While digging for some details on the NLS language settings in Oracle today I came across a great FAQ on the topic right on Oracle’s site.

The FAQ includes such topics as:
NLS_LANG Parameter Fundamentals
Checking the current NLS_LANG Settings
How to setup the NLS_LANG Property for UNIX
Where to set the NLS_LANG in Windows
A Whole Pile of Other Frequently Asked Questions

Check out the NLS_LANG FAQ if you’re looking to learn about the NLS_LANG and associated settings or to find the answers to many common questions on these parameters.

oracle, dba, database administration, system administration, UNIX, Linux

As I mentioned in in a my post about file security every file and directory in Linux has an owner and a group associated with it. The need commonly arises where the user or group ownership for files or directories needs to be changed. For example, if user the sally, in group finance is responsible for a number of files and Sally gets transferred to the purchasing group the ownership of the files might need to be changed to marge because Marge is the user who is taking Sally’s place in finance. The chown command is used to change file or directory ownership.

As another example if a number of files that are currently accessed by the test group are ready for production and need to be changed to the prod group, the chgrp command can be used to give access to the prod group.

Actually the chown command can be used to change both user and group ownership, while the chgrp command can only be used to change group ownership. This command will be covered later in this chapter. When using either chown or chgrp commands, the system will first check the permissions of the user issuing the commands to make certain they have sufficient permissions to make the change.

Now we’ll look at some examples of how to use the chown and chgrp commands. We’ll start with the chgrp command, then look at chown and then finally see how chown can be used to do the work of both!

Change Group Ownership

The chgrp command is used to change the group with which a file is associated. The first thing you will need to provide this command is the group which you want to change the file or directory to. After that you can list a single file or directory to be changed or list separate entities separated by spaces. The chgrp command will not have any affect on the access granted to the group (the rw- in the middle of the three permissions sets) but will change who can use those permissions.

Using the chgrp Command on a File

# ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 tclark authors 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt
# chgrp presidents gettysburg.txt
# ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 tclark presidents 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt

The chgrp command works the same for directories as it does for files. In the following example, the group ownership of the directory called examples will be changed. Directories are identified by the letter d in the first column of the ls –l display.

Using the chgrp Command on a Directory

# ls -l
total 4
-rw-rw-r-- 1 tclark tclark 0 Jan 13 21:13 example1.fil
-rw-rw-r-- 1 tclark tclark 0 Jan 13 21:13 example2.xxx
drwxrwxr-x 2 tclark tclark 4096 Jan 13 21:35 examples
# chgrp authors examples
# ls -l
total 4
-rw-rw-r-- 1 tclark tclark 0 Jan 13 21:13 example1.fil
-rw-rw-r-- 1 tclark tclark 0 Jan 13 21:13 example2.xxx
drwxrwxr-x 2 tclark authors 4096 Jan 13 21:35 examples

You can change the group for multiple files and/or directories by using the –R (recursive) option for the chgrp command. This is one of the few commands (we’ll see two of the others shortly) which use an upper-case R for the recursive option. When applied on a directory the –R option will apply the chgrp command to the directory and all its subdirectories and files. Care should be taken when using the –R option.

Next we’ll look at changing the ownership of files.

Change User Ownership

The chown (change owner) command can be used to change ownership of a file or directory. The syntax is very similar to chgrp.

# ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 tclark authors 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt
# chown abe gettysburg.txt
# ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 abe authors 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt

Just like with chgrp we see that chown accepts the username of the user who should get ownership and the file or directory to change. Again we could list multiple files or directories here with spaces separating them.

The chown command can be used to change the group ownership instead of the user ownership of a file or directory. If you wish to use chown to change the group ownership you can list a group preceded with either a colon (:) or a period (.). Here’s an example of how to use chown to change the group ownership of a file:

# ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 abe authors 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt
# chown :presidents gettys*
# ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 abe presidents 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt

If you wish to simultaneously change both the user and group ownership of a file you can specify the user and group in the format of user:group.

In the following example the user will be changed back to tclark and the group back to authors using a single command.

