【9.18】正则表达式——grep
9.1 正则介绍_grep上
-
什么是正则?
正则就是一串有规律的字符串
掌握好正则对于编写shell脚本有很大帮助
各种编程语言中都有正则,原理是一样的
本章将要学习 grep / egrep 、sed、awk -
正则的格式:
grep [-cinvABC] ‘关键词’ 文件名
选项 | 含义 |
---|---|
-c | 计算符合范本样式的列数 |
-i | 不区分大小写 |
-n | 在显示符合范本样式的那一列之前,标示出该列的编号 |
-v | 反向查找 |
-r | 遍历所有子目录 |
-A | 后面跟数字,过滤出符合要求的行以及下面 n 行 |
-B | 同上,过滤出符合要求的行以及上面 n 行 |
-C | 同上,同时过滤出符合要求的行以及上下各 n 行 |
- 准备工作:cp /etc/passwd 到新建的 grep 目录下
[root@arslinux-01 ~]# mkdir grep
[root@arslinux-01 ~]# cd grep/
[root@arslinux-01 grep]# cp /etc/passwd .
[root@arslinux-01 grep]# ls
passwd
[root@arslinux-01 grep]# grep 'nologin' passwd
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
user4:x:1006:1005::/home/arslinux:/sbin/nologin
- grep -c 计算符合范本样式的列数
[root@arslinux-01 grep]# grep -c 'nologin' passwd
16
- grep -n 在显示符合范本样式的那一列之前,标示出该列的编号
[root@arslinux-01 grep]# grep -n 'nologin' passwd
2:bin:x:1:1:bin:/bin:/sbin/nologin
3:daemon:x:2:2:daemon:/sbin:/sbin/nologin
4:adm:x:3:4:adm:/var/adm:/sbin/nologin
5:lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
9:mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
10:operator:x:11:0:operator:/root:/sbin/nologin
11:games:x:12:100:games:/usr/games:/sbin/nologin
12:ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
13:nobody:x:99:99:Nobody:/:/sbin/nologin
14:systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
15:dbus:x:81:81:System message bus:/:/sbin/nologin
16:polkitd:x:999:998:User for polkitd:/:/sbin/nologin
17:sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
18:postfix:x:89:89::/var/spool/postfix:/sbin/nologin
19:chrony:x:998:996::/var/lib/chrony:/sbin/nologin
24:user4:x:1006:1005::/home/arslinux:/sbin/nologin
- 将 passwd 文件中其中一个 nologin 更换成 NOlogin,然后试验不区分大小写
grep -i 不区分大小写
[root@arslinux-01 grep]# grep -n 'nologin' passwd
2:bin:x:1:1:bin:/bin:/sbin/nologin
3:daemon:x:2:2:daemon:/sbin:/sbin/nologin
4:adm:x:3:4:adm:/var/adm:/sbin/nologin
9:mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
10:operator:x:11:0:operator:/root:/sbin/nologin
11:games:x:12:100:games:/usr/games:/sbin/nologin
12:ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
13:nobody:x:99:99:Nobody:/:/sbin/nologin
14:systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
15:dbus:x:81:81:System message bus:/:/sbin/nologin
16:polkitd:x:999:998:User for polkitd:/:/sbin/nologin
17:sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
18:postfix:x:89:89::/var/spool/postfix:/sbin/nologin
19:chrony:x:998:996::/var/lib/chrony:/sbin/nologin
24:user4:x:1006:1005::/home/arslinux:/sbin/nologin
[root@arslinux-01 grep]# grep -in 'nologin' passwd
2:bin:x:1:1:bin:/bin:/sbin/nologin
3:daemon:x:2:2:daemon:/sbin:/sbin/nologin
4:adm:x:3:4:adm:/var/adm:/sbin/nologin
5:lp:x:4:7:lp:/var/spool/lpd:/sbin/NOlogin
9:mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
10:operator:x:11:0:operator:/root:/sbin/nologin
11:games:x:12:100:games:/usr/games:/sbin/nologin
12:ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
13:nobody:x:99:99:Nobody:/:/sbin/nologin
14:systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
15:dbus:x:81:81:System message bus:/:/sbin/nologin
16:polkitd:x:999:998:User for polkitd:/:/sbin/nologin
17:sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
18:postfix:x:89:89::/var/spool/postfix:/sbin/nologin
19:chrony:x:998:996::/var/lib/chrony:/sbin/nologin
