There could also be a problem with the server’s session.save_path

New joomla install would show following:

An error has occurred.:Cookies do not appear to be enabled on your browser client. You will not be able to install the application with this feature disabled. Alternatively, there could also be a problem with the server’s session.save_path. If this is the case, please consult your hosting provider if you don’t know how to check or fix this yourself.

and

existing admin login to  joomla installations were not authenticating.

Soln=====>

Compare the following in php.ini

Working configuration
#############################

[root@server  root]# grep session. /usr/local/lib/php.ini
session.save_handler = files
; variable in order to use PHP’s session functions.
;     session.save_path = “N;/path”
; where N is an integer.  Instead of storing all the session files in
; store the session data in those directories.  This is useful if you
; a more efficient layout for servers that handle lots of sessions.
;         You can use the script in the ext/session dir for that purpose.
;         use subdirectories for session storage
;session.save_path = /tmp
session.use_cookies = 1
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
; Initialize session on request startup.
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
; on every session initialization.
session.gc_probability = 1
session.gc_divisor     = 100
session.gc_maxlifetime = 1440
; NOTE: If you are using the subdirectory option for storing session files
;       (see session.save_path above), then garbage collection does *not*
;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          cd /path/to/sessions; find -cmin +24 | xargs rm
; to initialize a session variable in the global scope, albeit register_globals
session.bug_compat_42 = 1
session.bug_compat_warn = 1
; HTTP_REFERER has to contain this substring for the session to be
session.referer_check =
session.entropy_length = 0
; Specified here to create the session id.
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
; – User may send URL contains active session ID
; – URL that contains active session ID may be stored
; – User may access your site with the same session ID
session.use_trans_sid = 0
[root@server root]#

Things to check for
##########################

1) check that the above are set and check that:

2) /tmp has permissions 1777

3) /dev/urandom exists, if not create it with following commands:
mknod -m 644 /dev/urandom c 1 9
chown root:root /dev/random /dev/urandom

4) uncomment
;session.save_path = /tmp
in php.ini , if the sessions folder is not /tmp ( by default for cpanel server installation it is /tmp , however if php/apache is installed on a plain server, the sessions folder is usually /var/lib/php/sessions or something)

Install Latest postgresql using yum from pgsqlrpms

##################################################

[root@server ~]# yum erase postgresql postgresql-server
[root@server ~]# wget http://yum.pgsqlrpms.org/reporpms/8.3/pgdg-centos-8.3-4.noarch.rpm
[root@server ~]# rpm -ivh pgdg-centos-8.3-4.noarch.rpm
[root@server ~]# yum install postgresql postgresql-server
[root@server ~]# chkconfig postgresql on
[root@server ~]# service postgresql initdb
[root@server ~]# chkconfig postgresql on && service postgresql start

[root@server ~]# /usr/bin/postgres –version
postgres (PostgreSQL) 8.3.4
[root@server ~]#

Set port and the interface to bind to

#########################################

vi /var/lib/pgsql/data/postgresql.conf

# – Connection Settings -

listen_addresses = ‘*’
port = 5432

NMAP

echo ” ========== Installing NMAP network Scanner ================= “
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”

echo “Cleaning old nmap installation, if any “

yum -y remove nmap
echo “…………………………………………………………………………………………………………………..”
echo “Install beings “
yum -y install nmap

if [ -f /usr/bin/nmap ]
then

echo ” Nmap successfully installed”
sleep 2
echo ” Testing Nmap “
echo ” ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++”
sleep 3
/usr/bin/nmap localhost -v
sleep 5
else
echo ” Nmap faield to install”
fi

echo ” =========== Install NMAP network Scanner process completed  ===============”
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”
echo “…………………………………………………………………………………………………………………..”

htaccess 302 ( temporary ) and 301 ( primary) redirects

There are permanent are temporary redirect methods that can be applied to .htaccess.

A permanent redirect will notify the visitor’s browser to update any bookmarks that are linked to the page that is being redirected. Temporary redirects will not update the visitor’s bookmarks.

Temporary Redirect ( 302 redirect )
########################################
RewriteEngine on

RewriteCond %{HTTP_HOST} ^domain.com$
RewriteRule ^/?$ “http\:\/\/www\.domain\.com” [R=302,L]

###

Permanent Redirect ( 302 redirect )

##########################################

RewriteEngine on

RewriteCond %{HTTP_HOST} ^domain.com$
RewriteRule ^/?$ “http\:\/\/www\.domain\.com” [R=301,L]

###

The above example will redirect domain.com to www.domain.com in browser.

.

