shell

shell.1.8 扩展正则表达式与egrep

luciferLeave a comment

 

一、egrep命令
支持扩展正则表达式实现类似于grep的文本过滤功能;
grep, egrep, fgrep – print lines matching a pattern

grep [OPTIONS] PATTERN [FILE…]
grep [OPTIONS] [-e PATTERN | -f FILE] [FILE…]

OPTIONS:
–color=auto : 对匹配到的文本着色后高亮显示;
-i, –ignore-case : 忽略字符大小写;
-o : 仅显示匹配到的字符串本身;
-v, –invert-match : 显示不能被模式匹配到的行;
-G : 支持基本正则表达式元字符;
-q, –quiet, –silent : 静默模式,即不输出任何信息;

二、扩展正则表达式元字符
字符匹配;
匹配次数;
位置锚定;
分组及引用;

2.1 字符匹配
.    : 匹配任意单个字符;
[]  : 匹配指定范围内的任意单个字符;
[^]: 匹配指定范围外的任意单个字符;

[[:upper:]] : 表示任意一个大写字母;
[[:lower:]] : 表示任意一个小写字母;
[[:alpha:]] : 表示任意一个字母—任意一个大写字母或者小写字母;
[[:digit:]] : 表示任意一个数字;
[[:alnum:]] : 表示任意一个字母(大写或者小写)或者数字;
[[:space:]] : 表示一个空白符号;
[[:punct:]] : 表示任意一个标点符号;

2.2 匹配次数
用在要指定其出现的次数的字符后面,用于限制其前面的字符出现的次数;

* : 匹配其前面的字符任意次,0次,1次,或多次;
.* : 匹配任意长度的任意字符;
? : 匹配其前面字符0次或1次;
+ : 匹配其前面的字符1次或多次;
{m} : 匹配其前面的字符 m 次;
{m,n} : 匹配其前面的字符至少 m 次,最多 n 次;

{0,n} : 至多 n 次;
{m,} : 至少 m 次;

2.3 位置锚定

^ : 行首锚定;用于模式的最左侧;
$ : 行尾锚定;用于模式的最右侧;
^PATTERN$ : 用 PATTERN 来匹配整行;
^$ : 空白行;
^[[:space:]]*$ : 空白行或包含空白字符的行;

\< 或 \b : 词首锚定,用于单词匹配模式的左侧;
\> 或 \b : 词尾锚定,用于单词匹配模式的右侧;
\<PATTERN\> : 匹配完整单词;

2.4 分组及引用
() : 将一个或多个字符捆绑在一起,当作一个整体进行处理;

分组括号中模式匹配到的内容,会被正则表达式引擎自动记录于内部的变量中,这些变量为:
\1 : 模式从左侧起,第一个左括号以及与之匹配的右括号之间的模式所匹配到的字符;
\2 : 模式从左侧起,第二个左括号以及与之匹配的右括号之间的模式所匹配到的字符;

后向引用:引用前面的分组括号中的模式所匹配到的字符;

2.5 或
C|cat : 表示C或者cat;
(C|c)at : 表示Cat或者cat;

理解如下:
1. 找出/proc/meminfo文件中,所有以大写或小写s开头的行

[root@localhost ~]# grep -E "^(S|s)" /proc/meminfo
SwapCached:           36 kB
SwapTotal:       2097148 kB
SwapFree:        2094936 kB
Shmem:             17188 kB
Slab:             155068 kB
SReclaimable:     107300 kB
SUnreclaim:        47768 kB
[root@localhost ~]# 

[root@localhost ~]# 
[root@localhost ~]# grep -i "^s" /proc/meminfo 
SwapCached:           36 kB
SwapTotal:       2097148 kB
SwapFree:        2094936 kB
Shmem:             17188 kB
Slab:             155068 kB
SReclaimable:     107300 kB
SUnreclaim:        47768 kB
[root@localhost ~]# 

[root@localhost ~]# grep  "^[sS]" /proc/meminfo 
SwapCached:           36 kB
SwapTotal:       2097148 kB
SwapFree:        2094936 kB
Shmem:             17188 kB
Slab:             155068 kB
SReclaimable:     107300 kB
SUnreclaim:        47768 kB
[root@localhost ~]# 
[root@localhost ~]#