24:user4:x:1006:1005::/home/arslinux:/sbin/nologin
第 5 行在使用 i 选项之前没有显示出来,因为尾部的 NOlogin
- grep -v 反向查找(显示剩余的行)
[root@arslinux-01 grep]# grep -ivn 'nologin' passwd
1:root:x:0:0:root:/root:/bin/bash
6:sync:x:5:0:sync:/sbin:/bin/sync
7:shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
8:halt:x:7:0:halt:/sbin:/sbin/halt
20:arslinux:x:1000:1000::/home/arslinux:/bin/bash
21:user1:x:1001:1001::/home/user1:/bin/bash
22:user2:x:1002:1006::/home/user2:/bin/bash
23:user3:x:1004:1005::/home/user3:/bin/bash
25:user5:x:1007:1007::/home/user5:/bin/bash
26:user6:x:1008:1010::/home/user6:/bin/bash
- grep -r 遍历所有子目录
[root@arslinux-01 grep]# grep -r 'Streaming' /etc/
匹配到二进制文件 /etc/udev/hwdb.bin
/etc/services:nmsp 537/tcp # Networked Media Streaming Protocol
/etc/services:nmsp 537/udp # Networked Media Streaming Protocol
/etc/services:h263-video 2979/tcp # H.263 Video Streaming
/etc/services:h263-video 2979/udp # H.263 Video Streaming
/etc/services:daqstream 7411/tcp # Streaming of measurement
/etc/services:daqstream 7411/udp # Streaming of measurement
/etc/services:hp-pdl-datastr 9100/udp pdl-datastream # PDL Data Streaming Port
/etc/services:bmdss 13823/tcp # Blackmagic Design Streaming Server
- grep -A数字 过滤出符合要求的行以及后面几行(具体几行由 A 后面的数字决定)
[root@arslinux-01 grep]# grep -nA2 'root' passwd
1:root:x:0:0:root:/root:/bin/bash
2-bin:x:1:1:bin:/bin:/sbin/nologin
3-daemon:x:2:2:daemon:/sbin:/sbin/nologin
--
10:operator:x:11:0:operator:/root:/sbin/nologin
11-games:x:12:100:games:/usr/games:/sbin/nologin
12-ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
上面的例子中,过滤出了第一行及它的后两行,第十行及它的后两行
- grep -B数字 和A相反,是该行和该行的上几行
[root@arslinux-01 grep]# grep -nA2 'root' passwd
1:root:x:0:0:root:/root:/bin/bash
2-bin:x:1:1:bin:/bin:/sbin/nologin
3-daemon:x:2:2:daemon:/sbin:/sbin/nologin
--
10:operator:x:11:0:operator:/root:/sbin/nologin
11-games:x:12:100:games:/usr/games:/sbin/nologin
12-ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- grep -C数字 过滤出符合要求的行和该行的上下各两行
[root@arslinux-01 grep]# grep -nC2 'root' passwd
1:root:x:0:0:root:/root:/bin/bash
2-bin:x:1:1:bin:/bin:/sbin/nologin
3-daemon:x:2:2:daemon:/sbin:/sbin/nologin
--
8-halt:x:7:0:halt:/sbin:/sbin/halt
9-mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
10:operator:x:11:0:operator:/root:/sbin/nologin
11-games:x:12:100:games:/usr/games:/sbin/nologin
12-ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- grep --include ‘关键词’ 文件名 过滤
例:把一个目录下,过滤所有*.php文档中含有eval的行
[root@arslinux-01 grep]# grep -r --include="*.php"'vale' /data/
9.2 grep中
- 包含数字的行
[root@arslinux-01 grep]# cp /etc/inittab .
[root@arslinux-01 grep]# grep '[0-9]' /etc/inittab
# multi-user.target: analogous to runlevel 3
# graphical.target: analogous to runlevel 5
- 不包含数字的行
[root@arslinux-01 grep]# grep -v '[0-9]' /etc/inittab
# inittab is no longer used when using systemd.
#
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses 'targets' instead of runlevels. By default, there are two main targets:
#
#
# To view current default target, run:
# systemctl get-default
#
# To set a default target, run:
# systemctl set-default TARGET.target
#
[root@arslinux-01 grep]#
- 以 # 开头的行,^表示开头
[root@arslinux-01 grep]# grep '^#' inittab
# inittab is no longer used when using systemd.
#
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses 'targets' instead of runlevels. By default, there are two main targets:
