The Developer

How to split larger files into smaller parts?

Amaga — Fri, 16 Mar 2012 00:20:30 +0000

If you are splitting a Text file and want to split it by lines you can do this:

split -l 50000 dump.csv newdump

Which will split the text file in output files of 50000 lines each. This is another way to split a file and is mostly used for text files like logs, sql dumps, csv files, etc.

Linux commands

Amaga — Wed, 14 Mar 2012 06:10:23 +0000

This is a linux command line reference for common operations.

Examples marked with • are valid/safe to paste without modification into a terminal, so you may want to keep a terminal window open while reading this so you can cut & paste.
All these commands have been tested both on Fedora and Ubuntu.

Command		Description
•	apropos whatis	Show commands pertinent to string. See also threadsafe
•	man -t man \| ps2pdf – > man.pdf	make a pdf of a manual page
	which command	Show full path name of command
	time command	See how long a command takes
•	time cat	Start stopwatch. Ctrl-d to stop. See also sw
•	nice info	Run a low priority command (The “info” reader in this case)
•	renice 19 -p $$	Make shell (script) low priority. Use for non interactive tasks
dir navigation
•	cd -	Go to previous directory
•	cd	Go to $HOME directory
	(cd dir && command)	Go to dir, execute command and return to current dir
•	pushd .	Put current dir on stack so you can popd back to it
file searching
•	alias l=’ls -l –color=auto’	quick dir listing
•	ls -lrt	List files by date. See also newest and find_mm_yyyy
•	ls /usr/bin \| pr -T9 -W$COLUMNS	Print in 9 columns to width of terminal
	find -name ‘*.[ch]‘ \| xargs grep -E ‘expr’	Search ‘expr’ in this dir and below. See also findrepo
	find -type f -print0 \| xargs -r0 grep -F ‘example’	Search all regular files for ‘example’ in this dir and below
	find -maxdepth 1 -type f \| xargs grep -F ‘example’	Search all regular files for ‘example’ in this dir
	find -maxdepth 1 -type d \| while read dir; do echo $dir; echo cmd2; done	Process each item with multiple commands (in while loop)
•	find -type f ! -perm -444	Find files not readable by all (useful for web site)
•	find -type d ! -perm -111	Find dirs not accessible by all (useful for web site)
•	locate -r ‘file[^/]*\.txt’	Search cached index for names. This re is like glob file.txt
•	look reference	Quickly search (sorted) dictionary for prefix
•	grep –color reference /usr/share/dict/words	Highlight occurances of regular expression in dictionary
archives and compression
	gpg -c file	Encrypt file
	gpg file.gpg	Decrypt file
	tar -c dir/ \| bzip2 > dir.tar.bz2	Make compressed archive of dir/
	bzip2 -dc dir.tar.bz2 \| tar -x	Extract archive (use gzip instead of bzip2 for tar.gz files)
	tar -c dir/ \| gzip \| gpg -c \| ssh user@remote ‘dd of=dir.tar.gz.gpg’	Make encrypted archive of dir/ on remote machine
	find dir/ -name ‘*.txt’ \| tar -c –files-from=- \| bzip2 > dir_txt.tar.bz2	Make archive of subset of dir/ and below
	find dir/ -name ‘*.txt’ \| xargs cp -a –target-directory=dir_txt/ –parents	Make copy of subset of dir/ and below
	( tar -c /dir/to/copy ) \| ( cd /where/to/ && tar -x -p )	Copy (with permissions) copy/ dir to /where/to/ dir
	( cd /dir/to/copy && tar -c . ) \| ( cd /where/to/ && tar -x -p )	Copy (with permissions) contents of copy/ dir to /where/to/
	( tar -c /dir/to/copy ) \| ssh -C user@remote ‘cd /where/to/ && tar -x -p’	Copy (with permissions) copy/ dir to remote:/where/to/ dir
	dd bs=1M if=/dev/sda \| gzip \| ssh user@remote ‘dd of=sda.gz’	Backup harddisk to remote machine
rsync (Network efficient file copier: Use the –dry-run option for testing)
	rsync -P rsync://rsync.server.com/path/to/file file	Only get diffs. Do multiple times for troublesome downloads
	rsync –bwlimit=1000 fromfile tofile	Locally copy with rate limit. It’s like nice for I/O
