What is a shebang in Linux?

shebang script explained

Known as a a shebang or a bang line, this is just the characters at the very start of a Linux script. It is simply a hash or number sign followed by an exclamation point character (#!). This is then followed by the full path to the interpreter, for example /bin/bash

Think of it as a necessary code mark that tells the system the absolute path to the Bash interpreter and you’ll not have a problem.

More info on how to use and execute Linux scripts here

Four ways to execute a shell script

shebang script explainedIf you need to execute a shell script and can’t get your head around the conflicting information out there, I’ll try to clear things up. There are quite a few ways to execute a shell script and each has its pros and cons. If you are coming from a Windows environment where the file extension dictates how we handle the file, then try not to think like this. A script can have no extension but still be run. So, let’s take a look at our four ways to execute a shell script.


Execute shell script by calling the filename (Method 1)

This method simply changes into the script’s containing directory and calls the script’s file name to execute it.

We can change into the directory first


and then call the script thus:


Now, my preferred method is to consolidate these 2 lines into 1 , calling it from any directory by simply adding the full path to the file:


If you have the shebang at the start of this script, then it will be executed by using the command interpreter that is specified directly after it.

Execute shell script by specifying an interpreter (Method 2)

You can also run a shell script by specifying the interpreter. You do this by adding the preferred interpreter within the command thus:

Execute the script using the bash interpreter


Execute the script using the sh interpreter


There are usually several interpreters available such as bash, sh,  csh, ksh and more.  Note that if you use a different interpreter in the shebang, this will be overridden by the one you specify.

Execute shell script with . ./ (Method 3)

If you execute the shell script by using . ./ (aka ‘dot space dot slash’), it will not fork a sub shell and you’ll see it executed in the current shell.


Why do this? Well it’s normally used after we have changed something in the .bashrc or .bash_profile. Using this method of execution we won’t need to logout and login again.

Execute shell script with source command (Method 4)

source is a bash shell built-in command that executes the contents of the file, which is passed as argument, in the current shell. It has a synonym that you can use which is the dot or period (.)

This can replace the ‘dot space dot slash’ method.


A word of warning here though because ./ and source are not quite the same.

./myscript runs myscript as an executable file in a new shell
source myscript reads and executes commands in the current shell environment

To help further, ./myscript is not the same as . myscript, but . myscript is exactly the same as source myscript


Do you have a preferred method for executing shell scripts and if so, why? Let me know below.

Install mod_GeoIP2 on Apache2 in CentOS 7


If you need to install the excellent mod_geoip2 extension for Apache2 then it can be done fairly painlessly. First off, we need to make sure that we have gcc installed:


If you don’t have it then you could ‘yum install gcc’, but I prefer to install all development tools because they include gcc anyway:


Install the GeoIP development package


Install mod_geoip2 by fetching the latest version with wget. To check the latest version, take a look here first:



I’m installing 1.2.10 here with this, but replace the code in lines 1, 2 and 3 here with their latest version:


Now we use the apxs (Apache Extension Tool) to build our extension modules for Apache:


If you haven’t got apxs then you’ll need to install httpd-devel.

Be aware that this overwrites httpd so backup your server in case this fails or you get strange results.


If this fails with “Error: Nothing to do”, then it’s fairly common. You’ll probably find that /etc/yum.conf is blocking the installation. We can get around this by either editing the configuration file or typing:


You should now have mod_geoip2 installed on your server!

Who or what is [email protected]?


root notty whm ssh hackedIf you’re looking through WHM’s process manager and you see [email protected] mentioned as one of the processes, don’t be alarmed. It’s perfectly normal and it’s definitely not some hacker called ‘Notty’ who has suddenly got root permissions. Be honest, you’re here because you thought that 😉

You may also have seen sshd: [email protected] in the output of ps aux too.

Why notty?

The term ‘notty’ just represents ‘no tty’ which roughly translates as meaning ‘no terminal’. When you login locally to any Linux machine the terminal will always appear in the process list as ‘tty’. If a connection is made via SFTP or you are copying files with SCP (as I did here on a test server prior to bringing up the screenshot above) then it will show as no tty (notty).