Virtuozzo Upgrade : Upgrading from Virtuozzo3 to Virtuozzo4

Upgrading from Virtuozzo 3 to Virtuozzo 4
================================

First of all refer to :  http://www.parallels.com/en/products/virtuozzo/easy-upgrade/ for detailed explanation. When I decided to upgrade, there was not much available except the above docs. I used the inbuilt vzup2date for the upgrade purpose.

First of all apply all updates on your current Virtuozzo 3 using vzup2date , by selecting udate for virtuozzo 3.0.x only. Once updates are applied, it also does a kernel upgrade. It will finally ask if you want to reboot. Just select finish, and dont reboot. It is better to reboot manually, so that you can swith back to old kernel, in case the new kernel panics or hang up during boot.

Step 1
===================================================

[root@vpsMainNode virtuozzo]# vzup2date

Apply all updates on your current Virtuozzo 3.
Select option reboot manually and dont hit the reboot option, just select finish.

Next,

Edit /etc/grub.conf  and change the option

default=0 to default=1 , so that the current kernel is selected in grub , instead of the new kernel , that was just installed.

Next we configure grub to boot the new kernel only for the next reboot. If the reboot does not go well and the system does not boot properly, do a hard reset ( ask your DC, if

reqd. ) and you will successfully boot into the last working kernel.

[root@vpsMainNode virtuozzo]# grub shell
Probing devices to guess BIOS drives. This may take a long time.

GNU GRUB  version 0.95  (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported.  For the first word, TAB
lists possible command completions.  Anywhere else TAB lists the possible
completions of a device/filename.]

grub> savedefault –default=0 –once
grub> quit

[root@vpsMainNode virtuozzo]#

Reboot the server. If all goes fine, and the server comes up with the new kernel, edit /etc/grub.conf  and change the option

default=1 to default=0

Next,

Run vzup2date again and select updates for Virtuozzo 3 , and go next , next to finish install ( select option manual reboot )
[root@vpsMainNode virtuozzo]# vzup2date

If all Virtuozzo 3 are already applied, you will see no more update available message.

Now that Virtuozzo 3 has all its latest stuff in its version, we will update Virtuozzo 3 to Virtuozzo 4.

Run vzup2date again,
[root@vpsMainNode virtuozzo]# vzup2date

This time, select Virtuozzo 4 for upgrades, do the usual next , next to apply updates. ( select option manual reboot )

This process will take some time depending on speed. Usually 20 to 60 minutes.

Again this will install a newer kernel, so

Next we configure grub to boot the new kernel only for the next reboot. If the reboot does not go well and the system does not boot properly, do a hard reset ( ask your DC, if

reqd. ) and you will successfully boot into the last working kernel.

[root@vpsMainNode virtuozzo]# grub shell
Probing devices to guess BIOS drives. This may take a long time.

GNU GRUB  version 0.95  (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported.  For the first word, TAB
lists possible command completions.  Anywhere else TAB lists the possible
completions of a device/filename.]

grub> savedefault –default=0 –once
grub> quit

[root@vpsMainNode virtuozzo]#

Reboot the server. If all goes fine, and the server comes up with the new kernel, edit /etc/grub.conf  and change the option

default=1 to default=0

Voila !   you have upgraded your server from Virtuozzo 3 to Virtuozzo 4. You will see that all nodes will work properly, start the nodes, if any active node is down in the usual

way.

[root@vpsMainNode virtuozzo]# vzctl start VE_ID

Note VE_ID is now also called as CT_ID ( container ID )

You will find that the Service VE ( now called as Service Container )  will fail to start. If not, then fine. You have nothing left to do , except running a vzup2date again and

apply any newer updates for one more time. If any new kernel is installed , then modify grub.conf as already discussed, while rebooting.

In case Service VE ( now called as Service Container )  fails to start or does not start, you will be unable to access your virtuozzo control panel.

Note , I destroyed old Service VE and recreated it, if for any reason, you want backup of old service , you might chose to make a backup of it.

