Skip to main content

Sed Cheatsheet

·4 mins

1. Change the Shell for All Users:

sed -i 's/bin\/sh | \/bin\/bash | /' /etc/passwd

Explanation:

  • sed -i: This part tells sed to edit the file in-place (the -i flag).
  • s/pattern1/pattern2/g: This is the substitution command syntax. Here, it replaces:
    • pattern1: /bin/sh (or any shell path followed by a space)
    • pattern2: /bin/bash (the new shell path)
    • g: This flag tells sed to replace all occurrences in the line.

2. Update the IP Address:

sed -i 's/192.168.1.100/192.168.1.101/g' /etc/network/interfaces

Explanation:

  • Similar to the previous example, it replaces 192.168.1.100 with 192.168.1.101 in all occurrences within /etc/network/interfaces.

3. Replace a Username:

sed -i 's/olduser/newuser/g' /etc/ssh/sshd_config /etc/sudoers /etc/passwd

Explanation:

  • Replaces olduser with newuser in three files:
    • /etc/ssh/sshd_config (SSH configuration)
    • /etc/sudoers (sudo configuration)
    • /etc/passwd (user accounts)

4. Disable Root Login via SSH (Comment Out):

sed -i 's/^PermitRootLogin yes/#PermitRootLogin yes/' /etc/ssh/sshd_config

Explanation:

  • Inserts a # character at the beginning of the line containing PermitRootLogin yes, effectively commenting it out.
  • ^: Matches the beginning of the line.

5. Enable Root Login via SSH (Uncomment):

sed -i 's/^#\(PermitRootLogin yes\)/\1/' /etc/ssh/sshd_config

Explanation:

  • Removes the # character from the line containing PermitRootLogin yes, uncommenting it.
  • \( ... \): Captures a group of characters (PermitRootLogin yes in this case).
  • \1: References the captured group back in the replacement string.

6. Update DocumentRoot:

sed -i 's/DocumentRoot \/var\/www\/html | DocumentRoot \/var\/www\/public/' /etc/apache2/sites-available/000-default.conf

Explanation:

  • Replaces the existing DocumentRoot line with the new path (/var/www/public).
  • |: Separates the two possible patterns for the original DocumentRoot.

7. Change MySQL Database Host:

sed -i 's/host=localhost/host=dbserver.example.com/' /etc/my.cnf

Explanation:

  • Updates the host value in the my.cnf file.

8. Remove DEBUG Option:

sed -i '/DEBUG/d' /etc/application/config.conf

Explanation:

  • Deletes any lines containing DEBUG in the configuration file.

9. Change SSH Port:

sed -i 's/^Port 22/Port 2222/' /etc/ssh/sshd_config

Explanation:

  • Changes the default SSH port from 22 to 2222.

10. Replace ifconfig with ip:

sed -i 's/ifconfig/ip a/g' /usr/local/bin/*.sh

Explanation:

  • Replaces all occurrences of ifconfig with ip a in all shell scripts within /usr/local/bin.

11. Update a URL in the Root User’s Crontab File

sed -i 's|http://oldsite.com|https://newsite.com|g' /var/spool/cron/crontabs/root

Explanation:

  • sed -i: Edit the file in-place.
  • s|pattern1|pattern2|g: Substitute pattern1 with pattern2 globally.
    • pattern1: http://oldsite.com
    • pattern2: https://newsite.com
  • /var/spool/cron/crontabs/root: The file to modify.

Note: Modifying crontab files directly can be risky. Consider using crontab -l, editing the output, and then using crontab - to install the modified version for safety.

12. Set a Default Timeout Value in Nginx Configuration:

sed -i '/^Timeout/!s/$/\nTimeout 300/' /etc/nginx/nginx.conf

Explanation:

  • /^Timeout/!: Applies the substitution only to lines that don’t start with “Timeout”.
  • s/$/\nTimeout 300/: Appends a new line with “Timeout 300” at the end of the matching line.

13. Adjust File Permissions:

sed -i 's/chmod 777/chmod 755/g' /usr/local/bin/setup.sh

Explanation:

  • Replaces all occurrences of “chmod 777” with “chmod 755” in the specified script.

14. Update Log Rotation Policy:

sed -i 's/rotate 7/rotate 14/' /etc/logrotate.d/syslog

Explanation:

  • Changes the log rotation period from 7 days to 14 days in the syslog configuration.

15. Add ServerTokens Directive:

sed -i '/^#ServerTokens/a ServerTokens Prod' /etc/apache2/conf-available/security.conf

Explanation:

  • Appends “ServerTokens Prod” after the line starting with “#ServerTokens” in the security configuration.
  • a: Appends text after the matched line.

16. Replace Email Addresses:

sed -i 's/postmaster@oldmail.com/postmaster@newmail.com/g' /etc/postfix/main.cf

Explanation:

  • Replaces the old email address with the new one in the Postfix main configuration file.

17. Change Nginx Root Directory:

sed -i 's/root \/var\/www\/html;/root \/srv\/www;/' /etc/nginx/sites-available/default

Explanation:

  • Replaces the root directory path in the default Nginx configuration.

18. Find and Replace IP Addresses:

sed -i 's/10\.0\.0\.[0-9]\+/10.0.1.100/g' /etc/hosts /etc/resolv.conf

Explanation:

  • Replaces any IP address starting with “10.0.0.” with “10.0.1.100” in the specified files.

19. Batch Update SSL Certificate Paths:

sed -i 's|/etc/ssl/certs/oldcert.pem|/etc/ssl/certs/newcert.pem|' /etc/apache2/sites-available/*.conf

Explanation:

  • Replaces the old certificate path with the new one in all Apache configuration files within the specified directory.

20. Remove Trailing Whitespace:

sed -i 's/[ \t]*$//' /etc/ssh/sshd_config

Explanation:

  • Removes any trailing whitespace (spaces or tabs) from each line in the SSH configuration file.
  • [ \t]*: Matches zero or more spaces or tabs.
  • $: Matches the end of the line.