Where does TTY come from?

Many years ago, user terminals that were connected to computers were clunky and noisy Electro-mechanical Teleprinters also known as Teletypewriters. They took the latter phrase and chopped some characters out to get the TTY abbreviation:

TeleTYpewriter = TTY

Since then, TTY has been used as the shortened name for a text-only console. Here’s a teletypewriter in action:



Now you can’t say that things haven’t progressed!



Use linux boot disk to repair a Windows NTFS disk fault

Yes, you can use a Linux boot CD to repair a Windows NTFS disk fault. Linux ships with a utility called badblocks. Badblocks is a Linux command in its own right that has several different modes to be able to detect bad sectors on our hard disk. Once found, it saves the references to these bad sectors in a text file so we can tell the operating system to avoid storing data on them.

For the explanation below though, I’ll be using the fsck command. Why’s that? Well fsck is a really powerful command that actually runs those relatively complicated badblocks commands for you, checking or repairing errors in your filesystem and doing all the leg work for you.

Geek fact – fsck stands for “File System Consistency checK” which you can amaze your friends down the pub with. Or not…

Let’s open a terminal window and fire up this bad boy then. You’ll need superuser/root permission to run each of these commands so I’ll add ‘sudo’ into them all. I like to start by running the parted command to list my drives:

This should output the installed drives to the screen so you can note down which one you want to work with.

Now let’s run fsck on the disk. Please note that this can take several hours depending on the speed of your system, the size and speed of your disk. If no filesystems are specified on the command line, and the -A option is not specified, fsck will default to checking filesystems in /etc/fstab serially.

IMPORTANT – We must unmount the disk first or data corruption may happen. To do this, open a terminal window and type:

Replace “sda1” with the disk you need to repair. Now we can run the fsck command safely against the drive:

This fsck command forces automatic bad block checking and it automatically marks all known bad sectors as bad too.

The switch options I often use are:

-m  I use this for safety because if the drive is mounted you won’t be able to scan (and corrupt) it this way.

-c   Displays completion/progress bars

-f   Force a check even if it is clean

-v  Verbose, because I like to see words!

 If you’re booting back into Linux, make sure that smartmontools is installed and enabled:

Enable “SMART” in your BIOS if it isn’t already and run an extended offline test with:

To see a nice overall view of system health, type:

Have a look at the relevant manpages for more info:


In my repair shop I only use HDD Regenerator these days.  It’s a bootable software that can fix errors on all types of disk, formatted in all manner of filesystems as used by Linux, Mac, Windows and more. We have this loaded on our drive test rig and repair hard drives daily with it.

If you want to make it easy and have a USB/CD/DVD bootable tool that will work safely on all the drives it comes up against I’d suggest you look at my hdd regenerator review here or buy it direct from their website here


Country codes for mod_security, CSF and htaccess

Her’s a list of useful country codes that we can use in many rule-based filtering situations on servers.

