On 11/9/2011 9:25 PM, George OLson wrote:
I am trying to set up ssh, and I find different command line examples on the internet to help in my research. As I am learning CLI and scripting, can someone explain the following to me please?
In a given directory, I typed in the following line.
if [ ! -f authorized_keys ]; then touch authorized_keys ; chmod 600 authorized_keys ; fi
It created the file authorized_keys and gave it the time stamp and changed the permission. I got that part.
The only thing I don't understand is the very first boolean clause after the "if".
What exactly does the exclamation mark signify?
What also is the "-f" option?
You want to read "man bash" top to bottom. Don't try to remember it. You'll refer to it often forever. Most of this question is under "CONDITIONAL EXPRESSIONS" A basic form of conditional logic is to test the exit value of a program. if/then/else uses this. You can say: if myprogram arguments... then echo "it worked" fi it will run myprogram arguments... and it will only do the echo it worked if myprogram exited with exit value 0. Next sometimes you want to test a condition other than the result of running myprogram. You want to say, test if $A is greater than $B The simple original answer for that way back when was just to make a program called "test" which could perform various tests for you and then it would exit with an appropriate exit value So instead of "myprogram" the very same conditional feature is just running "test" and the arguments are your desired test and everything else works the same. So you can say: if test $A -gt $B then echo "A=$A is greater than B=$B" fi Next, [ ... ] is another syntax for the test command Way back there actually was a /bin/[ but now it's built in to the shell. Among the many tests test can perform, "-f something" means "is something a regular file". It's a way to test if a file exists, and more specifically, is it a regular file and not a directory, symlink, device node, fifo, etc. The ! means to negate the value of the following test. So instead of being true if the file exists and is a regular file, it will only be true if the file does not exist, or is not a regular file. Then, if that (inversed) test is true, then create a new empty authorized_keys. They might be checking specifically for a regular file to guard aganst possible sneaky symlink tricks where maybe someone could replace an authorized keys file with a symlink to one of their own, but most likely it's just intended to make sure that the file is not a directory since that could possibly exist, but would be usable, you couldn't add a new line of text to it for example. I personally would say instead: [ -f authorized_keys ] || { rm -rf authorized_keys touch authorized_keys chmod 600 authorized_keys } This says if authorized_keys exists and is a regular file, ELSE, do the stuff in between { } && is short for then and || is short for else, and using that syntax you don't need if or fi The reason for the rm -rf is to handle the case where something named authorized_keys existed, but wasn't a plain file. You need to remove it before you can place the plain file in it's place, and if it's a directory you need to remove anything that might be in and under it too, (the -r) and most of the time when the test fails and this code is run, it will be because nothing exists not that something other than a plain file exists, so the -f just prevents rm from complaining when you ask it to remove something that wasn't there, and of course makes it delete things without asking the user if they're sure. Then create, then set perms. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org