#
# multi-user.target: analogous to runlevel 3
# graphical.target: analogous to runlevel 5
# To view current default target, run:
# systemctl get-default
#
# To set a default target, run:
# systemctl set-default TARGET.target
#
- 不以 # 开头的行
在inittab文件中刚加入不含 # 开头的一些行,然后在过滤
[root@arslinux-01 grep]# grep -v '^#' inittab
&,&&&adsfda
111111111a3333333
adslfkjas;dkfja;lsdkfja;l
aaaaaaa
11111111
- 含有非数字的行,^ 在括号里表示非
[root@arslinux-01 grep]# grep '[^0-9]' inittab
# inittab is no longer used when using systemd.
#
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses 'targets' instead of runlevels. By default, there are two main targets:
&,&&&adsfda
#
111111111a3333333
# multi-user.target: analogous to runlevel 3
# graphical.target: analogous to runlevel 5
adslfkjas;dkfja;lsdkfja;l
# To view current default target, run:
# systemctl get-default
aaaaaaa
#
# To set a default target, run:
# systemctl set-default TARGET.target
#
- 以非数字开头的行
[root@arslinux-01 grep]# grep '^[^0-9]' inittab
# inittab is no longer used when using systemd.
#
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses 'targets' instead of runlevels. By default, there are two main targets:
&,&&&adsfda
#
# multi-user.target: analogous to runlevel 3
# graphical.target: analogous to runlevel 5
adslfkjas;dkfja;lsdkfja;l
# To view current default target, run:
# systemctl get-default
aaaaaaa
#
# To set a default target, run:
# systemctl set-default TARGET.target
#
- 数字开头的行(以不是非数字开始的行)
[root@arslinux-01 grep]# grep -v '^[^0-9]' inittab
111111111a3333333
11111111
9.3 grep下
- 正则中的特殊符号:
特殊符号 | 含义 |
---|---|
. | 一个任意字符 |
* | *前面的字符重复任意次(*要和前面的字符组合起来用) |
.* | 通配,无论有没有字符都匹配 |
{} | 表示{}前面的字符重复次数范围 ,{2}前面字符重复2次 |
+ | +前面的字符重复1次或多次 |
? | ?前面的字符重复0次或1次 |
| | | 表示或者 |
. | | 表示任意一个字符 |
[root@arslinux-01 grep]# grep 'r.o' passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
roooooooooooooooot
- * 表示 * 前的字符重复任意次
[root@arslinux-01 grep]# grep 'ro*o' passwd
root:x:0:0:root:/root:/bin/bash
ada:ro.odaf
operator:x:11:0:operator:/root:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
roooooooooooooooot
- .* 通配,无论有没有字符都匹配(任意个任意字符)
[root@arslinux-01 grep]# grep '.*' passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/NOlogin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
ada:ro.odaf
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
arslinux:x:1000:1000::/home/arslinux:/bin/bash
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1006::/home/user2:/bin/bash
user3:x:1004:1005::/home/user3:/bin/bash
user4:x:1006:1005::/home/arslinux:/sbin/nologin
user5:x:1007:1007::/home/user5:/bin/bash
user6:x:1008:1010::/home/user6:/bin/bash
roooooooooooooooot
- {} 表示{}前面的字符重复次数范围 ,{2}前面字符重复2次,{}需要脱义
[root@arslinux-01 grep]# grep 'o\{2\}' passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/NOlogin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
roooooooooooooooot
- o 出现 0 次或 3 次
[root@arslinux-01 grep]# grep 'o\{0,3\}' passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/NOlogin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
ada:ro.odaf
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
arslinux:x:1000:1000::/home/arslinux:/bin/bash
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1006::/home/user2:/bin/bash
user3:x:1004:1005::/home/user3:/bin/bash
user4:x:1006:1005::/home/arslinux:/sbin/nologin
user5:x:1007:1007::/home/user5:/bin/bash
user6:x:1008:1010::/home/user6:/bin/bash
roooooooooooooooot
- egrep = grep -E
- 如果不想用脱义符,那么用 egrep 或 grep -E
[root@arslinux-01 grep]# egrep 'o{2}' passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/NOlogin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
roooooooooooooooot
[root@arslinux-01 grep]# egrep '(oo){2}' passwd
roooooooooooooooot
- + 表示在 + 前面的字符重复 1 次或多次
[root@arslinux-01 grep]# egrep 'o+o' passwd
root:x:0:0:root:/root:/bin/bash
lp:x:4:7:lp:/var/spool/lpd:/sbin/NOlogin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
roooooooooooooooot
[root@arslinux-01 grep]# egrep 'o+b' passwd
nobody:x:99:99:Nobody:/:/sbin/nologin
- ? 表示在 ? 前面的字符重复 0 次或 1 次
[root@arslinux-01 grep]# egrep 'o?b' passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/NOlogin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
arslinux:x:1000:1000::/home/arslinux:/bin/bash
user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1006::/home/user2:/bin/bash
user3:x:1004:1005::/home/user3:/bin/bash
user4:x:1006:1005::/home/arslinux:/sbin/nologin
user5:x:1007:1007::/home/user5:/bin/bash
user6:x:1008:1010::/home/user6:/bin/bash
- | | 表示或者
[root@arslinux-01 grep]# egrep 'root|nologin' passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
user4:x:1006:1005::/home/arslinux:/sbin/nologin
- 易混淆:
? 0或1
+ 1或多
* 任意
参考资料:
http://man.linuxde.net/grep
http://man.linuxde.net/egrep