AD Andorra
AE United Arab Emirates
AF Afghanistan
AG Antigua and Barbuda
AI Anguilla
AL Albania
AM Armenia
AN Netherlands Antilles
AO Angola
AQ Antarctica
AR Argentina
AS American Samoa
AT Austria
AU Australia
AW Aruba
AZ Azerbaijan
BA Bosnia and Herzegovina
BB Barbados
BD Bangladesh
BE Belgium
BF Burkina Faso
BG Bulgaria
BH Bahrain
BI Burundi
BJ Benin
BM Bermuda
BN Brunei Darussalam
BO Bolivia
BR Brazil
BS Bahamas
BT Bhutan
BV Bouvet Island
BW Botswana
BY Belarus
BZ Belize
CA Canada
CC Cocos (Keeling) Islands
CF Central African Republic
CG Congo
CH Switzerland
CI Cote D’Ivoire (Ivory Coast)
CK Cook Islands
CL Chile
CM Cameroon
CN China
CO Colombia
CR Costa Rica
CS Czechoslovakia (former Republic)
CU Cuba
CV Cape Verde
CX Christmas Island
CY Cyprus
CZ Czech Republic
DE Germany
DJ Djibouti
DK Denmark
DM Dominica
DO Dominican Republic
DZ Algeria
EC Ecuador
EE Estonia
EG Egypt
EH Western Sahara
ER Eritrea
ES Spain
ET Ethiopia
FI Finland
FJ Fiji
FK Falkland Islands (Malvinas)
FM Micronesia
FO Faroe Islands
FR France
FX France, Metropolitan
GA Gabon
GB Great Britain (UK)
GD Grenada
GE Georgia
GF French Guiana
GH Ghana
GI Gibraltar
GL Greenland
GM Gambia
GN Guinea
GP Guadeloupe
GQ Equatorial Guinea
GR Greece
GS S. Georgia and S. Sandwich Isls.
GT Guatemala
GU Guam
GW Guinea-Bissau
GY Guyana
HK Hong Kong
HM Heard and McDonald Islands
HN Honduras
HR Croatia (Hrvatska)
HT Haiti
HU Hungary
ID Indonesia
IE Ireland
IL Israel
IN India
IO British Indian Ocean Territory
IQ Iraq
IR Iran
IS Iceland
IT Italy
JM Jamaica
JO Jordan
JP Japan
KE Kenya
KG Kyrgyzstan
KH Cambodia
KI Kiribati
KM Comoros
KN Saint Kitts and Nevis
KP Korea (North)
KR Korea (South)
KW Kuwait
KY Cayman Islands
KZ Kazakhstan
LA Laos
LB Lebanon
LC Saint Lucia
LI Liechtenstein
LK Sri Lanka
LR Liberia
LS Lesotho
LT Lithuania
LU Luxembourg
LV Latvia
LY Libya
MA Morocco
MC Monaco
MD Moldova
MG Madagascar
MH Marshall Islands
MK Macedonia
ML Mali
MM Myanmar
MN Mongolia
MO Macau
MP Northern Mariana Islands
MQ Martinique
MR Mauritania
MS Montserrat
MT Malta
MU Mauritius
MV Maldives
MW Malawi
MX Mexico
MY Malaysia
MZ Mozambique
NA Namibia
NC New Caledonia
NE Niger
NF Norfolk Island
NG Nigeria
NI Nicaragua
NL Netherlands
NO Norway
NP Nepal
NR Nauru
NT Neutral Zone
NU Niue
NZ New Zealand (Aotearoa)
OM Oman
PA Panama
PE Peru
PF French Polynesia
PG Papua New Guinea
PH Philippines
PK Pakistan
PL Poland
PM St. Pierre and Miquelon
PN Pitcairn
PR Puerto Rico
PT Portugal
PW Palau
PY Paraguay
QA Qatar
RE Reunion
RO Romania
RU Russian Federation
RW Rwanda
SA Saudi Arabia
Sb Solomon Islands
SC Seychelles
SD Sudan
SE Sweden
SG Singapore
SH St. Helena
SI Slovenia
SJ Svalbard and Jan Mayen Islands
SK Slovak Republic
SL Sierra Leone
SM San Marino
SN Senegal
SO Somalia
SR Suriname
ST Sao Tome and Principe
SU USSR (former)
SV El Salvador
SY Syria
SZ Swaziland
TC Turks and Caicos Islands
TD Chad
TF French Southern Territories
TG Togo
TH Thailand
TJ Tajikistan
TK Tokelau
TM Turkmenistan
TN Tunisia
TO Tonga
TP East Timor
TR Turkey
TT Trinidad and Tobago
TV Tuvalu
TW Taiwan
TZ Tanzania
UA Ukraine
UG Uganda
UK United Kingdom
UM US Minor Outlying Islands
US United States
UY Uruguay
UZ Uzbekistan
VA Vatican City State (Holy See)
VC Saint Vincent and the Grenadines
VE Venezuela
VG Virgin Islands (British)
VI Virgin Islands (U.S.)
VN Viet Nam
VU Vanuatu
WF Wallis and Futuna Islands
WS Samoa
YE Yemen
YT Mayotte
YU Yugoslavia
ZA South Africa
ZM Zambia
ZR Zaire
ZW Zimbabwe

A few lesser-used ones below, but for completeness here they are:

ARPA Arpanet
COM US Commercial
EDU US Educational
GOV US Government
INT International
MIL US Military
NATO Nato field
NET Network
ORG Non-Profit Organization

Scan a Linux server for viruses and malware

linux server virus scan


This article tries to explain, using my own experience of server management, how to scan a Linux server for viruses and malware.