Using the chown Command to Change File Ownership

# ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 abe presidents 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt
# chown tclark:authors gettys*
# ls -l
total 12
-rw-rw-r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 tclark authors 1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r-- 1 tclark authors 360 Jan 13 17:48 preamble.txt

Here we see the user and group has been changed with a single command. Just like with chgrp the chown command will take the –R (recursive) option and apply the chown command to a directory and its subdirectories. This should be used with care.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


unix, linux, system administration, sysadmin, security, file security, permissions, owner, group

Linux file security is quite simplistic in design, yet quite effective in controlling access to files and directories.

Directories and the files which are stored in them are arranged in a hierarchical tree structure. Access can be controlled for both the files and the directories allowing a very flexible level of access.

File Security Model

In Linux, every file and every directory are owned by a single user on that system. Each file and directory also has a security group associated with it that has access rights to the file or directory. If a user is not the directory or file owner nor assigned to the security group for the file, that user is classified as other and may still have certain rights to access the file.

Each of the three file access categories, owner, group, and other, has a set of three access permissions associated with it. The access permissions are read, write, and execute.

A user may belong to more than one group. Regardless of how many groups a user belongs to if permissions are granted on a file or directory to one of the user’s groups they will have the granted level of access. You can check what groups a user belongs to with the groups command.

$ groups tclark
tclark : authors users

The groups command is called with one argument, the username you want to investigate. As you can see in the output above the output lists the username and all the groups they belong to. In this output tclark belongs to the groups authors and users.

From the information previously presented about file and directory commands, using the –l option with the ls command will display the file and directory permissions as well as the owner and group as demonstrated below:

Viewing permissions, owner and group


The ls –l command is the best way to view file and directory ownership and permissions. Now let’s look at what each of these permissions do.

File Permissions

File permissions are represented by positions two through ten of the ls –l display. The nine character positions consist of three groups of three characters. Each three character group indicates read (r), write (w), and execute (x) permissions.

The three groups indicate permissions for the owner, group, and other users respectively.

Breakdown of the permissions listing


In the example above, both the owner and the group have read (r) and write (w) permissions for the file, while other users have only read (r) permission.

The example below indicates read, write, and execute (rwx) permissions for the owner, read and execute (r-x) permissions for the group, and no permissions for other users (—).

Another permission listing breakdown


The alphabetic permission indicators are commonly assigned numeric values according to the scheme shown in the table below:

Alpha Numeric Permission
0 No permission granted
x 1 Execute permission granted
w 2 Write permission granted
r 4 Read permission granted

Then, each three character permission group can be assigned a number from zero to seven calculated by adding together the three individual numeric permissions granted. For example, if the owner has read, write, and execute permissions, the owner’s permissions can be represented by the single digit 7 (4+2+1). If the group has read and execute permissions, that can be represented by the single digit 5 (4+0+1). If other users have no permissions, that can be represented by the single digit 0 (0+0+0). These three numbers would then be listed in the order of owner, group, other, in this case 750 as a way to definitively describe the permissions on this file.

There are some additional abbreviations that can be used with commands that manipulate permissions. These abbreviations are:

  • u: user owner’s permissions
  • g: group’s permissions
  • o: other’s permissions

These abbreviations can also be used to change permissions on files. As we will see later, they will allow you to manipulate one level of the permissions (perhaps just the permissions granted to group) without changing the others.

Of course just being able to read these permissions isn’t enough… we want to be able to manipulate them. Stay tuned for more on that in the near future.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


unix, linux, system administration, sysadmin, hidden files, config files

Need to get hardware information on an IBM AIX server? On AIX 4.3.3 and later you can use the prtconf command.

$ prtconf

You don’t need to be root to use this command. The output includes model, serial number, processor type, number of processors, speed of processors, 32-bit or 64-bit, memory size, firmware version, network information, paging (swap) overview, volume information and a long list of available devices.

The prtconf command will only be there in AIX 4.3.3 and later but since it is just a shell script if you can find a copy of it you can easily see the commands it is calling to gather the information. The command seems to live in /usr/sbin/prtconf. If it’s not in your path you should be able to call it directly.

aix, unix, system administration, sysadmin, ibm

Here is another excerpt from Easy Linux Commands. Though the book is geared toward Linux, most of the information (including this section on cron) applies to UNIX operating systems as well.