	rsync -az -e ssh –delete ~/public_html/ remote.com:’~/public_html’	Mirror web site (using compression and encryption)
	rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh . remote:/dir/	Synchronize current directory with remote one
ssh (Secure SHell)
	ssh $USER@$HOST command	Run command on $HOST as $USER (default command=shell)
•	ssh -f -Y $USER@$HOSTNAME xeyes	Run GUI command on $HOSTNAME as $USER
	scp -p -r $USER@$HOST: file dir/	Copy with permissions to $USER’s home directory on $HOST
	ssh -g -L 8080:localhost:80 root@$HOST	Forward connections to $HOSTNAME:8080 out to $HOST:80
	ssh -R 1434:imap:143 root@$HOST	Forward connections from $HOST:1434 in to imap:143
wget (multi purpose download tool)
•	(cd dir/ && wget -nd -pHEKk http://www.pixelbeat.org/cmdline.html)	Store local browsable version of a page to the current dir
	wget -c http://www.example.com/large.file	Continue downloading a partially downloaded file
	wget -r -nd -np -l1 -A ‘*.jpg’ http://www.example.com/dir/	Download a set of files to the current directory
	wget ftp://remote/file[1-9].iso/	FTP supports globbing directly
•	wget -q -O- http://www.pixelbeat.org/timeline.html \| grep ‘a href’ \| head	Process output directly
	echo ‘wget url’ \| at 01:00	Download url at 1AM to current dir
	wget –limit-rate=20k url	Do a low priority download (limit to 20KB/s in this case)
	wget -nv –spider –force-html -i bookmarks.html	Check links in a file
	wget –mirror http://www.example.com/	Efficiently update a local copy of a site (handy from cron)
networking (Note ifconfig, route, mii-tool, nslookup commands are obsolete)
	ethtool eth0	Show status of ethernet interface eth0
	ethtool –change eth0 autoneg off speed 100 duplex full	Manually set ethernet interface speed
	iwconfig eth1	Show status of wireless interface eth1
	iwconfig eth1 rate 1Mb/s fixed	Manually set wireless interface speed
•	iwlist scan	List wireless networks in range
•	ip link show	List network interfaces
	ip link set dev eth0 name wan	Rename interface eth0 to wan
	ip link set dev eth0 up	Bring interface eth0 up (or down)
•	ip addr show	List addresses for interfaces
	ip addr add 1.2.3.4/24 brd + dev eth0	Add (or del) ip and mask (255.255.255.0)
•	ip route show	List routing table
	ip route add default via 1.2.3.254	Set default gateway to 1.2.3.254
•	tc qdisc add dev lo root handle 1:0 netem delay 20msec	Add 20ms latency to loopback device (for testing)
•	tc qdisc del dev lo root	Remove latency added above
•	host pixelbeat.org	Lookup DNS ip address for name or vice versa
•	hostname -i	Lookup local ip address (equivalent to host `hostname`)
•	whois pixelbeat.org	Lookup whois info for hostname or ip address
•	netstat -tupl	List internet services on a system
•	netstat -tup	List active connections to/from system
windows networking (Note samba is the package that provides all this windows specific networking support)
•	smbtree	Find windows machines. See also findsmb
	nmblookup -A 1.2.3.4	Find the windows (netbios) name associated with ip address
	smbclient -L windows_box	List shares on windows machine or samba server
	mount -t smbfs -o fmask=666,guest //windows_box/share /mnt/share	Mount a windows share
	echo ‘message’ \| smbclient -M windows_box	Send popup to windows machine (off by default in XP sp2)
text manipulation (Note sed uses stdin and stdout. Newer versions support inplace editing with the -i option)
	sed ‘s/string1/string2/g’	Replace string1 with string2
	sed ‘s/$.*$1/\12/g’	Modify anystring1 to anystring2
	sed ‘/ #/d; /^ $/d’	Remove comments and blank lines
	sed ‘:a; /\\$/N; s/\\\n//; ta’	Concatenate lines with trailing \
	sed ‘s/[ \t]*$//’	Remove trailing spaces from lines
	sed ‘s/$[`"$\]$/\\\1/g’	Escape shell metacharacters active within double quotes
•	seq 10 \| sed “s/^/ /; s/ *$.\{7,\}$/\1/”	Right align numbers
	sed -n ’1000{p;q}’	Print 1000th line
	sed -n ’10,20p;20q‘	Print lines 10 to 20
	sed -n ‘s/.$.$<\/title>.*/\1/ip;T;q‘	Extract title from HTML web page
