More Linux and UNIX find command options

Like many Linux and UNIX commands, the find command supports a long list of options. I covered several of the options in a previous article but there are even more useful options. Here are some of them:

Doing things with what we find

The –exec option gives find the powerful ability to execute commands on the files found. The syntax is a little tricky but an example is usually all it takes to get it right.

Before using the -exec option, especially with a powerful command like rm I recommend performing the same find without the –exec. By doing this you will see exactly which files you will be affecting when you run the final command.

The following is a practical example that finds files less than three days old with the .txt extension and deletes them.

Finding .txt Files < 3 Days Old and Delete Them

$ find . -name '*.txt' -mtime -3 -exec rm {} \;
$ ls –lt
total 8
-rw-r--r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 tclark presidents 1310 Jan 13 17:48 gettysburg.txt

The –exec option allows you to put any command after it. Here we have used rm but it is often useful to use this option with cp or chmod. Within the command to be run there must be two curly brackets {}. find will execute the command for each file it finds substituting the file name (and path) where the curly brackets are. Finally the end of the –exec option is signaled by an escaped semicolon (\;). The –exec option should always be the last option given in a find command.

The find command is great for finding files and directories but next we’ll look at some options for finding other things on the system.

Dealing with “Permission denied” in find

If you use find a lot (and you probably will) you will sometimes run into the problem where you get just pages and pages of output like this:

$ find / -name '*.txt'
find: /var/lib/dav: Permission denied
find: /var/lib/nfs/statd: Permission denied
find: /var/lib/dhcpv6: Permission denied
find: /var/lib/slocate: Permission denied
find: /var/lib/xdm/authdir: Permission denied
find: /var/lib/php/session: Permission denied
find: /var/log/samba: Permission denied
find: /var/log/ppp: Permission denied
find: /var/log/audit: Permission denied
find: /var/log/squid: Permission denied
...

This is find telling you there are certain directories you don’t have permissions to search. This can make it very difficult to find the useful output of the find as it can be mixed in with the permissions errors.

To ignore these (and any other) errors and just get the results of what you can find we can use a special redirect at the end of the command. Redirecting output will be covered in more detail in the chapter on shell scripting, but suffice it to say that in this command 2>/dev/null is redirecting the error output to nowhere.

$ find / -name '*.txt' 2>/dev/null
/var/www/icons/small/README.txt
/usr/X11R6/lib/X11/rgb.txt
/usr/X11R6/lib/X11/doc/Xprint_FAQ.txt
/usr/lib/4Suite/tests/Xml/Core/count.txt
...

While it would not be a good idea to redirect the error output all the time (usually you want to know when something has gone wrong) in this case of the find command it can be very useful.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


find, search, unix, linux, system administration, sysadmin

Easy Linux Commands: Book Review 3

Robert Vollman has now posted a review of my book Easy Linux Commands on Amazon.

He makes many good points but one I keep hearing from just about everyone is that almost all of the content of Easy Linux Commands can be applied on other UNIX and UNIX-like systems.

Here is Robert’s full review:

My shelf is full of technical books on a variety of topics, including Linux. But there have been times when someone new to the IT world will ask me for a book to get them started in a particular area. Alas, most of my books are thousand-page, exhaustively-detailed volumes that would be so inaccessible that the only use a beginner could get out of it would be to kill a few spiders.

But now, thanks to Jon Emmons and Terry Clark, I finally have a book I can give a young student, or a previously “Windows-only” PC user. “Easy Linux Commands” is just what it claims to be: an easy introduction to the command-line world.

Being easy to read and accessible is this book’s chief selling point. The book is not only under 200 pages, with lots of pictures, big text and barely 30 lines per page, but it’s also structured in the exact same familiar fashion as countless other books. Furthermore, I don’t find the author’s style overly technical. His writing style is very informal and almost conversational. Judge for yourself by visiting his blog “Life After Coffee,” where he occasionally includes excerpts from the book. In fact, if something is not clear, Jon Emmons is very accessible and answers questions quickly and happily.

http://www.lifeaftercoffee.com/

Also notice that I said this books introduces you to the command-line world, not Linux. I said that for two reasons:
1. Almost everything in this books applies equally well to Unix. Very little in this book is actually Linux-specific.
2. Even though Linux has graphical user interfaces, like Gnome and KDE, this book covers command-line Linux only.

One word of caution. Don’t be thrown by the “Become a Linux Command Guru” picture stamped on the front cover. You won’t be a guru. This covers the basics, and only a little more. But this book will get you past square one and allow you to use some of those big books for becoming a guru (instead of an exterminator).

