Linux Production Shell Scripts
This skill should be used when the user asks to "create bash scripts", "automate Linux tasks", "monitor system resources", "backup files", "manage users", or "write production shell scripts". It provides ready-to-use shell script templates for system administration.
What this skill does
# Linux Production Shell Scripts
## Purpose
Provide production-ready shell script templates for common Linux system administration tasks including backups, monitoring, user management, log analysis, and automation. These scripts serve as building blocks for security operations and penetration testing environments.
## Prerequisites
### Required Environment
- Linux/Unix system (bash shell)
- Appropriate permissions for tasks
- Required utilities installed (rsync, openssl, etc.)
### Required Knowledge
- Basic bash scripting
- Linux file system structure
- System administration concepts
## Outputs and Deliverables
1. **Backup Solutions** - Automated file and database backups
2. **Monitoring Scripts** - Resource usage tracking
3. **Automation Tools** - Scheduled task execution
4. **Security Scripts** - Password management, encryption
## Core Workflow
### Phase 1: File Backup Scripts
**Basic Directory Backup**
```bash
#!/bin/bash
backup_dir="/path/to/backup"
source_dir="/path/to/source"
# Create a timestamped backup of the source directory
tar -czf "$backup_dir/backup_$(date +%Y%m%d_%H%M%S).tar.gz" "$source_dir"
echo "Backup completed: backup_$(date +%Y%m%d_%H%M%S).tar.gz"
```
**Remote Server Backup**
```bash
#!/bin/bash
source_dir="/path/to/source"
remote_server="user@remoteserver:/path/to/backup"
# Backup files/directories to a remote server using rsync
rsync -avz --progress "$source_dir" "$remote_server"
echo "Files backed up to remote server."
```
**Backup Rotation Script**
```bash
#!/bin/bash
backup_dir="/path/to/backups"
max_backups=5
# Rotate backups by deleting the oldest if more than max_backups
while [ $(ls -1 "$backup_dir" | wc -l) -gt "$max_backups" ]; do
oldest_backup=$(ls -1t "$backup_dir" | tail -n 1)
rm -r "$backup_dir/$oldest_backup"
echo "Removed old backup: $oldest_backup"
done
echo "Backup rotation completed."
```
**Database Backup Script**
```bash
#!/bin/bash
database_name="your_database"
db_user="username"
db_pass="password"
output_file="database_backup_$(date +%Y%m%d).sql"
# Perform database backup using mysqldump
mysqldump -u "$db_user" -p"$db_pass" "$database_name" > "$output_file"
gzip "$output_file"
echo "Database backup created: $output_file.gz"
```
### Phase 2: System Monitoring Scripts
**CPU Usage Monitor**
```bash
#!/bin/bash
threshold=90
# Monitor CPU usage and trigger alert if threshold exceeded
cpu_usage=$(top -bn1 | grep "Cpu(s)" | awk '{print $2}' | cut -d. -f1)
if [ "$cpu_usage" -gt "$threshold" ]; then
echo "ALERT: High CPU usage detected: $cpu_usage%"
# Add notification logic (email, slack, etc.)
# mail -s "CPU Alert" [email protected] <<< "CPU usage: $cpu_usage%"
fi
```
**Disk Space Monitor**
```bash
#!/bin/bash
threshold=90
partition="/dev/sda1"
# Monitor disk usage and trigger alert if threshold exceeded
disk_usage=$(df -h | grep "$partition" | awk '{print $5}' | cut -d% -f1)
if [ "$disk_usage" -gt "$threshold" ]; then
echo "ALERT: High disk usage detected: $disk_usage%"
# Add alert/notification logic here
fi
```
**CPU Usage Logger**
```bash
#!/bin/bash
output_file="cpu_usage_log.txt"
# Log current CPU usage to a file with timestamp
timestamp=$(date '+%Y-%m-%d %H:%M:%S')
cpu_usage=$(top -bn1 | grep 'Cpu(s)' | awk '{print $2}' | cut -d. -f1)
echo "$timestamp - CPU Usage: $cpu_usage%" >> "$output_file"
echo "CPU usage logged."