Here is what I did to install the service CT
###############################################
[root@vpsMainNode virtuozzo]# vzctl destroy 1
[root@vpsMainNode virtuozzo]# cd /root/
[root@vpsMainNode virtuozzo]# wget http://download.parallels.com/virtuozzo/virtuozzo4.0/linux/iso/lin-i386.iso
[root@vpsMainNode virtuozzo]# mkdir /mnt/iso
[root@vpsMainNode virtuozzo]# mount -o loop lin-i386.iso /mnt/iso
[root@vpsMainNode virtuozzo]# vzsveinstall -D /mnt/iso -s xx.yy.zz.IP

[root@vpsMainNode virtuozzo]# vzlist -a | grep CT
CTID      NPROC STATUS    IP_ADDR         HOSTNAME
1         77 running   xx.yy.zz.IP  ServiceCT
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode virtuozzo]# lsof  -i :4643
COMMAND   PID   USER   FD   TYPE   DEVICE SIZE NODE NAME
vzaproxy  531   root    4u  IPv4 10286471       TCP *:4643 (LISTEN)
vzcp      591   root    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp      595 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp      596 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp     3004 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode virtuozzo]# vzctl  restart 1
Restart Container
Stopping Container …
Container was stopped
[  OK  ] down vzagent: [  OK  ]
[  OK  ] vzagent: [  OK  ]
Container is unmounted
Starting Container …
Starting vzagent: [  OK  ]
Starting vzagent: [  OK  ]
Container is mounted
Setting devperms 20006 dev 0×7d00
Adding IP address(es): xx.yy.zz.IP
Hostname for Container set: ServiceCT
File resolv.conf was modified
Container start in progress…

[root@vpsMainNode virtuozzo]# vzlist  -a | grep CT
CTID      NPROC STATUS    IP_ADDR         HOSTNAME
1         77 running   xx.yy.zz.IP  ServiceCT
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode log]# cd /root/
[root@vpsMainNode ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda2             9.9G  4.1G  5.3G  44% /
/dev/sda1             494M   81M  388M  18% /boot
none                  4.0G     0  4.0G   0% /dev/shm
/dev/sda3             448G  267G  158G  63% /vz
/dev/sdb1             459G  123G  313G  29% /backup
/root/lin-i386.iso    582M  582M     0 100% /mnt/iso

[root@vpsMainNode ~]# mkdir /root/virt4_source
[root@vpsMainNode ~]# cp -r /mnt/iso/* /root/virt4_source/
[root@vpsMainNode ~]# umount /mnt/iso

[root@vpsMainNode ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda2             9.9G  4.7G  4.8G  50% /
/dev/sda1             494M   81M  388M  18% /boot
none                  4.0G     0  4.0G   0% /dev/shm
/dev/sda3             448G  267G  158G  63% /vz
/dev/sdb1             459G  123G  313G  29% /backup
[root@vpsMainNode ~]#

Congrats !!! , now that you have got the Service Container Up and Running, time to explore/enjoy the new looks in Virtuozzo 4 control panel.

hwclock – query and set the hardware clock

set the system time from the hardware clock

============================================

root@s1 [~]# /sbin/hwclock –hctosys
root@s1 [~]#

set the hardware clock to the current system time

============================================

root@s1 [~]# /sbin/hwclock –systohc
root@s1 [~]#

root@s1 [~]# /sbin/hwclock –help
hwclock – query and set the hardware clock (RTC)

Usage: hwclock [function] [options...]

Functions:
–help        show this help
–show        read hardware clock and print result
–set         set the rtc to the time given with –date
–hctosys     set the system time from the hardware clock
–systohc     set the hardware clock to the current system time
–adjust      adjust the rtc to account for systematic drift since
the clock was last set or adjusted
–getepoch    print out the kernel’s hardware clock epoch value
–setepoch    set the kernel’s hardware clock epoch value to the
value given with –epoch
–version     print out the version of hwclock to stdout

Options:
–utc         the hardware clock is kept in coordinated universal time
–localtime   the hardware clock is kept in local time
–directisa   access the ISA bus directly instead of /dev/rtc
–badyear     ignore rtc’s year because the bios is broken
–date        specifies the time to which to set the hardware clock
–epoch=year  specifies the year which is the beginning of the
hardware clock’s epoch value
–noadjfile   do not access /etc/adjtime. Requires the use of
either –utc or –localtime

iptables string match to drop malicious urls

iptables string match to drop malicious urls

==================================

Usually modsecurity rules can help filter many malicious url attack patterns combined with apache on apache port (http|https).  But what if a malicious attack using a vulnerable url pattern, that exposes or tries to break into your system is coming onto another port?

This is where iptables string match comes in handy.

/usr/local/sbin/iptables -I INPUT -p tcp -s 0.0.0.0/0 -m string –string “download?file=%2e%2e” –algo bm -j DROP

[root@server ~]# iptables -L -v | grep STR
73 49908 DROP       tcp  –  any    any     anywhere             anywhere            STRING match “download?file=%2e%2e” ALGO name bm TO 65535

[root@server ~]#

The above iptable rule will block any url  that has the string “download?file=%2e%2e” on any port on your server.