You are probably here because you have something on your server already, very often pushing out spam emails to people via php files. Or maybe you have fallen victim to the Hacking Holy Grail – the attacker now has root access to your server. Let’s stop that now, eh?

This tutorial has screenshots from a CentOS server and this is what I used to create this guide. Your server may well be different but the principles I use are the same, you may have some detail changes to make regarding file paths. If you don’t understand anything drop me a comment or use a search engine to find your answer quickly.

Let’s start by running a virus scan with ClamAV, a free and useful antivirus. Presuming that it is not installed we would need to do this (skip to your OS below or jump to updating definitions if it is already installed):

Installing ClamAV on CentOS 5

Install EPEL5 http://fedoraproject.org/wiki/EPEL/FAQ#howtouse

Now we can install ClamAV using the yum package manager

Now turn on and start the clamd daemon

Installing ClamAV on CentOS 6

Install EPEL6 http://fedoraproject.org/wiki/EPEL/FAQ#howtouse

Install ClamAV using the yum package manager

Now turn on and start the clamd daemon

Installing ClamAV on Ubuntu/Debian/Mint

Install ClamAV using the apt-get package manager

The latest installer automatically creates default configuration files and launches the freshclam and clamd daemons. You don’t have to do anything else here which is a nice touch.

Righto, now let’s update the virus definitions…

Updating ClamAV virus definitions

For the sake of brevity, I’m presuming CentOS 6 from now on but it will be the same or similar for most Linux derivatives.

In /usr/local/cpanel/3rdparty/bin/ we can run this to get the latest definitions:

And now we can do a full scan with a full report sent to a log file of our choice:

/usr/local/cpanel/3rdparty/bin/clamscan -ri -l /path/to/log.file -r /path/to/be/scannned

For example:

Note: The tilde character denotes the home directory for that user and the wildcard (asterisk) denotes all users in the home directory. If you want to scan a single user’s home directory then simply put their name where the wildcard is.

In the files above we use some switches.

  • -r means that we recurse the subdirectories
  • –i means Clamscan will only list infected files (chained together with recurse above we get -ri)
  • -l means that Clamscan will log to the path you choose after it

For more help, run /usr/local/cpanel/3rdparty/bin/clamscan –help

Now it’s coffee time as your server is scanned over by ClamAV using the latest definitions. When it is finished you will see your bash prompt again. Ideally, you see that Clam reports no infections like this:

Clamscan linux server

While it’s running, try to have a look online for what may have caused the infection and see if it ties up with your Clam results. Very often we see that WordPress plugins have caused the issue. Why them? Well, think about it:

WordPress is the most popular Content Management System out there

  1. It’s used worldwide
  2. It’s often installed at the click of a button using tools such as Softaculous, so it’s dead easy to install
  3. It’s free, ‘Open Source’ software so attackers know the code inside out (well GNU GPL actually)
  4. There are a huge amount of free plugins available from developers around the world, many who have a less-than-basic grasp of how to code securely. Even the good ones get caught out!

Now my third point above is not really fair. It kind of insinuates that Open Source software is more unreliable in the security stakes. Quite the opposite in fact, vulnerabilities get plugged very quickly if there is an active community of developers. However, the sheer ubiquity of WordPress leads to it being a target in much the same way that Microsoft Windows is. The gains for an attack on WordPress are much more than one for Drupal (for example) purely because of the user base.

Even if a vulnerability is plugged with an update pretty fast, it still relies on the user being aware of the problem, downloading the update and applying it BEFORE someone exploits it.  To this end, a daily Clam scan is not a bad idea unless your server has lots of files on it or not many resources available to run the scan in a timely fashion.