```
**System Health Check**
```bash
#!/bin/bash
output_file="system_health_check.txt"
# Perform system health check and save results to a file
{
echo "System Health Check - $(date)"
echo "================================"
echo ""
echo "Uptime:"
uptime
echo ""
echo "Load Average:"
cat /proc/loadavg
echo ""
echo "Memory Usage:"
free -h
echo ""
echo "Disk Usage:"
df -h
echo ""
echo "Top Processes:"
ps aux --sort=-%cpu | head -10
} > "$output_file"
echo "System health check saved to $output_file"
```
### Phase 3: User Management Scripts
**User Account Creation**
```bash
#!/bin/bash
username="newuser"
# Check if user exists; if not, create new user
if id "$username" &>/dev/null; then
echo "User $username already exists."
else
useradd -m -s /bin/bash "$username"
echo "User $username created."
# Set password interactively
passwd "$username"
fi
```
**Password Expiry Checker**
```bash
#!/bin/bash
output_file="password_expiry_report.txt"
# Check password expiry for users with bash shell
echo "Password Expiry Report - $(date)" > "$output_file"
echo "=================================" >> "$output_file"
IFS=$'\n'
for user in $(grep "/bin/bash" /etc/passwd | cut -d: -f1); do
password_expires=$(chage -l "$user" 2>/dev/null | grep "Password expires" | awk -F: '{print $2}')
echo "User: $user - Password Expires: $password_expires" >> "$output_file"
done
unset IFS
echo "Password expiry report saved to $output_file"
```
### Phase 4: Security Scripts
**Password Generator**
```bash
#!/bin/bash
length=${1:-16}
# Generate a random password
password=$(openssl rand -base64 48 | tr -dc 'a-zA-Z0-9!@#$%^&*' | head -c"$length")
echo "Generated password: $password"
```
**File Encryption Script**
```bash
#!/bin/bash
file="$1"
action="${2:-encrypt}"
if [ -z "$file" ]; then
echo "Usage: $0 <file> [encrypt|decrypt]"
exit 1
fi
if [ "$action" == "encrypt" ]; then
# Encrypt file using AES-256-CBC
openssl enc -aes-256-cbc -salt -pbkdf2 -in "$file" -out "$file.enc"
echo "File encrypted: $file.enc"
elif [ "$action" == "decrypt" ]; then
# Decrypt file
output_file="${file%.enc}"
openssl enc -aes-256-cbc -d -pbkdf2 -in "$file" -out "$output_file"
echo "File decrypted: $output_file"
fi
```
### Phase 5: Log Analysis Scripts
**Error Log Extractor**
```bash
#!/bin/bash
logfile="${1:-/var/log/syslog}"
output_file="error_log_$(date +%Y%m%d).txt"
# Extract lines with "ERROR" from the log file
grep -i "error\|fail\|critical" "$logfile" > "$output_file"
echo "Error log created: $output_file"
echo "Total errors found: $(wc -l < "$output_file")"
```
**Web Server Log Analyzer**
```bash
#!/bin/bash
log_file="${1:-/var/log/apache2/access.log}"
echo "Web Server Log Analysis"
echo "========================"
echo ""
echo "Top 10 IP Addresses:"
awk '{print $1}' "$log_file" | sort | uniq -c | sort -rn | head -10
echo ""
echo "Top 10 Requested URLs:"
awk '{print $7}' "$log_file" | sort | uniq -c | sort -rn | head -10
echo ""
echo "HTTP Status Code Distribution:"
awk '{print $9}' "$log_file" | sort | uniq -c | sort -rn
```
### Phase 6: Network Scripts
**Network Connectivity Checker**
```bash
#!/bin/bash
hosts=("8.8.8.8" "1.1.1.1" "google.com")
echo "Network Connectivity Check"
echo "=========================="
for host in "${hosts[@]}"; do
if ping -c 1 -W 2 "$host" &>/dev/null; then
echo "[UP] $host is reachable"
else
echo "[DOWN] $host is unreachable"
fi
done
```
**Website Uptime Checker**
```bash
#!/bin/bash
websites=("https://google.com" "https://github.com")
log_file="uptime_log.txt"
echo "Website Uptime Check - $(date)" >> "$log_file"
for website in "${websites[@]}"; do
if curl --output /dev/null --silent --head --fail --max-time 10 "$website"; then
echo "[UP] $website is accessible" | tee -a "$log_file"
else
echo "[DOWN] $website is inaccessible" | tee -a "$log_file"
fi
done
```
**Network Interface Info**
```bash
#!/bin/bash
interface="${1:-eth0}"
echo "Network Interface Information: $interface"
echo "========================================="
ip addr show "$interface" 2>/dev/null || ifconfig "$interface" 2>/dev/null
echo ""
echo "Routing Table:"
ip route | grep "$interface"
```
### Phase 7: Automation Scripts
**Automated Package Installation**
```bash
#!/bin/bash
packages=("vim" "htop" "curl" "wget" "git")
echo "Installing packages..."