Easy Linux CommandsCheck out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


linux, book

Listing directory contents in Linux and UNIX

The ls command is the main way to browse directory contents on UNIX and Linux. While it can be used with no options there are several options which will customize the output.

Using Simple ls Command Options

There will come a time when a user will want to know the last file touched, the last file changed or maybe the largest or smallest file within a directory. This type of search can be performed with the ls command. Previously the ls command was used to display directories and files within directories, but by using some of the ls command options and piping the output of ls to the head command to limit the number of displayed lines we can find some of these more specific results.

The following home directory is used for the next few examples. Using the –A option makes ls show files beginning with . but eliminates the . and .. files from the display.

$ ls -Al
total 44
-rw------- 1 tclark tclark 7773 Feb 2 17:11 .bash_history
-rw-r--r-- 1 tclark tclark 24 Aug 18 11:23 .bash_logout
-rw-r--r-- 1 tclark tclark 191 Aug 18 11:23 .bash_profile
-rw-r--r-- 1 tclark tclark 124 Aug 18 11:23 .bashrc
-rw-r--r-- 1 tclark tclark 237 May 22 2003 .emacs
-rw-rw-r-- 1 tclark tclark 0 Feb 3 09:00 example1.fil
-rw-rw-r-- 1 tclark tclark 0 Jan 13 21:13 example2.xxx
drwxrwxr-x 2 tclark authors 4096 Jan 27 10:17 examples
-rw-r--r-- 1 tclark tclark 120 Aug 24 06:44 .gtkrc
drwxr-xr-x 3 tclark tclark 4096 Aug 12 2002 .kde
-rw-r--r-- 1 tclark authors 0 Jan 27 00:22 umask_example.fil
-rw------- 1 tclark tclark 876 Jan 17 17:33 .viminfo
-rw-r--r-- 1 tclark tclark 220 Nov 27 2002 .zshrc

Finding the File Last Touched (Modified) in a Directory

The –t option is used to sort the output of ls by the time the file was modified. Then, the first two lines can be listed by piping the ls command to the head command.

$ ls -Alt|head -2
total 44
-rw-rw-r-- 1 tclark tclark 0 Feb 3 09:00 example1.fil

Using the pipe (|) character in this way tells Linux to take the output of the command preceding the pipe and use it as input for the second command. In this case, the output of ls –Alt is taken and passed to the head -2 command which treats the input just like it would a text file. This type of piping is a common way to combine commands to do complex tasks in Linux.
Finding the File with the Last Attribute Change

The –c option changes ls to display the last time there was an attribute change of a file such as a permission, ownership or name change.

$ ls -Alct|head -2
total 44
-rw-rw-r-- 1 tclark tclark 0 Feb 3 09:07 example1.fil

Again we are using the head command to only see the first two rows of the output. While the columns for this form of the ls command appear identical the date and time in the output now reflect the last attribute change. Any chmod, chown, chgrp or mv operation will cause the attribute timestamp to be updated.

Finding the File Last Accessed in a Directory

Beyond file and attribute modifications we can also look at when files were last accessed. Using the –u option will give the time the file was last used or accessed.

$ ls -Alu|head -2
total 44
-rw------- 1 tclark tclark 7773 Feb 3 08:56 .bash_history

Any of these ls commands could be used without the |head -2 portion to list information on all files in the current directory.

Finding the Largest Files in a Directory

The –S option displays files by their size, in descending order. Using this option and the head command this time to see the first four lines of output we can see the largest files in our directory.

$ ls -AlS|head -4
total 44
-rw------- 1 tclark tclark 7773 Feb 2 17:11 .bash_history
drwxrwxr-x 2 tclark authors 4096 Jan 27 10:17 examples
drwxr-xr-x 3 tclark tclark 4096 Aug 12 2002 .kde

Finding the Smallest Files in a Directory

Adding the –r option reverses the display, sorting sizes in ascending order.

$ ls -AlSr|head -4
total 44
-rw-r--r-- 1 tclark authors 0 Jan 27 00:22 umask_example.fil
-rw-rw-r-- 1 tclark tclark 0 Jan 13 21:13 example2.xxx
-rw-rw-r-- 1 tclark tclark 0 Feb 3 09:00 example1.fil

The –r option can also be used with the other options discussed in this section, for example to find the file which has not been modified or accessed for the longest time.

Use of the ls command options is acceptable when the user is just interested in files in the current working directory, but when we want to search over a broader structure we will use the find command.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


unix, linux, system administration, sysadmin

Special Permission Modes in Linux and UNIX

There are a few special permission mode settings that are worthy of noting. Note that the Set UID and Set GID permissions are disabled in some operating systems for security reasons.

