. The login program uses this information to set the value
of the $SHELL environmental variable. If this field is empty, it defaults to the value /bin/sh.
FILES
/etc/passwd
User account information.
/etc/shadow
optional encrypted password file
/etc/passwd-
Backup file for /etc/passwd.
Note that this file is used by the tools of the shadow toolsuite, but not by all user and password management tools.
SEE ALSO
crypt(3), getent(1), getpwnam(3), login(1), passwd(1), pwck(8), pwconv(8), pwunconv(8), shadow(5), su(1), sulogin(8).
shadow-utils 4.8.1 02/07/2020 PASSWD(5)
Manual page passwd(5) line 1 (press h for help or q to quit)
Chaque page de manuel contient une brève description. Ces descriptions ainsi que le nom du manuel sont stockés dans la base de données whatis.
Cette base de données peut être maintenue manuellement par root en invoquant l'exécutable /usr/bin/mandb.
L'utilisation de mandb est très simple :
trainee@debian11:~$ su - Password: fenestros root@debian11:~# which mandb /usr/bin/mandb root@debian11:~# mandb Purging old database entries in /usr/share/man... Processing manual pages under /usr/share/man... Purging old database entries in /usr/share/man/zh_CN... Processing manual pages under /usr/share/man/zh_CN... Purging old database entries in /usr/share/man/hr... Processing manual pages under /usr/share/man/hr... Purging old database entries in /usr/share/man/id... Processing manual pages under /usr/share/man/id... Purging old database entries in /usr/share/man/zh_TW... Processing manual pages under /usr/share/man/zh_TW... Purging old database entries in /usr/share/man/pl... Processing manual pages under /usr/share/man/pl... Purging old database entries in /usr/share/man/es... Processing manual pages under /usr/share/man/es... Purging old database entries in /usr/share/man/cs... Processing manual pages under /usr/share/man/cs... Purging old database entries in /usr/share/man/fi... Processing manual pages under /usr/share/man/fi... Purging old database entries in /usr/share/man/de... Processing manual pages under /usr/share/man/de... Purging old database entries in /usr/share/man/pt_BR... Processing manual pages under /usr/share/man/pt_BR... Purging old database entries in /usr/share/man/it... Processing manual pages under /usr/share/man/it... Purging old database entries in /usr/share/man/da... Processing manual pages under /usr/share/man/da... Purging old database entries in /usr/share/man/ko... Processing manual pages under /usr/share/man/ko... Purging old database entries in /usr/share/man/sr... Processing manual pages under /usr/share/man/sr... Purging old database entries in /usr/share/man/sl... Processing manual pages under /usr/share/man/sl... Purging old database entries in /usr/share/man/hu... Processing manual pages under /usr/share/man/hu... Purging old database entries in /usr/share/man/ro... Processing manual pages under /usr/share/man/ro... Purging old database entries in /usr/share/man/ru... Processing manual pages under /usr/share/man/ru... Purging old database entries in /usr/share/man/sv... Processing manual pages under /usr/share/man/sv... Purging old database entries in /usr/share/man/pt... Processing manual pages under /usr/share/man/pt... Purging old database entries in /usr/share/man/ja... Processing manual pages under /usr/share/man/ja... Purging old database entries in /usr/share/man/tr... Processing manual pages under /usr/share/man/tr... Purging old database entries in /usr/share/man/fr... Processing manual pages under /usr/share/man/fr... Purging old database entries in /usr/share/man/uk... Processing manual pages under /usr/share/man/uk... Purging old database entries in /usr/share/man/nl... Processing manual pages under /usr/share/man/nl... Processing manual pages under /usr/local/man... 0 man subdirectories contained newer manual pages. 0 manual pages were added. 0 stray cats were added. 0 old database entries were purged.
La commande whatis peut maintenant être utilisée pour identifier les sections des manuels disponibles pour une commande donnée :
root@debian11:~# whatis passwd passwd (1) - change user password passwd (1ssl) - compute password hashes passwd (5) - the password file
La commande apropos cherche dans la base de données whatis la chaine de caractères passée en argument à la commande. Sans option, la sortie obtenue est identique à la commande man -k :
root@debian11:~# apropos passwd chgpasswd (8) - update group passwords in batch mode chpasswd (8) - update passwords in batch mode gpasswd (1) - administer /etc/group and /etc/gshadow grub-mkpasswd-pbkdf2 (1) - generate hashed password for GRUB openssl-passwd (1ssl) - compute password hashes pam_localuser (8) - require users to be listed in /etc/passwd passwd (1) - change user password passwd (1ssl) - compute password hashes passwd (5) - the password file update-passwd (8) - safely update /etc/passwd, /etc/shadow and /etc/group
root@debian11:~# man -k passwd chgpasswd (8) - update group passwords in batch mode chpasswd (8) - update passwords in batch mode gpasswd (1) - administer /etc/group and /etc/gshadow grub-mkpasswd-pbkdf2 (1) - generate hashed password for GRUB openssl-passwd (1ssl) - compute password hashes pam_localuser (8) - require users to be listed in /etc/passwd passwd (1) - change user password passwd (1ssl) - compute password hashes passwd (5) - the password file update-passwd (8) - safely update /etc/passwd, /etc/shadow and /etc/group
Le résultat est une liste de commandes suivies par une description brève de celles-ci.
Important - Notez que les numéros entre parenthèses indiquent les sections disponibles.
En plus du système des manuels, des informations concernant des exécutables peuvent être trouvées dans le système info. De l'information détaillée, des exemples et des tutoriels peuvent être absents du système des manuels. Pour cette raison le système info a été créé.