for package in "${packages[@]}"; do
if dpkg -l | grep -q "^ii $package"; then
echo "[SKIP] $package is already installed"
Related in General
modeling-omnistudio-epc-catalog
IncludedSalesforce Industries CME EPC product-modeling skill for Product2-based catalog creation. Use when creating EPC products, configuring product attributes, building offer bundles with Product Child Items, or reviewing EPC DataPack JSON metadata for product catalog changes. TRIGGER when: user creates or updates Product2 EPC records, AttributeAssignment payloads, AttributeMetadata/AttributeDefaultValues, Offer bundles, or ProductChildItem relationships. DO NOT TRIGGER when: designing OmniScripts/FlexCards/Integration Procedures (use building-omnistudio-omniscript, building-omnistudio-flexcard, or building-omnistudio-integration-procedure), implementing Apex business logic (use generating-apex), or troubleshooting deployment pipelines (use deploying-metadata).
relationship-science-coach
IncludedUse this skill for direct, practical adult relationship coaching: couples conflict, repair, trust, marriage, dating, flirting, attachment patterns, emotional connection, sex, desire differences, eroticism, kink negotiation, affection, love languages, breakups, and long-term passion. Draw on Gottman, EFT and Hold Me Tight, attachment science, modern sex research, Perel, Nagoski, Kerner, Schnarch, Love and Stosny, and flexible love-language tools. Be concrete and low-hedge. Redirect only for imminent danger, abuse, coercive control, minors, non-consent, self-harm, stalking, or medical/legal/psychiatric decisions.
building-sf-integrations
IncludedSalesforce integration architecture and runtime plumbing with 120-point scoring. Use this skill to set up Named Credentials, External Credentials, External Services, REST/SOAP callout patterns, Platform Events, and Change Data Capture. TRIGGER when: user sets up Named Credentials, External Services, REST/SOAP callouts, Platform Events, CDC, or touches .namedCredential-meta.xml files. DO NOT TRIGGER when: Connected App/OAuth config (use configuring-connected-apps), Apex-only logic (use generating-apex), or data import/export (use handling-sf-data).
venue-templates
IncludedAccess comprehensive LaTeX templates, formatting requirements, and submission guidelines for major scientific publication venues (Nature, Science, PLOS, IEEE, ACM), academic conferences (NeurIPS, ICML, CVPR, CHI), research posters, and grant proposals (NSF, NIH, DOE, DARPA). This skill should be used when preparing manuscripts for journal submission, conference papers, research posters, or grant proposals and need venue-specific formatting requirements and templates.
let-fate-decide
IncludedDraws the 12 Houses of the Zodiac Tarot spread to inject entropy into planning when prompts are vague, ambiguous, or casually delegated. Interprets the spread to guide next steps. Use when the user says 'let fate decide', 'YOLO', 'whatever', 'idk', or other nonchalant phrases, makes Yu-Gi-Oh references, or when you are about to arbitrarily pick between multiple reasonable approaches. Prefer over ask-questions-if-underspecified when the user's tone is casual or playful rather than precision-seeking.
net-ops
IncludedCross-platform network troubleshooting (Windows, macOS, Linux) via local or remote shell. Use for: DNS broken, can't resolve hostnames, nslookup/dig works but apps fail, NRPT, WFP, scutil, /etc/resolver, systemd-resolved, /etc/resolv.conf, NetworkManager, VPN DNS leak residue (ProtonVPN/Mullvad/WireGuard/AnyConnect), AV/firewall blocking DNS or DoH, Tailscale DNS interaction, intermittent connectivity, remote diagnostics over SSH.