	sed -i 42d ~/.ssh/known_hosts	Delete a particular line
	sort -t. -k1,1n -k2,2n -k3,3n -k4,4n	Sort IPV4 ip addresses
•	echo ‘Test’ \| tr ‘[:lower:]‘ ‘[:upper:]‘	Case conversion
•	tr -dc ‘[:print:]‘ < /dev/urandom	Filter non printable characters
•	history \| wc -l	Count lines
set operations (Note you can export LANG=C for speed. Also these assume no duplicate lines within a file)
	sort file1 file2 \| uniq	Union of unsorted files
	sort file1 file2 \| uniq -d	Intersection of unsorted files
	sort file1 file1 file2 \| uniq -u	Difference of unsorted files
	sort file1 file2 \| uniq -u	Symmetric Difference of unsorted files
	join -t” -a1 -a2 file1 file2	Union of sorted files
	join -t” file1 file2	Intersection of sorted files
	join -t” -v2 file1 file2	Difference of sorted files
	join -t” -v1 -v2 file1 file2	Symmetric Difference of sorted files
math
•	echo ‘(1 + sqrt(5))/2′ \| bc -l	Quick math (Calculate φ). See also bc
•	echo ‘pad=20; min=64; (10010^6)/((pad+min)8)’ \| bc	More complex (int) e.g. This shows max FastE packet rate
•	echo ‘pad=20; min=64; print (100E6)/((pad+min)*8)’ \| python	Python handles scientific notation
•	echo ‘pad=20; plot [64:1518] (100106)/((pad+x)8)’ \| gnuplot -persist	Plot FastE packet rate vs packet size
•	echo ‘obase=16; ibase=10; 64206′ \| bc	Base conversion (decimal to hexadecimal)
•	echo $((0x2dec))	Base conversion (hex to dec) ((shell arithmetic expansion))
•	units -t ’100m/9.58s‘ ‘miles/hour’	Unit conversion (metric to imperial)
•	units -t ’500GB’ ‘GiB’	Unit conversion (SI to IEC prefixes)
•	units -t ’1 googol’	Definition lookup
•	seq 100 \| (tr ‘\n’ +; echo 0) \| bc	Add a column of numbers. See also add and funcpy
calendar
•	cal -3	Display a calendar
•	cal 9 1752	Display a calendar for a particular month year
•	date -d fri	What date is it this friday. See also day
•	[ $(date -d "tomorrow" +%d) = "01" ] \|\| exit	exit a script unless it’s the last day of the month
•	date –date=’25 Dec’ +%A	What day does xmas fall on, this year
•	date –date=’@2147483647′	Convert seconds since the epoch (1970-01-01 UTC) to date
•	TZ=’America/Los_Angeles’ date	What time is it on west coast of US (use tzselect to find TZ)
•	date –date=’TZ=”America/Los_Angeles” 09:00 next Fri’	What’s the local time for 9AM next Friday on west coast US
	echo “mail -s ‘get the train’ P@draigBrady.com < /dev/null” \| at 17:45	Email reminder
•	echo “DISPLAY=$DISPLAY xmessage cooker” \| at “NOW + 30 minutes”	Popup reminder
locales
•	printf “%’d\n” 1234	Print number with thousands grouping appropriate to locale
•	BLOCK_SIZE=\’1 ls -l	get ls to do thousands grouping appropriate to locale
•	echo “I live in `locale territory`”	Extract info from locale database
•	LANG=en_IE.utf8 locale int_prefix	Lookup locale info for specific country. See also ccodes
•	locale \| cut -d= -f1 \| xargs locale -kc \| less	List fields available in locale database
recode (Obsoletes iconv, dos2unix, unix2dos)
•	recode -l \| less	Show available conversions (aliases on each line)
	recode windows-1252.. file_to_change.txt	Windows “ansi” to local charset (auto does CRLF conversion)
	recode utf-8/CRLF.. file_to_change.txt	Windows utf8 to local charset
	recode iso-8859-15..utf8 file_to_change.txt	Latin9 (western europe) to utf8
	recode ../b64 < file.txt > file.b64	Base64 encode
	recode /qp.. < file.qp > file.txt	Quoted printable decode
	recode ..HTML < file.txt > file.html	Text to HTML
•	recode -lf windows-1252 \| grep euro	Lookup table of characters
•	echo -n 0×80 \| recode latin-9/x1..dump	Show what a code represents in latin-9 charmap
•	echo -n 0x20AC \| recode ucs-2/x2..latin-9/x	Show latin-9 encoding
•	echo -n 0x20AC \| recode ucs-2/x2..utf-8/x	Show utf-8 encoding
CDs
	gzip < /dev/cdrom > cdrom.iso.gz	Save copy of data cdrom
	mkisofs -V LABEL -r dir \| gzip > cdrom.iso.gz	Create cdrom image from contents of dir
	mount -o loop cdrom.iso /mnt/dir	Mount the cdrom image at /mnt/dir (read only)