Moving on from this virus scan, I would suggest that we look at what email your server is sending out. I detail it in this article here:

Find what emails are being sent from a Linux server


Find what emails are being sent from a Linux server

find-emails-sent-from-linux-serverIn this series of articles I am trying to help server admins and owners of VPS or Dedicated servers to find viruses or malware on their servers. Part of the diagnosis of your system is to see what emails are being sent out and from which accounts. Since spammers like to use compromised servers, I believe that it makes sense to check regularly that the emails being sent out roughly match what you would expect to see.

I have servers that I host client websites on. If a client who usually sends out 20 emails a month suddenly sends out 500 then this is cause for concern and I would immediately investigate the server for malware.

On linux systems, Exim (the mail transfer agent) already logs the working directory of messages sent to the queue by a script. Here’s an example of what you would expect to see in an exim_mainlog file:

Note: I like to use Notepad++ to analyze these large text files within Windows as other editors aren’t quite up to the task.

So it looks like there’s some function of the ‘fredbloggs’ website that auto-backs up the database, then sends a related email notice to whatever email address the webmaster provides, in this case, fredbloggs@gmail.com. The working directory for the generation of that message was “/home/fredbloggs/public_html”. Nothing suspicious here as we have an auto-backup program installed on this WordPress-powered website. Nothing to see here, move along please…

Here’s another example:

Again, possibly normal but I’d raise the question whether Jane changed her email address on WordPress. If not, this is cause for concern.  It’s a kind of detective work where you need to step back and look at all of the evidence to compile a big picture.

So, let’s run this beauty of a command against the exim_mainlog to give us an idea from which working directories our server gets messages sent to the mail queue:

The exim_mainlog records the arrival and delivery of all emails. It explains where the mail came from, to which address it was delivered, the hostname of the server and more. Additional details can be added to this log file by using extended logging in exim. Your output would be something like this on most systems:

So within the last 30 days, the /cforms directory has sent 8 messages to the queue. Cforms is a defunct WordPress plugin and now, as such, unsupported by the developer against exploits. Would you expect that Jane’s website should do that? A result like this isn’t necessarily suspicious as this is normal contact form use. Something like this, however, would be VERY suspicious:

I can’t think of a valid reason why an ‘images’ directory should be sending mail, so alarm bells would trigger and that’s definitely something I would look into further.

So, presuming we saw strange usage numbers or a bizarre path, let’s dig even deeper and look at what the Subject of Jane’s emails actually were, as this gives us an indication of spam activity. Change directory into /var/log

Now run this:

Nice, it returns a list like this which tells us all we want to know:

Again, no cause for concern and the only spammy one there would be the first one, already marked as such by Akismet.

If you have lots of adverts for cheap meds or blue pills in there then you need to find the offending code that’s pushing spam through your email system. Start with a virus scan on your Linux server

Hope this helps and feel free to drop me a comment below.


Setting up shared folders in virtual box

Here’s how to setup shared folders on a VirtualBox installation. I’ll take it one step further and map it to a drive that reconnects on logon, forcing it to be a persistent share.

First, setup guest additions with “Devices”, “Install guest additions”

Now share a folder on your host PC or Mac. Do this by creating a folder anywhere you like (let’s call it “vbshared”) and giving it at least read permissions. Read/write is fine too.
On Windows boxes, make sure that everyone has access, this can be locked down later if required.

Now we go back to VirtualBox and do “Devices”, “Shared folders” and under machine folders we add the one we just setup (vbshared). Tick “Make permanent” and OK both windows.

Now we’re going to restart the host PC, restart the VirtualBox (don’t just fire up a snapshot) and if the image is a Windows one, open up Explorer. In the address bar at the top, type in:


Press enter and you should see it pop up. Now we can map it to a drive by “Tools”, “Map network drive”, select a drive (eg z:) and retype the \\VBOXSVR\vbshared
Tick “Reconnect at logon” and there you have it, a working shared folder that maps to a drive and reconnects at logon!

For Linux machines, reinstalling Guest Additions often makes the share work afterwards.