The cron Daemon

The cron daemon is the system task that runs scripted jobs on a pre-determined schedule. The crontab command is used to tell the cron daemon what jobs the user wants to run and when to run those jobs.

Each Linux user can have their own crontab file, if allowed by the System Administrator. The administrator controls use of crontab by including users in the cron.deny file to disallow use of crontab.

crontab Options

The crontab command has several options.

Option Purpose
-e edit the current crontab file using the text editor specified by the EDITOR environment variable or the VISUAL environment variable
-l list the current crontab file
-r remove the current crontab file
-u specifies the user’s crontab to be manipulated. This is usually used by root to manipulate the crontab of other users or can be used by you to correctly identify the crontab to be manipulated if you have used the su command to assume another identity.

Options for the crontab command

crontab can also accept a file name and will use the specified file to create the crontab file. Many users prefer to use this option rather than the crontab -e command because it provides a master file from which the crontab is built, thus providing a backup to the crontab. The following example specifies a file called mycron.tab to be used as the input for crontab.

$ crontab mycron.tab

Here’s how you would use the crontab –l command to view the current cron entries for the logged in user.

$ crontab -l

#**********************************************************
# Run the Weekly file cleanup task at 6:00AM every Monday
# and send any output to a file called cleanup.lst in the
# /tmp directory
#**********************************************************
00 06 * * 1 /home/terry/cleanup.ksh > /tmp/cleanup.lst

#**********************************************************
# Run the Weekly Management Report every Monday at 7:00 AM
# and save a copy of the report in my /home directory
#**********************************************************
00 07 * * 1 /home/terry/weekly_mgmt_rpt.ksh wprd > /home/terry/weekly_mgmt_rpt.lst

Now if we wanted to delete all the entries in the crontab we can use the –r option.

$ crontab -r

The Format of the crontab File

The crontab file consists of a series of entries specifying what shell scripts to run and when to run it. It is also possible to document crontab entries with comments. Lines which have a pound sign (#) as the first non-blank character are considered comments. Blank lines are completely ignored. Comments cannot be specified on the same line as cron command lines. Comments must be kept on their own lines within the crontab.

There are two types of command lines that can be specified in the crontab: environment variable settings and cron commands. The following sections will provide more detail on these two types of crontab entries.

Environment variable settings

Each environment variable line consists of a variable name, an equal sign (=), and a value. Values that contain spaces need to be enclosed within quotes. The following are some examples of environment variable settings:

color = red
title = ‘My Life in a Nutshell’

It is important to remember that variable names are case sensitive and that system variables are usually defined with upper case names, while user defined variables are defined with lower case names.

Note: Environmental variables are supported in the crontab for many Linux distributions but do not work on all platforms.

crontab Command Lines

Each crontab command line is comprised of six positional fields specifying the time, date and shell script or command to be run. The format of the crontab command line is described in Table 10.2 below:

Field Minute Hour Day of Month Month Day of Week Command
Valid values 0-59 0-23 1-31 1-12 0-7 Command path/command

crontab fields and valid values

NOTE: The use of 7 to indicate Sunday is not supported on all platforms. For best compatibility use 0 for Sunday.

Each of these fields can contain a single number, a range of numbers indicated with a hyphen (such as 2-4), a list of specific values separated by commas (like 2,3,4) or a combination of these designations separated by commas (such as 1,3-5). Any of these fields may also contain an asterisk (*) indicating every possible value of this field. This can all get rather confusing so let’s take a look at a few examples.

The next several examples are all part of the same crontab file. We have broken it up in order to explain each entry individually.

#**********************************************************
# Run the Weekly file cleanup task at 6:00AM every Monday
# and send any output to a file called cleanup.lst in the
# /tmp directory
#**********************************************************
00 06 * * 1 /home/terry/cleanup.ksh > /tmp/cleanup.lst

This entry will run the script cleanup.ksh at 0 minutes past the hour, 6 am, every day of the month, every month of the year, but only on Mondays. This illustrates that for a crontab to execute all of the conditions specified must be met, so even though we’ve said every day of the month by making the third field a wildcard, the day also has to meet the final condition that the day is a Monday.