Dans le système info, de multiples pages d'informations concernant un exécutable, appelées nœuds, sont regroupées. La navigation entre nœuds est simple et utilise un système de liens hypertexte.
Afin de faciliter la navigation chaque page contient une entête qui inclut de l'information sur le nœud courant, le nœud parent, le nœud précédent et le nœud suivant. Pour naviguer entre les nœuds il convient d'utiliser les touches suivantes :
| Touch | Fonction |
|---|---|
| n | Nœud suivant. |
| p | Nœud précédent. |
| u | Nœud parent. |
| Espace | Défiler une page vers le bas. |
| Suppr | Défiler une page vers le haut. |
| b | Retour au début du nœud courant. |
| Tab ⇆ | Sélectionner le lien hypertexte suivant. |
| m <lien> | Aller au sous-nœud spécifié. En appuyant sur [Tab], on obtient la liste de tous les sous-nœuds. |
| ↵ Entrée | Suivre le lien hypertexte courant. Un lien hypertexte commence avec un astérisque et se termine avec le caractère :. |
| q | Quitter le système info. |
La commande info n'est pas installée par défaut dans Debian 11. Commencez donc par l'installer :
root@debian11:~# apt update Hit:1 http://deb.debian.org/debian bullseye InRelease Get:2 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB] Get:3 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB] Get:4 http://security.debian.org/debian-security bullseye-security/main Sources [121 kB] Get:5 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [148 kB] Get:6 http://security.debian.org/debian-security bullseye-security/main Translation-en [91.5 kB] Fetched 444 kB in 1s (651 kB/s) Reading package lists... Done Building dependency tree... Done Reading state information... Done 16 packages can be upgraded. Run 'apt list --upgradable' to see them. root@debian11:~# apt -y install info ...
Pour accéder au premier nœud, utilisez la commande suivante :
root@debian11:~# info
File: dir, Node: Top, This is the top of the INFO tree.
This is the Info main menu (aka directory node).
A few useful Info commands:
'q' quits;
'H' lists all Info commands;
'h' starts the Info tutorial;
'mTexinfo RET' visits the Texinfo manual, etc.
* Menu:
Basics
* Common options: (coreutils)Common options.
* Coreutils: (coreutils). Core GNU (file, text, shell) utilities.
* Date input formats: (coreutils)Date input formats.
* File permissions: (coreutils)File permissions.
Access modes.
* Finding files: (find). Operating on files matching certain criteria.
Compression
* Gzip: (gzip). General (de)compression of files (lzw).
Development
* SSIP: (ssip). Speech Synthesis Interface Protocol.
* Speech Dispatcher: (speech-dispatcher).
Speech Dispatcher.
Editors
* nano: (nano). Small and friendly text editor.
GNU organization
* Maintaining Findutils: (find-maint).
Maintaining GNU findutils
GNU Utilities
* dirmngr-client: (gnupg). X.509 CRL and OCSP client.
* dirmngr: (gnupg). X.509 CRL and OCSP server.
* gpg-agent: (gnupg). The secret key daemon.
* gpg2: (gnupg). OpenPGP encryption and signing tool.
* gpgsm: (gnupg). S/MIME encryption and signing tool.
Individual utilities
* arch: (coreutils)arch invocation. Print machine hardware name.
* b2sum: (coreutils)b2sum invocation. Print or check BLAKE2 digests.
* base32: (coreutils)base32 invocation. Base32 encode/decode data.
* base64: (coreutils)base64 invocation. Base64 encode/decode data.
* basename: (coreutils)basename invocation. Strip directory and suffix.
* basenc: (coreutils)basenc invocation. Encoding/decoding of data.
* cat: (coreutils)cat invocation. Concatenate and write files.
* chcon: (coreutils)chcon invocation. Change SELinux CTX of files.
* chgrp: (coreutils)chgrp invocation. Change file groups.
* chmod: (coreutils)chmod invocation. Change access permissions.
* chown: (coreutils)chown invocation. Change file owners and groups.
* chroot: (coreutils)chroot invocation. Specify the root directory.
* cksum: (coreutils)cksum invocation. Print POSIX CRC checksum.
* cmp: (diffutils)Invoking cmp. Compare 2 files byte by byte.
-----Info: (dir)Top, 204 lines --Top------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Welcome to Info version 6.7. Type H for help, h for tutorial.
Pour accéder au tutoriel concernant l'utilisation de la commande, appuyez sur la touche h :
Next: Stand-alone Info, Up: (dir) Stand-alone GNU Info ******************** This documentation describes the stand-alone Info reader which you can use to read Info documentation. If you are new to the Info reader, then you can get started by typing 'H' for a list of basic key bindings. You can read through the rest of this manual by typing <SPC> and <DEL> (or <Space> and <Backspace>) to move forwards and backwards in it. * Menu: * Stand-alone Info:: What is Info? * Invoking Info:: Options you can pass on the command line. * Cursor Commands:: Commands which move the cursor within a node. * Scrolling Commands:: Commands for reading the text within a node. * Node Commands:: Commands for selecting a new node. * Searching Commands:: Commands for searching an Info file. * Index Commands:: Commands for looking up in indices. * Xref Commands:: Commands for selecting cross-references. * Window Commands:: Commands which manipulate multiple windows. * Printing Nodes:: How to print out the contents of a node. * Miscellaneous Commands:: A few commands that defy categorization. * Variables:: How to change the default behavior of Info. * Colors and Styles:: Customize the colors used by Info. * Custom Key Bindings:: How to define your own key-to-command bindings. * Index:: Global index.
Pour quitter, utilisez la touche q.
Copyright © 2024 Hugh Norris.