2. 显示当前系统上root,centos,或maha用户的相关信息;

[root@localhost ~]# 
[root@localhost ~]# egrep "^(root|centos|maha)\>" /etc/passwd
root:x:0:0:root:/root:/bin/bash
centos:x:1000:1000::/home/centos:/bin/bash
maha:x:3006:3006::/home/bbb:/bin/bash
[root@localhost ~]#

3. 找出/etc/rc.d/init.d/functions文件中某单词后面跟一个小括号的行;

[root@localhost ~]# egrep "\<[[:alpha:]]+\>\(\)" /etc/rc.d/init.d/functions 
checkpid() {
daemon() {
killproc() {
pidfileofproc() {
pidofproc() {
status() {
success() {
failure() {
passed() {
warning() {
action() {
strstr() {
[root@localhost ~]# 

[root@localhost ~]# 
[root@localhost ~]# egrep "\<[[:alpha:]].*\>\(\)" /etc/rc.d/init.d/functions 
checkpid() {
daemon() {
killproc() {
pidfileofproc() {
pidofproc() {
status() {
echo_success() {
echo_failure() {
echo_passed() {
echo_warning() {
update_boot_stage() {
success() {
failure() {
passed() {
warning() {
action() {
strstr() {
is_ignored_file() {
is_true() {
is_false() {
apply_sysctl() {
[root@localhost ~]# 

[root@localhost ~]# egrep "[[:alpha:]]+\(\)" /etc/rc.d/init.d/functions 
checkpid() {
__kill_pids_term_kill_checkpids() {
__kill_pids_term_kill() {
__pids_var_run() {
__pids_pidof() {
daemon() {
killproc() {
pidfileofproc() {
pidofproc() {
status() {
echo_success() {
echo_failure() {
echo_passed() {
echo_warning() {
update_boot_stage() {
success() {
failure() {
passed() {
warning() {
action() {
strstr() {
is_ignored_file() {
is_true() {
is_false() {
apply_sysctl() {
[root@localhost ~]# 

[root@localhost ~]# 
[root@localhost ~]# egrep -o "[[:alpha:]]+\(\)" /etc/rc.d/init.d/functions 
checkpid()
checkpids()
kill()
run()
pidof()
daemon()
killproc()
pidfileofproc()
pidofproc()
status()
success()
failure()
passed()
warning()
stage()
success()
failure()
passed()
warning()
action()
strstr()
file()
true()
false()
sysctl()
[root@localhost ~]# 

[root@localhost ~]# 
[root@localhost ~]# egrep -o "[_[:alpha:]]+\(\)" /etc/rc.d/init.d/functions 
checkpid()
__kill_pids_term_kill_checkpids()
__kill_pids_term_kill()
__pids_var_run()
__pids_pidof()
daemon()
killproc()
pidfileofproc()
pidofproc()
status()
echo_success()
echo_failure()
echo_passed()
echo_warning()
update_boot_stage()
success()
failure()
passed()
warning()
action()
strstr()
is_ignored_file()
is_true()
is_false()
apply_sysctl()

[root@localhost ~]# egrep  "[_[:alpha:]]+\(\)" /etc/rc.d/init.d/functions 
checkpid() {
__kill_pids_term_kill_checkpids() {
__kill_pids_term_kill() {
__pids_var_run() {
__pids_pidof() {
daemon() {
killproc() {
pidfileofproc() {
pidofproc() {
status() {
echo_success() {
echo_failure() {
echo_passed() {
echo_warning() {
update_boot_stage() {
success() {
failure() {
passed() {
warning() {
action() {
strstr() {
is_ignored_file() {
is_true() {
is_false() {
apply_sysctl() {
[root@localhost ~]#

4. 使用echo命令输出一个绝对路径,使用egrep取出基名;

[root@localhost ~]# echo /etc/sysconfig/network-scripts | egrep "[^/]$"
/etc/sysconfig/network-scripts
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts | egrep -o "[^/]$"
s
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts | egrep -o "[^/]+$"
network-scripts
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "[^/]+$"
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "[^/]+/?$"
network-scripts/
[root@localhost ~]# 
[root@localhost ~]# 

[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "[^/]+/?$" | cut -d "/" -f1
network-scripts
[root@localhost ~]#