Note: your iptables binary path may be /sbin/iptables

Say http://yourserverIP:9132/blah/download?file=%2e%2e

Rename a username , groupname and its homedirectory with usermod

Rename user 7777777 ’s name, groupname and homedir to 88888888 with usermod

root@server1 [/home]# useradd 7777777
root@server1 [/home]#
root@server1 [/home]# grep 7777777 /etc/passwd
7777777:x:32147:32148::/home/

7777777:/bin/bash
root@server1 [/home]#
root@server1 [/home]# grep 7777777 /etc/group
7777777:x:32148:
root@server1 [/home]#
root@server1 [/home]# usermod -d /home/88888888 7777777
root@server1 [/home]#
root@server1 [/home]# grep 7777777 /etc/passwd
7777777:x:32147:32148::/home/88888888:/bin/bash
root@server1 [/home]#

************************************************************************************************************
root@server1 [/home]# rm -fr /home/7777777/        OR  you can mv /home/7777777 /home/88888888, if you want
************************************************************************************************************

root@server1 [/home]# usermod -l 88888888 7777777
failed to rename mailbox: File exists
root@server1 [/home]#

root@server1 [/home]# grep 7777777 /etc/passwd

root@server1 [/home]# grep 88888888 /etc/passwd
88888888:x:32147:32148::/home/88888888:/bin/bash
root@server1 [/home]#

root@server1 [/home]# groupmod -n 88888888 7777777
root@server1 [/home]#

root@server1 [/home]# grep 7777777 /etc/group

root@server1 [/home]#
root@server1 [/home]# grep 88888888 /etc/group
88888888:x:32148:
root@server1 [/home]#

create a directory with different permission mode

—————————————————————
[root@server ~]# mkdir /root/test1 -v -m 1777
mkdir: created directory `/root/test1′
[root@server ~]# ls -lhd /root/test1
drwxrwxrwt  2 root root 4.0K Jul 29 01:42 /root/test1
[root@server ~]#

v = verbose, is not mandatory though

—————————————————————

USEFUL ONE-LINE SCRIPTS FOR SED (Unix stream editor)

-------------------------------------------------------------------------
USEFUL ONE-LINE SCRIPTS FOR SED (Unix stream editor)        Dec. 29, 2005
Compiled by Eric Pement - pemente[at]northpark[dot]edu        version 5.5

Latest version of this file (in English) is usually at:
   http://sed.sourceforge.net/sed1line.txt
   http://www.pement.org/sed/sed1line.txt

This file will also available in other languages:
  Chinese     - http://sed.sourceforge.net/sed1line_zh-CN.html
  Czech       - http://sed.sourceforge.net/sed1line_cz.html
  Dutch       - http://sed.sourceforge.net/sed1line_nl.html
  French      - http://sed.sourceforge.net/sed1line_fr.html
  German      - http://sed.sourceforge.net/sed1line_de.html
  Italian     - (pending)
  Portuguese  - http://sed.sourceforge.net/sed1line_pt-BR.html
  Spanish     - (pending)

FILE SPACING:

 # double space a file
 sed G

 # double space a file which already has blank lines in it. Output file
 # should contain no more than one blank line between lines of text.
 sed '/^$/d;G'

 # triple space a file
 sed 'G;G'

 # undo double-spacing (assumes even-numbered lines are always blank)
 sed 'n;d'

 # insert a blank line above every line which matches "regex"
 sed '/regex/{x;p;x;}'

 # insert a blank line below every line which matches "regex"
 sed '/regex/G'

 # insert a blank line above and below every line which matches "regex"
 sed '/regex/{x;p;x;G;}'

NUMBERING:

 # number each line of a file (simple left alignment). Using a tab (see
 # note on '\t' at end of file) instead of space will preserve margins.
 sed = filename | sed 'N;s/\n/\t/'

 # number each line of a file (number on left, right-aligned)
 sed = filename | sed 'N; s/^/     /; s/ *\(.\{6,\}\)\n/\1  /'

 # number each line of file, but only print numbers if line is not blank
 sed '/./=' filename | sed '/./N; s/\n/ /'

 # count lines (emulates "wc -l")
 sed -n '$='

TEXT CONVERSION AND SUBSTITUTION:

 # IN UNIX ENVIRONMENT: convert DOS newlines (CR/LF) to Unix format.
 sed 's/.$//'               # assumes that all lines end with CR/LF
 sed 's/^M$//'              # in bash/tcsh, press Ctrl-V then Ctrl-M
 sed 's/\x0D$//'            # works on ssed, gsed 3.02.80 or higher