Bash shell commands for Linux

My useful crib-list of Bash shell commands for Linux

adduser  Add a user to the system
addgroup Add a group to the system
alias    Create an alias
apropos  Search Help manual pages (man -k)
apt-get  Search for and install software packages (Debian/Ubuntu)
aptitude Search for and install software packages (Debian/Ubuntu)
aspell   Spell Checker
awk      Find and Replace text, database sort/validate/index

basename Strip directory and suffix from filenames
bash     Bourne-Again SHell
bc       Arbitrary precision calculator language
bg       Send to background
break    Exit from a loop
builtin  Run a shell builtin
bzip2    Compress or decompress named file(s)
cal      Display a calendar
case     Conditionally perform a command
cat      Display the contents of a file
cd       Change Directory
cfdisk   Partition table manipulator for Linux
chgrp    Change group ownership
chmod    Change access permissions
chown    Change file owner and group
chroot   Run a command with a different root directory
chkconfig System services (runlevel)
cksum    Print CRC checksum and byte counts
clear    Clear terminal screen
cmp      Compare two files
comm     Compare two sorted files line by line
command  Run a command – ignoring shell functions
continue Resume the next iteration of a loop
cp       Copy one or more files to another location
cron     Daemon to execute scheduled commands
crontab  Schedule a command to run at a later time
csplit   Split a file into context-determined pieces
cut      Divide a file into several parts
date     Display or change the date & time
dc       Desk Calculator
dd       Convert and copy a file, write disk headers, boot records
ddrescue Data recovery tool
declare  Declare variables and give them attributes
df       Display free disk space
diff     Display the differences between two files
diff3    Show differences among three files
dig      DNS lookup
dir      Briefly list directory contents
dircolors Colour setup for ls'
dirname  Convert a full pathname to just a path
dirs     Display list of remembered directories
dmesg    Print kernel & driver messages
du       Estimate file space usage
echo     Display message on screen
egrep    Search file(s) for lines that match an extended expression
eject    Eject removable media
enable   Enable and disable built in shell commands
env      Environment variables
ethtool  Ethernet card settings
eval     Evaluate several commands/arguments
exec     Execute a command
exit     Exit the shell
expect   Automate arbitrary applications accessed over a terminal
expand   Convert tabs to spaces
export   Set an environment variable
expr     Evaluate expressions
false    Do nothing, unsuccessfully
fdformat Low-level format a floppy disk
fdisk    Partition table manipulator for Linux
fg       Send job to foreground
fgrep    Search file(s) for lines that match a fixed string
file     Determine file type
find     Search for files that meet a desired criteria
fmt      Reformat paragraph text
fold     Wrap text to fit a specified width.
for      Expand words, and execute commands
format   Format disks or tapes
free     Display memory usage
fsck     File system consistency check and repair
ftp      File Transfer Protocol
function Define Function Macros
fuser    Identify/kill the process that is accessing a file