Mode Description
Sticky bit Used for shared directories to prevent users from renaming or deleting each others’ files. The only users who can rename or delete files in directories with the sticky bit set are the file owner, the directory owner, or the super-user (root). The sticky bit is represented by the letter t in the last position of the other permissions display.
SUID Set user ID, used on executable files to allow the executable to be run as the file owner of the executable rather than as the user logged into the system.
SUID can also be used on a directory to change the ownership of files created in or moved to that directory to be owned by the directory owner rather than the user who created it.
SGID Set group ID, used on executable files to allow the file to be run as if logged into the group (like SUID but uses file group permissions).
SGID can also be used on a directory so that every file created in that directory will have the directory group owner rather than the group owner of the user creating the file.

The following example displays the SUID permission mode that is set on the passwd command, indicated by the letter s in the last position of the user permission display. Users would like to be able to change their own passwords instead of having to ask the System Administrator to do it for them. Since changing a password involves updating the /etc/passwd file which is owned by root and protected from modification by any other user, the passwd command must be executed as the root user.

The which command will be used to find the full path name for the passwd command, then the attributes of the passwd command will be listed, showing the SUID permission(s).

$ which passwd
/usr/bin/passwd
$ ls -l /usr/bin/passwd
-r-s--x--x 1 root root 17700 Jun 25 2004 /usr/bin/passwd

Here we see not only that the SUID permissions are set up on the passwd command but also that the command is owned by the root user. These two factors tell us that the passwd command will run with the permissions of root regardless of who executes it.

These special modes can be very helpful on multi-user systems. To set or unset the sticky bit use the the t option with the chmod command. When setting the sticky bit we do not have to specify if it is for user, group or other. In the following example we will make a directory called public which anyone can write to but we’ll use the sticky bit to make sure only the file owners can remove their own files.

$ mkdir public
$ chmod 777 public
$ chmod +t public
$ ls -l
total 4
drwxrwxrwt 2 tclark authors 4096 Sep 14 10:45 public

We see that the last character of the permissions string has a t indicating the sticky bit has been set. We could also prefix the number 1 to the chmod command using the number to achieve the same results. The following chmod command will accomplish the same thing as the two chmod commands in the last example:

$ chmod 1777 public
$ ls -l
total 4
drwxrwxrwt 2 tclark authors 4096 Sep 14 10:45 public

Now let’s say we instead want to make a directory which other users can copy files but which we want the files to instantly become owned by our username and group. This is where the SUID and SGID options come in.

$ mkdir drop_box
$ chmod 777 drop_box
$ chmod u+s,g+s drop_box
$ ls -l
total 4
drwsrwsrwx 2 tclark authors 4096 Sep 14 10:55 drop_box

Now anyone can move files to this directory but upon creation in drop_box they will become owned by tclark and the group authors. This example also illustrates how you can change multiple levels of permissions with a single command by separating them with a comma. Just like with the other permissions this could have been simplified into one command using the SUID and SGID numeric values (4 and 2 respectively.) Since we are changing both in this case we use 6 as the first value for the chmod command.

$ chmod 6777 drop_box/
$ ls -l
total 4
drwsrwsrwx 2 oracle users 4096 Sep 14 10:55 drop_box

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


unix, linux, system administration, sysadmin

Setting Default Permissions Using a File Mask

By default, Linux and UNIX permissions for new directories are typically set to 755 allowing read, write, and execute permissions to user and only read and execute to group and other users. Conversely, file permissions default to 644 allowing read and write access to user but only read to group and others. These defaults are controlled by the user file-creation mask or umask.

A user or administrator may want to change the Linux default permissions by using the umask command in a login script. The umask command can be used without specifying any arguments to determine what the current default permissions are. The value displayed by umask must be subtracted from the defaults of 777 for directories and 666 for files to determine the current defaults. A typical umask which will generate the permissions listed in the previous paragraph would be 0022. The first digit pertains to the sticky bit which will be explained further later.

The –S option can be used to see the current default permissions displayed in the alpha symbolic format. Default permissions can be changed by specifying the mode argument to umask within the user’s shell profile (.bash_profile for the bash) script.

The following are some examples.

Using umask to Set Default Permissions

$ umask
0022

$ umask -S
u=rwx,g=rx,o=rx

$ umask 033

$ umask
0033

$ umask -S
u=rwx,g=r,o=r

The default umask will cause users to create files which any user can read. In many instances where you have a multi-user system this is not desirable and a more appropriate umask may be 077. That umask will enforce the default permissions to be read, write and execute for the owner and no permissions for the group and other users.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


unix, linux, umask, shell, bash, sysadmin, system administration