 # IN UNIX ENVIRONMENT: convert Unix newlines (LF) to DOS format.
 sed "s/$/`echo -e \\\r`/"            # command line under ksh
 sed 's/$'"/`echo \\\r`/"             # command line under bash
 sed "s/$/`echo \\\r`/"               # command line under zsh
 sed 's/$/\r/'                        # gsed 3.02.80 or higher

 # IN DOS ENVIRONMENT: convert Unix newlines (LF) to DOS format.
 sed "s/$//"                          # method 1
 sed -n p                             # method 2

 # IN DOS ENVIRONMENT: convert DOS newlines (CR/LF) to Unix format.
 # Can only be done with UnxUtils sed, version 4.0.7 or higher. The
 # UnxUtils version can be identified by the custom "--text" switch
 # which appears when you use the "--help" switch. Otherwise, changing
 # DOS newlines to Unix newlines cannot be done with sed in a DOS
 # environment. Use "tr" instead.
 sed "s/\r//" infile >outfile         # UnxUtils sed v4.0.7 or higher
 tr -d \r <infile >outfile            # GNU tr version 1.22 or higher

 # delete leading whitespace (spaces, tabs) from front of each line
 # aligns all text flush left
 sed 's/^[ \t]*//'                    # see note on '\t' at end of file

 # delete trailing whitespace (spaces, tabs) from end of each line
 sed 's/[ \t]*$//'                    # see note on '\t' at end of file

 # delete BOTH leading and trailing whitespace from each line
 sed 's/^[ \t]*//;s/[ \t]*$//'

 # insert 5 blank spaces at beginning of each line (make page offset)
 sed 's/^/     /'

 # align all text flush right on a 79-column width
 sed -e :a -e 's/^.\{1,78\}$/ &/;ta'  # set at 78 plus 1 space

 # center all text in the middle of 79-column width. In method 1,
 # spaces at the beginning of the line are significant, and trailing
 # spaces are appended at the end of the line. In method 2, spaces at
 # the beginning of the line are discarded in centering the line, and
 # no trailing spaces appear at the end of lines.
 sed  -e :a -e 's/^.\{1,77\}$/ & /;ta'                     # method 1
 sed  -e :a -e 's/^.\{1,77\}$/ &/;ta' -e 's/\( *\)\1/\1/'  # method 2

 # substitute (find and replace) "foo" with "bar" on each line
 sed 's/foo/bar/'             # replaces only 1st instance in a line
 sed 's/foo/bar/4'            # replaces only 4th instance in a line
 sed 's/foo/bar/g'            # replaces ALL instances in a line
 sed 's/\(.*\)foo\(.*foo\)/\1bar\2/' # replace the next-to-last case
 sed 's/\(.*\)foo/\1bar/'            # replace only the last case

 # substitute "foo" with "bar" ONLY for lines which contain "baz"
 sed '/baz/s/foo/bar/g'

 # substitute "foo" with "bar" EXCEPT for lines which contain "baz"
 sed '/baz/!s/foo/bar/g'

 # change "scarlet" or "ruby" or "puce" to "red"
 sed 's/scarlet/red/g;s/ruby/red/g;s/puce/red/g'   # most seds
 gsed 's/scarlet\|ruby\|puce/red/g'                # GNU sed only

 # reverse order of lines (emulates "tac")
 # bug/feature in HHsed v1.5 causes blank lines to be deleted
 sed '1!G;h;$!d'               # method 1
 sed -n '1!G;h;$p'             # method 2

 # reverse each character on the line (emulates "rev")
 sed '/\n/!G;s/\(.\)\(.*\n\)/&\2\1/;//D;s/.//'

 # join pairs of lines side-by-side (like "paste")
 sed '$!N;s/\n/ /'

 # if a line ends with a backslash, append the next line to it
 sed -e :a -e '/\\$/N; s/\\\n//; ta'

 # if a line begins with an equal sign, append it to the previous line
 # and replace the "=" with a single space
 sed -e :a -e '$!N;s/\n=/ /;ta' -e 'P;D'

 # add commas to numeric strings, changing "1234567" to "1,234,567"
 gsed ':a;s/\B[0-9]\{3\}\>/,&/;ta'                     # GNU sed
 sed -e :a -e 's/\(.*[0-9]\)\([0-9]\{3\}\)/\1,\2/;ta'  # other seds

 # add commas to numbers with decimal points and minus signs (GNU sed)
 gsed -r ':a;s/(^|[^0-9.])([0-9]+)([0-9]{3})/\1\2,\3/g;ta'

 # add a blank line every 5 lines (after lines 5, 10, 15, 20, etc.)
 gsed '0~5G'                  # GNU sed only
 sed 'n;n;n;n;G;'             # other seds

