In-Place Editing
Verify-before / change / verify-after — the STD-008 pattern
# Before — inspect line 38
sed -n '38p' /etc/ssh/sshd_config
# Change — toggle PasswordAuthentication
sudo sed -i '38s/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
# After — confirm the change
sed -n '38p' /etc/ssh/sshd_configCreate backup before in-place edit — -i.bak
cp /tmp/servers.txt /tmp/servers.txt.manual-backup
cat <<'EOF' > /tmp/servers.txt
server=10.50.1.20
server=10.50.1.50
server=10.50.1.1
EOF
sed -i.bak 's/10.50.1.50/10.50.1.51/' /tmp/servers.txt
diff /tmp/servers.txt.bak /tmp/servers.txtPreview changes with diff before applying
cat <<'EOF' > /tmp/config.conf
LogLevel INFO
MaxRetries 3
Timeout 30
EOF
diff /tmp/config.conf <(sed 's/LogLevel INFO/LogLevel DEBUG/' /tmp/config.conf)Multiple in-place edits in one pass
cat <<'EOF' > /tmp/app.env
DB_HOST=localhost
DB_PORT=3306
DB_NAME=test
APP_ENV=development
EOF
sed -i -e 's/localhost/10.50.1.50/' -e 's/development/production/' /tmp/app.env
cat /tmp/app.envIdempotent edit — grep guard prevents double application
cat <<'EOF' > /tmp/sshd_snippet.conf
#PermitRootLogin yes
PasswordAuthentication yes
EOF
grep -q '^PermitRootLogin no' /tmp/sshd_snippet.conf || \
sed -i 's/^#PermitRootLogin yes/PermitRootLogin no/' /tmp/sshd_snippet.conf
cat /tmp/sshd_snippet.confIn-place delete — remove blank lines
cat <<'EOF' > /tmp/messy.txt
line one
line two
line three
EOF
sed -i '/^$/d' /tmp/messy.txt
cat /tmp/messy.txtIn-place edit with line number targeting
cat <<'EOF' > /tmp/hosts.conf
# DNS Servers
nameserver 10.50.1.50
nameserver 8.8.8.8
nameserver 1.1.1.1
EOF
# Before
sed -n '3p' /tmp/hosts.conf
# Change — replace line 3
sed -i '3s/8.8.8.8/10.50.1.1/' /tmp/hosts.conf
# After
sed -n '3p' /tmp/hosts.confRestore from backup after failed edit
cat <<'EOF' > /tmp/critical.conf
setting_a=100
setting_b=200
EOF
sed -i.bak 's/setting_a=100/setting_a=WRONG/' /tmp/critical.conf
# Oops — restore
cp /tmp/critical.conf.bak /tmp/critical.conf
cat /tmp/critical.conf