$ Linux One Liners
Back to commands

Cybersecurity Triage

Changes system state

Inspect Container Environment Names

You need to know whether expected env vars are present, but dumping values may expose credentials.

Command

docker inspect --format '{{range .Config.Env}}{{println .}}{{end}}' api | sed 's/=.*$/=<redacted>/'

Before you run this

System impact: Changes system or application state. Needs inspection, scoping, and rollback notes before production use.

When not to use it: Do not rely on this for perfect secret handling in shell history, logs, or copied output from other commands.

Expected output

DATABASE_URL=<redacted>

System impact

Changes system state. Nothing changes. Docker reads container configuration and the shell redacts values in terminal output.

Recovery / rollback: no state is changed.

When to use it

Use when checking whether config keys are present during auth, database, or API failures.

When not to use it

Do not rely on this for perfect secret handling in shell history, logs, or copied output from other commands.

Watch this command run

Command transcript

This sanitized transcript shows the commands and output shape without exposing host details.

demo@lab:~$

$ docker inspect --format '{{range .Config.Env}}{{println .}}{{end}}' api | sed 's/=.*$/=<redacted>/'

APP_ENV=<redacted>
DATABASE_URL=<redacted>
REDIS_URL=<redacted>

$ docker inspect --format '{{json .Config.Labels}}' api

{"com.example.service":"api","com.example.release":"2026-06-25"}
View commands shown

These are the commands shown in the sanitized transcript.

Commands shown

  1. docker inspect --format '{{range .Config.Env}}{{println .}}{{end}}' api | sed 's/=.*$/=<redacted>/'
  2. docker inspect --format '{{json .Config.Labels}}' api

next steps

Related commands

Hosting Operations Read-only

See Container Network Attachments

A container can be healthy and still attached to the wrong network.

docker inspect --format '{{.Name}} {{range $name, $net := .NetworkSettings.Networks}}{{$name}} {{$net.IPAddress}} {{end}}' api
Cybersecurity Triage Sensitive output

Redact Secret-Looking Log Lines

Incident notes should not copy secrets forward.

grep -RInEi '(password|token|secret|authorization)' fixtures/incidents | sed -E 's/((password|token|secret)[[:space:]]*[:=])[[:alnum:]_.-]+/\1REDACTED/Ig; s/([Aa]uthorization[[:space:]]*:[[:space:]]*[Bb]earer[[:space:]]+)[[:alnum:]_.-]+/\1REDACTED/g'
Hosting Operations Read-only

Check Container Health Status

Docker may say a container is running while its health check says otherwise.

docker inspect --format '{{.Name}} health={{if .State.Health}}{{.State.Health.Status}}{{else}}none{{end}} status={{.State.Status}}' web
Cybersecurity Triage Can be slow

Extract Environment Names Only

Audit environment labels without printing secret values.

grep -RhoE 'ENVIRONMENT|NODE_ENV|APP_ENV|RAILS_ENV' config deploy | sort -u
Cybersecurity Triage Sensitive output

List Privileged Group Members

Group membership can grant more access than the username suggests.

awk -F: '$1 ~ /^(sudo|adm|docker)$/ && $4 != "" {print $1 ": " $4}' fixtures/user-access-audit/etc/group
Study mapping

Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.

  • lpic1:103-gnu-unix-commands
  • lpic1:110-security
  • lfcs:essential-commands
  • lfcs:security-hygiene
  • linuxplus:automation-scripting
  • linuxplus:provisional
  • linuxplus:troubleshooting
  • risk:production-state-change

Useful for

  • LPIC-1 style command-line practice
  • LFCS style performance tasks
  • Linux+ style troubleshooting review

Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.