SELECTIVE PRINTING OF CERTAIN LINES:

 # print first 10 lines of file (emulates behavior of "head")
 sed 10q

 # print first line of file (emulates "head -1")
 sed q

 # print the last 10 lines of a file (emulates "tail")
 sed -e :a -e '$q;N;11,$D;ba'

 # print the last 2 lines of a file (emulates "tail -2")
 sed '$!N;$!D'

 # print the last line of a file (emulates "tail -1")
 sed '$!d'                    # method 1
 sed -n '$p'                  # method 2

 # print the next-to-the-last line of a file
 sed -e '$!{h;d;}' -e x              # for 1-line files, print blank line
 sed -e '1{$q;}' -e '$!{h;d;}' -e x  # for 1-line files, print the line
 sed -e '1{$d;}' -e '$!{h;d;}' -e x  # for 1-line files, print nothing

 # print only lines which match regular expression (emulates "grep")
 sed -n '/regexp/p'           # method 1
 sed '/regexp/!d'             # method 2

 # print only lines which do NOT match regexp (emulates "grep -v")
 sed -n '/regexp/!p'          # method 1, corresponds to above
 sed '/regexp/d'              # method 2, simpler syntax

 # print the line immediately before a regexp, but not the line
 # containing the regexp
 sed -n '/regexp/{g;1!p;};h'

 # print the line immediately after a regexp, but not the line
 # containing the regexp
 sed -n '/regexp/{n;p;}'

 # print 1 line of context before and after regexp, with line number
 # indicating where the regexp occurred (similar to "grep -A1 -B1")
 sed -n -e '/regexp/{=;x;1!p;g;$!N;p;D;}' -e h

 # grep for AAA and BBB and CCC (in any order)
 sed '/AAA/!d; /BBB/!d; /CCC/!d'

 # grep for AAA and BBB and CCC (in that order)
 sed '/AAA.*BBB.*CCC/!d'

 # grep for AAA or BBB or CCC (emulates "egrep")
 sed -e '/AAA/b' -e '/BBB/b' -e '/CCC/b' -e d    # most seds
 gsed '/AAA\|BBB\|CCC/!d'                        # GNU sed only

 # print paragraph if it contains AAA (blank lines separate paragraphs)
 # HHsed v1.5 must insert a 'G;' after 'x;' in the next 3 scripts below
 sed -e '/./{H;$!d;}' -e 'x;/AAA/!d;'

 # print paragraph if it contains AAA and BBB and CCC (in any order)
 sed -e '/./{H;$!d;}' -e 'x;/AAA/!d;/BBB/!d;/CCC/!d'

 # print paragraph if it contains AAA or BBB or CCC
 sed -e '/./{H;$!d;}' -e 'x;/AAA/b' -e '/BBB/b' -e '/CCC/b' -e d
 gsed '/./{H;$!d;};x;/AAA\|BBB\|CCC/b;d'         # GNU sed only

 # print only lines of 65 characters or longer
 sed -n '/^.\{65\}/p'

 # print only lines of less than 65 characters
 sed -n '/^.\{65\}/!p'        # method 1, corresponds to above
 sed '/^.\{65\}/d'            # method 2, simpler syntax

 # print section of file from regular expression to end of file
 sed -n '/regexp/,$p'

 # print section of file based on line numbers (lines 8-12, inclusive)
 sed -n '8,12p'               # method 1
 sed '8,12!d'                 # method 2

 # print line number 52
 sed -n '52p'                 # method 1
 sed '52!d'                   # method 2
 sed '52q;d'                  # method 3, efficient on large files

 # beginning at line 3, print every 7th line
 gsed -n '3~7p'               # GNU sed only
 sed -n '3,${p;n;n;n;n;n;n;}' # other seds

 # print section of file between two regular expressions (inclusive)
 sed -n '/Iowa/,/Montana/p'             # case sensitive

SELECTIVE DELETION OF CERTAIN LINES:

 # print all of file EXCEPT section between 2 regular expressions
 sed '/Iowa/,/Montana/d'

 # delete duplicate, consecutive lines from a file (emulates "uniq").
 # First line in a set of duplicate lines is kept, rest are deleted.
 sed '$!N; /^\(.*\)\n\1$/!P; D'

 # delete duplicate, nonconsecutive lines from a file. Beware not to
 # overflow the buffer size of the hold space, or else use GNU sed.
 sed -n 'G; s/\n/&&/; /^\([ -~]*\n\).*\n\1/d; s/\n//; h; P'