#**********************************************************
# Run the Weekly Management Report every Monday at 7:00 AM
# and save a copy of the report in my /home directory
#**********************************************************
00 07 * * 1 /home/terry/weekly_mgmt_rpt.ksh wprd > /home/terry/weekly_mgmt_rpt.lst

This entry is very similar but will execute at 7:00am. Since the hour is in 24 hour format (midnight is actually represented as 00) we know the 07 represents 7:00 a.m. This entry again will only be run once a week.

#**********************************************************
# Weekly Full Backup - run every Sunday at 1:30AM
#**********************************************************
30 01 * * 0 /home/terry/full_backup.ksh wprd > /tmp/full_backup.lst

Here we have specified this script to be run at 30 minutes past the hour, the first hour of the day, but only on Sundays. Remember that in the day of the week column Sunday can be represented by either 0 or 7.

#**********************************************************
# Nightly Incremental Backup - run Monday-Saturday at 1:30AM
#**********************************************************
30 01 * * 1-6 /home/terry/incr_backup.ksh > /tmp/incr_backup.lst

In this crontab entry we see the same indication for hour and minute as the last entry but we have specified a range for the day of the week. The range 1-6 will cause the incr_backup.ksh to be executed at 1:30 every morning from Monday through Saturday.

#**********************************************************
# Low disk space alert ... run every 15 minutes, sending
# alerts to key individuals via e-mail
#**********************************************************
00,15,30,45 * * * * /home/terry/free_space.ksh > /tmp/free_space.lst

This entry has minutes separated by a comma indicating that it should be run at each of the indicated times. Since all the other fields are wildcards (*) the entry will be run on the hour (00), 15 minutes past the hour, 30 minutes past the hour and 45 minutes past the hour.

#**********************************************************
# Lunch Time Notification - run Monday-Friday at Noon -
# sends a message to all users indicating it's lunch time
#**********************************************************
00 12 * * 1-5 /home/terry/lunch_time.ksh wprd > /tmp/lunch_time.lst

This lunch reminder is set up to run at 12:00 p.m. Monday through Friday only.

The most important thing to remember is that a crontab entry will execute every time all of its conditions are met. To take the last entry as an example, any time it is 00 minutes past the hour of 12 on any day of the month and any month of the year and the day of the week is between Monday and Friday inclusive (1-5) this crontab will be executed.

You will use wildcards in most crontab entries but be careful where you use them. For instance, if we mistakenly placed a * in the minute position of the last crontab example above we would end up running the script for ever minute of the 12:00 hour instead of just once at the beginning of the hour. I don’t think anyone needs that many reminders to go to lunch, do you?

As mentioned above, the day-of-week field accepts either zero or seven as a value for Sunday. Any of the time/date fields can also contain an asterisk (*) indicating the entire range of values. Additionally, month and day-of-week fields can contain name values, consisting of the first three letters of the month, as indicated in the table below. These may not be supported on all platforms so are rarely used.

Field Valid Entries (case insensitive)
Days of the week sun, mon, tue, wed, thu, fri, sat
SUN, MON, TUE, WED, THU, FRI, SAT
Months of year jan, feb, mar, apr, may, jun, jul, aug, sep, oct, nov, dec
JAN, FEB, MAR, APR, MAY, JUN, JUL, AUG, SEP, OCT, NOV, DEC

Day of week and Month abbreviations.

Note: The use of these abbreviations is also not supported on all platforms. For best compatibility use numeric indicators for day and month.

When numbers are used, the user can specify a range of values separated by a hyphen or a list of values separated by commas. In other words, specifying 2-5 in the hour field means 2AM, 3AM, 4AM and 5AM, while specifying 2,5 means only 2AM and 5AM.

We’ve talked an awful lot about how to specify the date and time in the crontab but what about the command? Well, most folks will write shell scripts to execute with their crontab entries but you can actually just execute a command from the crontab as well. Either way make sure you put the absolute path to your command in the crontab.

If the command or script you call in your crontab typically sends output to the screen you will probably want to redirect that output to a log file with the >> symbol so you can check it later. Be careful with this as the log files may get rather large over time!

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


unix, linux, cron, crontab, system administration, sysadmin, job scheduling

« Previous PageNext Page »