gawk     Find and Replace text within file(s)
getopts  Parse positional parameters
grep     Search file(s) for lines that match a given pattern
groups   Print group names a user is in
gzip     Compress or decompress named file(s)
hash     Remember the full pathname of a name argument
head     Output the first part of file(s)
help     Display help for a built-in command
history  Command History
hostname Print or set system name
id       Print user and group id's
if       Conditionally perform a command
ifconfig Configure a network interface
ifdown   Stop a network interface
ifup     Start a network interface up
import   Capture an X server screen and save the image to file
install  Copy files and set attributes
jobs     List active jobs •
join     Join lines on a common field
kill     Stop a process from running
killall  Kill processes by name
less     Display output one screen at a time
let      Perform arithmetic on shell variables
ln       Make links between files
local    Create variables •
locate   Find files
logname  Print current login name
logout   Exit a login shell
look     Display lines beginning with a given string
lpc      Line printer control program
lpr      Off line print
lprint   Print a file
lprintd  Abort a print job
lprintq  List the print queue
lprm     Remove jobs from the print queue
ls       List information about file(s)
lsof     List open files
make     Recompile a group of programs
man      Help manual
mkdir    Create new folder(s)
mkfifo   Make FIFOs (named pipes)
mkisofs  Create an hybrid ISO9660/JOLIET/HFS filesystem
mknod    Make block or character special files
more     Display output one screen at a time
mount    Mount a file system
mtools   Manipulate MS-DOS files
mtr      Network diagnostics (traceroute/ping)
mv       Move or rename files or directories
mmv      Mass Move and rename (files)
netstat  Networking information
nice     Set the priority of a command or job
nl       Number lines and write files
nohup    Run a command immune to hangups
notify-send  Send desktop notifications
nslookup Query Internet name servers interactively
open     Open a file in its default application
op       Operator access
passwd   Modify a user password
paste    Merge lines of files
pathchk  Check file name portability
ping     Test a network connection
pkill    Stop processes from running
popd     Restore the previous value of the current directory
pr       Prepare files for printing
printcap Printer capability database
printenv Print environment variables
printf   Format and print data
ps       Process status
pushd    Save and then change the current directory
pwd      Print Working Directory
quota    Display disk usage and limits
quotacheck Scan a file system for disk usage
quotactl Set disk quotas
ram      ram disk device
rcp      Copy files between two machines
read     Read a line from standard input
readarray Read from stdin into an array variable
readonly Mark variables/functions as readonly
reboot   Reboot the system
rename   Rename files
renice   Alter priority of running processes
remsync  Synchronize remote files via email
return   Exit a shell function
rev      Reverse lines of a file
rm       Remove files
rmdir    Remove folder(s)
rsync    Remote file copy (Synchronize file trees)
screen   Multiplex terminal, run remote shells via ssh
scp      Secure copy (remote file copy)
sdiff    Merge two files interactively
sed      Stream Editor
select   Accept keyboard input
seq      Print numeric sequences
set      Manipulate shell variables and functions
sftp     Secure File Transfer Program
shift    Shift positional parameters
shopt    Shell Options
shutdown Shutdown or restart linux
sleep    Delay for a specified time
slocate  Find files
sort     Sort text files
source   Run commands from a file
split    Split a file into fixed-size pieces
ssh      Secure Shell client (remote login program)
strace   Trace system calls and signals
su       Substitute user identity
sudo     Execute a command as another user
sum      Print a checksum for a file
suspend  Suspend execution of this shell
symlink  Make a new name for a file
sync     Synchronize data on disk with memory
tail     Output the last part of files
tar      Tape ARchiver
tee      Redirect output to multiple files
test     Evaluate a conditional expression
time     Measure Program running time
times    User and system times
touch    Change file timestamps
top      List processes running on the system
traceroute Trace Route to Host
trap     Run a command when a signal is set(bourne)
tr       Translate, squeeze, and/or delete characters
true     Do nothing, successfully
tsort    Topological sort
tty      Print filename of terminal on stdin
type     Describe a command
ulimit   Limit user resources
umask    Users file creation mask
umount   Unmount a device
unalias  Remove an alias
uname    Print system information
unexpand Convert spaces to tabs
uniq     Uniquify files
units    Convert units from one scale to another
unset    Remove variable or function names
unshar   Unpack shell archive scripts
until    Execute commands (until error)
useradd  Create new user account
usermod  Modify user account
users    List users currently logged in
uuencode Encode a binary file
uudecode Decode a file created by uuencode
v        Verbosely list directory contents (
ls -l -b’)
vdir     Verbosely list directory contents (ls -l -b')
vi       Text Editor
vmstat   Report virtual memory statistics
watch    Execute/display a program periodically
wc       Print byte, word, and line counts
whereis  Search the user's $path, man pages and source files for a program
which    Search the user's $path for a program file
while    Execute commands
who      Print all usernames currently logged in
whoami   Print the current user id and name (
id -un’)
Wget     Retrieve web pages or files via HTTP, HTTPS or FTP
write    Send a message to another user
xargs    Execute utility, passing constructed argument list(s)
xdg-open Open a file or URL in the user’s preferred application.

yes      Print a string until interrupted
.        Run a command script in the current shell
###      Comment or Remark