More Stupid *nix Tricks: Inserting lines to the top of files with tac

Why do you do this, fraq?

Occasionally I’ll encounter myself doing something in Linux I don’t do very often and I know other people aren’t doing much as well. When that happens, I try to document the stupid, quirky things I did. Maybe for posterity, maybe because I need a life, I dunno.

What is the stupid trick today?

Every once in a blue moon, I have to inject a line at the top of a file. Sometimes it’s an import statement in python, sometimes it’s a shebang line. While it’s easy to just vim ./filename and add it that way, it’s more fun to try to do it programmatically. I’ve seen a few solutions using sed, but I’d like to introduce a less popular tool: tac

tac reads files, but from bottom to top, moving the opposite direction of its cousin, cat. You might have even noticed that tac is just cat backwards. Clever, eh? tac doesn’t get much attention, but this is one instance in which its actually useful.

Let’s imagine you want to add an import statement at the top of a python script because you forgot it.


This won’t work without import os at the top, so let’s add it.

tac > useless_script.tmp; echo "import os" >> useless_script.tmp && tac useless_script.tmp > && rm -f useless_script.tmp

Now, would it have been easier to use sed? Almost certainly. Is this fun? I think so. Will you find a use for this? Yes, when you least expect it.


Is forcing really necessary?

Course of habit, but it doesn’t hurt to include it. At this point, I might as well alias rm -rf to rm.

1 Like

That’s super risky. You’ll be half-asleep and wipe your hard drive.

Live life on hard mode. That’s not my motto, but I imagine someone says it. Imagine I’m that person.


I would expect an ops professional like yourself to always boot into safe mode!

Ugh I read about tac somewhere before, used it once and forgot about it again…

So I’m appreciating this post/ start of a new series, since it’s a nice change of the otherwise ‘somewhat serious’ real talk topics :smiley:

I do a lot of things in Linux that would make baby Jesus cry, so I figure I’ll just document them here when I notice I’m doing them.

There are a lot of other secops things I do that I’d love to share here, but they’re not useful for most folks in the forum and only a few people would find them interesting. The life of an average security engineer hardening their infrastructure is much more dull than stuff @_py is posting about pwning binaries.


Believe it or not my lack of knowledge on the topics you’re good at actually slows down my pwning process a ton. Your posts would be much appreciated by the community. Proper workflow is key to productivity and you definitely know about that.


I’m looking at this like @_py does as well.
These nifty little tricks and knowledge bombs for certain tools, or other methods to automate things are good to know.
So getting a digest of what you can do every now and would really be appreciated !

Immutable infrastructure baby. If it breaks just reinitialise it. I bet fraq barely ssh’s in to his infra anymore. Ansible, packer and docker do that sort of stuff.

You’re right, I actually don’t. I deploy my app stack on ECS and occasionally ssh into my bastion servers to kick off a load test. I rarely ever SSH into the docker hosts. If I do, it’s because something very wrong has happened.

I probably log into the AWS console 1-2 times a week. Most of the time I authenticate over the CLI and just rip things that way.