 # delete all lines except duplicate lines (emulates "uniq -d").
 sed '$!N; s/^\(.*\)\n\1$/\1/; t; D'

 # delete the first 10 lines of a file
 sed '1,10d'

 # delete the last line of a file
 sed '$d'

 # delete the last 2 lines of a file
 sed 'N;$!P;$!D;$d'

 # delete the last 10 lines of a file
 sed -e :a -e '$d;N;2,10ba' -e 'P;D'   # method 1
 sed -n -e :a -e '1,10!{P;N;D;};N;ba'  # method 2

 # delete every 8th line
 gsed '0~8d'                           # GNU sed only
 sed 'n;n;n;n;n;n;n;d;'                # other seds

 # delete lines matching pattern
 sed '/pattern/d'

 # delete ALL blank lines from a file (same as "grep '.' ")
 sed '/^$/d'                           # method 1
 sed '/./!d'                           # method 2

 # delete all CONSECUTIVE blank lines from file except the first; also
 # deletes all blank lines from top and end of file (emulates "cat -s")
 sed '/./,/^$/!d'          # method 1, allows 0 blanks at top, 1 at EOF
 sed '/^$/N;/\n$/D'        # method 2, allows 1 blank at top, 0 at EOF

 # delete all CONSECUTIVE blank lines from file except the first 2:
 sed '/^$/N;/\n$/N;//D'

 # delete all leading blank lines at top of file
 sed '/./,$!d'

 # delete all trailing blank lines at end of file
 sed -e :a -e '/^\n*$/{$d;N;ba' -e '}'  # works on all seds
 sed -e :a -e '/^\n*$/N;/\n$/ba'        # ditto, except for gsed 3.02.*

 # delete the last line of each paragraph
 sed -n '/^$/{p;h;};/./{x;/./p;}'

SPECIAL APPLICATIONS:

 # remove nroff overstrikes (char, backspace) from man pages. The 'echo'
 # command may need an -e switch if you use Unix System V or bash shell.
 sed "s/.`echo \\\b`//g"    # double quotes required for Unix environment
 sed 's/.^H//g'             # in bash/tcsh, press Ctrl-V and then Ctrl-H
 sed 's/.\x08//g'           # hex expression for sed 1.5, GNU sed, ssed

 # get Usenet/e-mail message header
 sed '/^$/q'                # deletes everything after first blank line

 # get Usenet/e-mail message body
 sed '1,/^$/d'              # deletes everything up to first blank line

 # get Subject header, but remove initial "Subject: " portion
 sed '/^Subject: */!d; s///;q'

 # get return address header
 sed '/^Reply-To:/q; /^From:/h; /./d;g;q'

 # parse out the address proper. Pulls out the e-mail address by itself
 # from the 1-line return address header (see preceding script)
 sed 's/ *(.*)//; s/>.*//; s/.*[:<] *//'

 # add a leading angle bracket and space to each line (quote a message)
 sed 's/^/> /'

 # delete leading angle bracket & space from each line (unquote a message)
 sed 's/^> //'

 # remove most HTML tags (accommodates multiple-line tags)
 sed -e :a -e 's/<[^>]*>//g;/</N;//ba'

 # extract multi-part uuencoded binaries, removing extraneous header
 # info, so that only the uuencoded portion remains. Files passed to
 # sed must be passed in the proper order. Version 1 can be entered
 # from the command line; version 2 can be made into an executable
 # Unix shell script. (Modified from a script by Rahul Dhesi.)
 sed '/^end/,/^begin/d' file1 file2 ... fileX | uudecode   # vers. 1
 sed '/^end/,/^begin/d' "$@" | uudecode                    # vers. 2

 # sort paragraphs of file alphabetically. Paragraphs are separated by blank
 # lines. GNU sed uses \v for vertical tab, or any unique char will do.
 sed '/./{H;d;};x;s/\n/={NL}=/g' file | sort | sed '1s/={NL}=//;s/={NL}=/\n/g'
 gsed '/./{H;d};x;y/\n/\v/' file | sort | sed '1s/\v//;y/\v/\n/'

 # zip up each .TXT file individually, deleting the source file and
 # setting the name of each .ZIP file to the basename of the .TXT file
 # (under DOS: the "dir /b" switch returns bare filenames in all caps).
 echo @echo off >zipup.bat
 dir /b *.txt | sed "s/^\(.*\)\.TXT/pkzip -mo \1 \1.TXT/" >>zipup.bat