扩充:显示出路径名;
echo    /etc/sysconfig/network-scripts/ | egrep   -o    “^/.*/[[:alnum:]]” |  egrep    -o    “^/.*/” | egrep    -o    “.*[[:alnum:]]”
思路如下:

[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts/   ##  最终结果需要显示: /etc/sysconfig
/etc/sysconfig/network-scripts/
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "^/.*/[[:alnum:]]"  ## 方式一:先尽量截取 network-scripts 前面的字符串;
/etc/sysconfig/n
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "^/.*/[[:alnum:]]+"  ## 方式二:network-scripts 字符串无需显示或无需完整显示;舍弃此方案;
/etc/sysconfig/network
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "^/.*/[[:alnum:]].*"  ## 方式三:network-scripts/ 完整显示,不利于前面字符串的截取操作;此方案舍弃;
/etc/sysconfig/network-scripts/
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "^/.*/[[:alnum:]]"  ###  第一次截取: /etc/sysconfig/n
/etc/sysconfig/n
[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "^/.*/[[:alnum:]]" | egrep -o "^/.*/"    ##  第二次截取:/etc/sysconfig/
/etc/sysconfig/
[root@localhost ~]# 
[root@localhost ~]# 
[root@localhost ~]# echo /etc/sysconfig/network-scripts/ | egrep -o "^/.*/[[:alnum:]]" | egrep -o "^/.*/" | egrep -o  ".*[[:alnum:]]"
/etc/sysconfig                                                                                             ##  第三次截取: /etc/sysconfig
[root@localhost ~]#

5. 找出ifconfig命令结果中1-255之间的数值;

[root@localhost ~]# ifconfig | egrep  "[1-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]"
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.206.129  netmask 255.255.255.0  broadcast 192.168.206.255
        inet6 fe80::7e22:852b:5f82:f5d  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:ce:f2:dd  txqueuelen 1000  (Ethernet)
        RX packets 396667  bytes 444705376 (424.1 MiB)
        TX packets 108231  bytes 10534565 (10.0 MiB)
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 36  bytes 3168 (3.0 KiB)
        TX packets 36  bytes 3168 (3.0 KiB)
[root@localhost ~]# 


[root@localhost ~]# ifconfig | egrep "\<([1-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\>"
        inet 192.168.206.129  netmask 255.255.255.0  broadcast 192.168.206.255
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 36  bytes 3168 (3.0 KiB)
        TX packets 36  bytes 3168 (3.0 KiB)
[root@localhost ~]#

6. 找出ifconfig命令结果中的IP地址;

ifconfig | egrep “(\<([1-9]|[1-9[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-4]])\>\.){3}\<([1-9]|[1-9[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-4]])\>”

ifconfig | egrep “(\<([1-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\>\.){3}\<([1-9]|1[0-9]{2}|2[0-4][0-9]|25[0-4])\>”

ifconfig |  grep   “inet”  |  head  -1  |  awk ‘{print $2}’

 

7. 添加用户user100 , user101 , user102 以及nologin (其shell为/sbin/nologin);而后找出/etc/passwd文件中用户名同shell名的行;

[root@localhost ~]# 
[root@localhost ~]# egrep "^[^:]+\>" /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:997:User for polkitd:/:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
epmd:x:998:996:Erlang Port Mapper Daemon:/tmp:/sbin/nologin
centos:x:1000:1000::/home/centos:/bin/bash
redhat:x:1001:1001::/home/redhat:/bin/bash
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
tom:x:3001:3001::/home/tom:/bin/bash
kari:x:3002:3001::/home/kari:/bin/bash
lucifer:x:3003:3003::/home/lucifer:/bin/bash
fitz:x:3004:3004:my name is fitz:/home/fitz:/bin/bash
docker:x:3005:3005::/home/abc:/bin/bash
maha:x:3006:3006::/home/bbb:/bin/bash
mariadb:x:997:995::/home/mariadb:/sbin/nologin
abc:x:3007:3007::/home/abc:/bin/bash
[root@localhost ~]# 
[root@localhost ~]# egrep "^([^:]+\>).*\1$" /etc/passwd
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
[root@localhost ~]#

三、fgrep命令
不支持正则表达式元字符;当无需用到元字符去编写模式时,使用fgrep,查找速度性能更好;

Leave a Reply

Your email address will not be published. Required fields are marked *