	cdrecord -v dev=/dev/cdrom blank=fast	Clear a CDRW
	gzip -dc cdrom.iso.gz \| cdrecord -v dev=/dev/cdrom -	Burn cdrom image (use dev=ATAPI -scanbus to confirm dev)
	cdparanoia -B	Rip audio tracks from CD to wav files in current dir
	cdrecord -v dev=/dev/cdrom -audio -pad *.wav	Make audio CD from all wavs in current dir (see also cdrdao)
	oggenc –tracknum=’track’ track.cdda.wav -o ‘track.ogg’	Make ogg file from wav file
disk space (See also FSlint)
•	ls -lSr	Show files by size, biggest last
•	du -s * \| sort -k1,1rn \| head	Show top disk users in current dir. See also dutop
•	df -h	Show free space on mounted filesystems
•	df -i	Show free inodes on mounted filesystems
•	fdisk -l	Show disks partitions sizes and types (run as root)
•	rpm -q -a –qf ‘%10{SIZE}\t%{NAME}\n’ \| sort -k1,1n	List all packages by installed size (Bytes) on rpm distros
•	dpkg-query -W -f=’${Installed-Size;10}\t${Package}\n’ \| sort -k1,1n	List all packages by installed size (KBytes) on deb distros
•	dd bs=1 seek=2TB if=/dev/null of=ext3.test	Create a large test file (taking no space). See also truncate
•	> file	truncate data of file or create an empty file
monitoring/debugging
•	tail -f /var/log/messages	Monitor messages in a log file
•	strace -c ls >/dev/null	Summarise/profile system calls made by command
•	strace -f -e open ls >/dev/null	List system calls made by command
•	ltrace -f -e getenv ls >/dev/null	List library calls made by command
•	lsof -p $$	List paths that process id has open
•	lsof ~	List processes that have specified path open
•	tcpdump not port 22	Show network traffic except ssh. See also tcpdump_not_me
•	ps -e -o pid,args –forest	List processes in a hierarchy
•	ps -e -o pcpu,cpu,nice,state,cputime,args –sort pcpu \| sed ‘/^ 0.0 /d’	List processes by % cpu usage
•	ps -e -orss=,args= \| sort -b -k1,1n \| pr -TW$COLUMNS	List processes by mem (KB) usage. See also ps_mem.py
•	ps -C firefox-bin -L -o pid,tid,pcpu,state	List all threads for a particular process
•	ps -p 1,2	List info for particular process IDs
•	last reboot	Show system reboot history
•	free -m	Show amount of (remaining) RAM (-m displays in MB)
•	watch -n.1 ‘cat /proc/interrupts’	Watch changeable data continuously
system information (see also sysinfo) (‘#’ means root access is required)
•	uname -a	Show kernel version and system architecture
•	head -n1 /etc/issue	Show name and version of distribution
•	cat /proc/partitions	Show all partitions registered on the system
•	grep MemTotal /proc/meminfo	Show RAM total seen by the system
•	grep “model name” /proc/cpuinfo	Show CPU(s) info
•	lspci -tv	Show PCI info
•	lsusb -tv	Show USB info
•	mount \| column -t	List mounted filesystems on the system (and align output)
•	grep -F capacity: /proc/acpi/battery/BAT0/info	Show state of cells in laptop battery
#	dmidecode -q \| less	Display SMBIOS/DMI information
#	smartctl -A /dev/sda \| grep Power_On_Hours	How long has this disk (system) been powered on in total
#	hdparm -i /dev/sda	Show info about disk sda
#	hdparm -tT /dev/sda	Do a read speed test on disk sda
#	badblocks -s /dev/sda	Test for unreadable blocks on disk sda
interactive (see also linux keyboard shortcuts)
•	readline	Line editor used by bash, python, bc, gnuplot, …
•	screen	Virtual terminals with detach capability, …
•	mc	Powerful file manager that can browse rpm, tar, ftp, ssh, …
•	gnuplot	Interactive/scriptable graphing
•	links	Web browser
•	xdg-open .	open a file or url with the registered desktop application
miscellaneous
•	alias hd=’od -Ax -tx1z -v’	Handy hexdump. (usage e.g.: • hd /proc/self/cmdline \| less)
•	alias realpath=’readlink -f’	Canonicalize path. (usage e.g.: • realpath ~/../$USER)
•	set \| grep $USER	Search current environment
	touch -c -t 0304050607 file	Set file timestamp (YYMMDDhhmm)
•	python -m SimpleHTTPServer	Serve current directory tree at http://$HOSTNAME:8000/