TYPICAL USE: Sed takes one or more editing commands and applies all of
them, in sequence, to each line of input. After all the commands have
been applied to the first input line, that line is output and a second
input line is taken for processing, and the cycle repeats. The
preceding examples assume that input comes from the standard input
device (i.e, the console, normally this will be piped input). One or
more filenames can be appended to the command line if the input does
not come from stdin. Output is sent to stdout (the screen). Thus:

 cat filename | sed '10q'        # uses piped input
 sed '10q' filename              # same effect, avoids a useless "cat"
 sed '10q' filename > newfile    # redirects output to disk

For additional syntax instructions, including the way to apply editing
commands from a disk file instead of the command line, consult "sed &
awk, 2nd Edition," by Dale Dougherty and Arnold Robbins (O'Reilly,
1997; http://www.ora.com), "UNIX Text Processing," by Dale Dougherty
and Tim O'Reilly (Hayden Books, 1987) or the tutorials by Mike Arst
distributed in U-SEDIT2.ZIP (many sites). To fully exploit the power
of sed, one must understand "regular expressions." For this, see
"Mastering Regular Expressions" by Jeffrey Friedl (O'Reilly, 1997).
The manual ("man") pages on Unix systems may be helpful (try "man
sed", "man regexp", or the subsection on regular expressions in "man
ed"), but man pages are notoriously difficult. They are not written to
teach sed use or regexps to first-time users, but as a reference text
for those already acquainted with these tools.

QUOTING SYNTAX: The preceding examples use single quotes ('...')
instead of double quotes ("...") to enclose editing commands, since
sed is typically used on a Unix platform. Single quotes prevent the
Unix shell from intrepreting the dollar sign ($) and backquotes
(`...`), which are expanded by the shell if they are enclosed in
double quotes. Users of the "csh" shell and derivatives will also need
to quote the exclamation mark (!) with the backslash (i.e., \!) to
properly run the examples listed above, even within single quotes.
Versions of sed written for DOS invariably require double quotes
("...") instead of single quotes to enclose editing commands.

USE OF '\t' IN SED SCRIPTS: For clarity in documentation, we have used
the expression '\t' to indicate a tab character (0x09) in the scripts.
However, most versions of sed do not recognize the '\t' abbreviation,
so when typing these scripts from the command line, you should press
the TAB key instead. '\t' is supported as a regular expression
metacharacter in awk, perl, and HHsed, sedmod, and GNU sed v3.02.80.

VERSIONS OF SED: Versions of sed do differ, and some slight syntax
variation is to be expected. In particular, most do not support the
use of labels (:name) or branch instructions (b,t) within editing
commands, except at the end of those commands. We have used the syntax
which will be portable to most users of sed, even though the popular
GNU versions of sed allow a more succinct syntax. When the reader sees
a fairly long command such as this:

   sed -e '/AAA/b' -e '/BBB/b' -e '/CCC/b' -e d

it is heartening to know that GNU sed will let you reduce it to:

   sed '/AAA/b;/BBB/b;/CCC/b;d'      # or even
   sed '/AAA\|BBB\|CCC/b;d'

In addition, remember that while many versions of sed accept a command
like "/one/ s/RE1/RE2/", some do NOT allow "/one/! s/RE1/RE2/", which
contains space before the 's'. Omit the space when typing the command.

OPTIMIZING FOR SPEED: If execution speed needs to be increased (due to
large input files or slow processors or hard disks), substitution will
be executed more quickly if the "find" expression is specified before
giving the "s/.../.../" instruction. Thus:

   sed 's/foo/bar/g' filename         # standard replace command
   sed '/foo/ s/foo/bar/g' filename   # executes more quickly
   sed '/foo/ s//bar/g' filename      # shorthand sed syntax

On line selection or deletion in which you only need to output lines
from the first part of the file, a "quit" command (q) in the script
will drastically reduce processing time for large files. Thus:

   sed -n '45,50p' filename           # print line nos. 45-50 of a file
   sed -n '51q;45,50p' filename       # same, but executes much faster

If you have any additional scripts to contribute or if you find errors
in this document, please send e-mail to the compiler. Indicate the
version of sed you used, the operating system it was compiled for, and
the nature of the problem. To qualify as a one-liner, the command line
must be 65 characters or less. Various scripts in this file have been
written or contributed by:

 Al Aab                   # founder of "seders" list
 Edgar Allen              # various
 Yiorgos Adamopoulos      # various
 Dale Dougherty           # author of "sed & awk"
 Carlos Duarte            # author of "do it with sed"
 Eric Pement              # author of this document
 Ken Pizzini              # author of GNU sed v3.02
 S.G. Ravenhall           # great de-html script
 Greg Ubben               # many contributions & much help
-------------------------------------------------------------------------