Displaying ls in color and howto change a color in CentOS, Fedora, and Redhat.

Amaga — Thu, 01 Mar 2012 19:32:28 +0000

Display ls in color

Open file in bash
vi ~/.bashrc

Add following line to .bashrc
alias ls="ls -al --color"

NOTE: log off and login (or run bash) to see the result

Replace a colors

By default CentOS/RHEL show directorys in ls listing in dark green. With dark color it’s difficult to read directory names.

cp /etc/DIR_COLORS ~/.dir_colors vi ~/.dir_colors
FIND: DIR 01;34 # directory
REPLACE WITH: DIR 01;33 # directory

NOTE: log off and login (or run bash) to see the result.

Everything was tested CentOS, Fedora, and Redhat.

Wanna see version of distributive was installed?

Amaga — Thu, 01 Mar 2012 07:22:58 +0000

Often question: how to check the version of centos?
Here solution to check what version of CentOS or any other distributive was installed:

cat /etc/*release*

specific for centos/redhat: cat /etc/redhat-release

Easy way to remove files that are not in subversion (svn)

Amaga — Thu, 01 Mar 2012 06:33:15 +0000

One of the great features of version control is that I can easily revert back to a known good state. I can do this in Subversion with the following command:

svn st |grep -e ^\? -e ^I | awk '{print $2}'xargs rm

Note 1: Use rm -rf to delete directions and files without questions svn st |grep -e ^\? -e ^I | awk ‘{print $2}’xargs rm -rf
Note 2: awk fix a problem with white spaces.

How do I get ls to display in color

Amaga — Wed, 28 Sep 2011 19:12:16 +0000

ls -al –color /etc

Open the .bashrc file with your favorite text editor.
For example, you could type vi /root/.bashrc at the command line to open the file.

Under the line “# User specific aliases and functions” type:

alias ls=”ls -alh –color”
alias ll=”ls -alh –color”

Make sure to write your changes to the file and save them. The changes will not take effect until you close your terminal/session window and re-open a new terminal again.

Install Thawte SSL certificate in nginx

Amaga — Tue, 27 Sep 2011 06:32:06 +0000

Thawte recently started issuing a new kind of SSL cert. Instead of just taking your crt and key files and dumping them on your server, you need to install Thawte’s intermediate certificates as well.

here solution:

Download your client certificate from thawte (.crt file thawte sent)
Download the primary and secondary intermediate CAs
Combine the 3 certificates into one file, with your certificate first, then the primary and secondary intermediate certificates.
Add: ssl_verify_depth 3; to your configuration file
Restart nginx (/etc/init.d/nginx restart)

So in the end, your nginx configuration file should look like the following:

ssl_certificate /path/to/certificate.bundle.cert;
ssl_certificate_key /path/to/private.key;
ssl_verify_depth 3;

Now your browser should say that the certificate was issues by Thawte DV SSL CA.
Test it by visiting https://www.ssllabs.com/ssldb/

Qmail-Remove

Amaga — Sat, 13 Mar 2010 03:00:53 +0000

Qmail-Remove will remove messages containing a particular string from your Qmail queue.

Mails are *not* deleted from the queue! They are only stored, temporarily, in $qmail-queue/yanked/, where you can view them individually and restore them back to the queue manually. There is currently no support for restoring them automatically.

By default, Qmail-Remove assumes that your Qmail queue is stored in /var/qmail/queue, but this can be changed with a command line option. Similarly, Qmail-Remove assumes that your queue “split” is 23 by default, among other things.

If you want to check your qmail queue using the following command

# /var/qmail/bin/qmail-qstat

Output looks like

messages in queue: 567154
messages in queue but not yet preprocessed: 3

Install Qmail-Remove

First you need to download latest version from here current version is Qmail-Remove 0.95

Download using the following command

#wget http://www.linuxmagic.com/opensource…remove-.tar.gz

Now you have qmail-remove-0.95.tar.gz file and now you need to extract using the following command

#tar -zxvf qmail-remove-.tar.gz

Now you should have qmail-remove-0.95 folder go in to the directory and run the following commands

#make

#make install

This will complete the installation.

Now you need to create a directory named “yanked” in the qmail queue directory you intend to use before using this program.

#mkdir /var/qmail/queue/yanked

Examples for qmail-remove

Before doing any thing related to qmail queue you need to stop the qmail service using the following command:

#/etc/init.d/qmail stop

To delete mails from Que,

#qmail-remove -r -p

# qmail-remove -r -p mega.pack.com

This will remove all emails in queue with “mega.pack.com” in it and place it in /var/qmail/queue/yanked folder.

Have a problem with mod_rewrite rules? Debug it !

Amaga — Tue, 09 Mar 2010 23:06:59 +0000

Many webmasters run in to mod_rewrite at one time or another and every one of them will have at least a little trouble with it.
I just came across the RewriteLog Directive and corresponding RewriteLogLevel Directive.
To set up a debugging log for mod_rewrite, you need to add them to your httpd.conf to the appropriate VirtualHost section.

Add following rules to your httpd.conf
```
RewriteLog "/var/log/httpd/rewrite.log"
RewriteLogLevel 3
```
to the appropriate VirtualHost section.
Restart Apache by command in your shell (as root)
apachectl graceful

Note: You’re not going to be able to turn above rules with shared hosting, they can’t be used in .htaccess by default. But you could ask your server-administrator to set AllowOverride to “All” instead “None”. And you will available to add above rules to .htaccess.

There a trick that’s helps debug mod_rewrite on shared hosting even AllowOverride is “None”.
Basically what you do is dump some of the info that mod_rewrite is using back out into the headers then use the Firebug or LiveHTTP Headers extensions in Firefox to watch the headers and read your debug info.
Add following rules to .htaccess:

RewriteCond %{QUERY_STRING} !vardump
RewriteRule (.*) http://www.your_website.com/$1?vardump&thereq=%{THE_REQUEST}&reqhost=%{HTTP_HOST} [R=301,L,QSA]

to dump, for example, the THE_REQUEST and HTTP_HOST into request variables.
The R=301 does a 301 redirect instead of a rewrite – this is key. A redirect sends information back to the browser but a rewrite happens all inside the server.

Rewrite subdomain to folder

Amaga — Thu, 18 Feb 2010 05:40:29 +0000

You might have noticed some sites having their URLs written as if they were different subdomains of the same domain.

Internally rewrite .example.com/ to example.com/subs/

RewriteCond $1 !^subs/
RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteCond %{HTTP_HOST} ^([^.]+)\.example\.com
RewriteRule (.*) /subs/%1/$1 [L]

Internally rewrite .example.com/ to example.com/

RewriteCond %{ENV:Rewrite-Done} !^Yes$
RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteCond %{HTTP_HOST} ^([^.]+)\.example\.com
RewriteRule (.*) /%1/$1 [E=Rewrite-Done:Yes,L]

In both cases, a mechanism is required (and present in the code) to prevent an ‘infinite’ rewriting loop.

If you use the first method, then you can easily externally redirect direct client requests for the subdomain-subdirectories back to the subdomain to avoid duplicate content:

Externally redirect client requests for example.com/subs// to .example.com/

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /subs/
RewriteRule ^subs/([^/]+)/(.*)$ http://$1.example.com/$2 [R=301,L]

Here more complex email
The best way to do this is to setup each (or all) subdomain in the sites/{subdomain} directory of domain.com via your control panel. Some hosts will leave well enough alone (so the subdomain remains visible) but others actually force a redirect to the main domain’s subdirectory (forcing a change of URL). If you do this with mod_rewrite, you are forcing the change of URL.

# Rewrite .example.com/ to example.com/SITE//
#
# Skip rewrite if no hostname or if subdomain is www
# RewriteCond %{HTTP_HOST} .
# there must always be an {HTTP_HOST}
RewriteCond %{HTTP_HOST} !^www\. [NC]

# Extract (required) subdomain (%1), and first path element (%3), discard port number if present (%2)
RewriteCond %{HTTP_HOST}<>%{REQUEST_URI} ^([^.]+)\.domain\.com(:80)?<>/([^/]*) [NC]
# / is not used by Apache 2.x
# ([^/]*) means no subdirectories allowed

# Rewrite only when subdomain not equal to first path element (prevents mod_rewrite recursion)
RewriteCond %1<>%3 !^sites/(.*)<>\1$ [NC]
# Don't forget your sites "marker" subdirectory
# \1$ has no meaning!  All you don't want it sites/ in the URI

RewriteCond %{REQUEST_URI} !^/?sites/
# so you don't need the preceding RewriteCond statement

RewriteRule ^(.*) sites/%1/$1 [R=301,L]
# You might as well make this a 301 redirect
# finis!

    # Rewrite to /subdomain/path
    #RewriteRule ^(.*) /sites/%1/$1 [L]
    #RewriteRule ^(.*) /%1/$1 [L] #root directory
    #RewriteRule ^(.*) sites/%1/$1 [L]
    #RewriteRule ^/products/ index.php?id=$1&todo=

To check whether the folder exists is redundant – Apache will NOT even receive the request if the subdomain doesn’t exist so this problem can only occur with Dynamic Mass VirtualHosting. In that case, use a RewriteCond statement to check {PHYSICAL path to DocumentRoot}/sites/%1 -d (directory exists).