Tag: System Administration

Color ls output and permission denied

In my post from earlier this week on removing the color output from the ls command I mentioned that in some circumstances the color-coded output can cause permissions errors. Cloned Milkmen asked that I explain why this would be.

I was hoping someone would ask that. In Linux and UNIX if the execute flag is not set on a directory, as in the example below, the ls --color=tty command will return Permission denied.

$ ls -ld ls_test/
dr-------- 4 jonemmons pg222211 4096 Nov 12 20:07 ls_test/
$ ls ----color=tty ls_test/
ls: ls_test/test1: Permission denied
ls: ls_test/test2: Permission denied
ls: ls_test/test3: Permission denied
dir1 dir2
$ ls ls_test/
dir1 dir2 test1 test2 test3

The execute flag is funny on directories. The main effect is that it will inhibit a user’s ability to cd into a directory, but it will also keep you from being able to get information out of the file’s inode (the inode contains information about when a file was created, modified, accessed etc.) Since ls requires information from the inode to properly color-code files in a directory it will fail if the execute bit is not set. An ls -l will fail for the same reason.

So thanks to Cloned Milkmen for asking the question. If you’re looking for some eclectic and distracting reading, check out his blog The Synthetic Librarian.

unix, linux, directory, permission, security, sysadmin, system administration

Get rid of color ‘ls’ output in Linux

Color ls outputMany popular varieties of Linux use a “feature” which causes the ls command output to show files, directories, links, etc. all in different colors. I guess some people prefer this, but I find it at best annoying, and at worst illegible. Specifically the color-coding of symbolic links tend to show in such a light color that it is often impossible to read.

The color output is accomplished by adding the --color=tty or a similar option to the ls command. This is typically accomplished by creating an alias to ls in either the user’s profile or in one of the system-wide profiles.

alias ls='ls --color=tty'

My personal preference is to remove this line from any system-wide configuration files (such as /etc/profile) and allow users to set it in their own profile if preferred. If you don’t have the desire or ability to make this change universally than a user can easily disable the color output by using the unalias command:

unalias ls

This can either be added to the user’s configuration file (e.g. the .profile or .bash_profile in their home directory), or you can just type unalias ls anytime to disable color ls output for the rest of the current shell session. This can be especially useful to turn off the color output when you’re working on someone else’s system.

Color-coded ls output can cause permissions errors in some circumstances, so in my opinion it is best left off, but if you’re stuck with it then it’s nice to know how it can be disabled when necessary.

ls, sysadmin, system administration, linux, shell, bash, sh, UNIX

Built-in shell scripting variables

UNIX and Linux shells provide an abundance of useful built-in information that can be referenced in globally available variables. In order to see the information provided in a shell, the set command can be run as demonstrated below.

Here’s a partial output of the set command:

$ set
BASH=/bin/bash
BASH_VERSINFO=([0]="2" [1]="05b" [2]="0" [3]="1" [4]="release" [5]="i386-redhat-linux-gnu")
BASH_VERSION='2.05b.0(1)-release'
GROUPS=()
G_BROKEN_FILENAMES=1
HISTFILE=/home/tclark/.bash_history
HISTFILESIZE=1000
HISTSIZE=1000
HOME=/home/tclark
HOSTNAME=appsvr.mytec.com
OSTYPE=linux-gnu
PATH=/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/home/tclark/bin
...
PS1='[\u@\h \W]\$ '
PS2='> '
PS4='+ '
PWD=/home/tclark
SHELL=/bin/bash
SHLVL=1
SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass
SSH_CLIENT='206.107.231.178 1379 22'
SSH_CONNECTION='206.107.231.178 1379 192.168.15.105 22'
SSH_TTY=/dev/pts/0
SUPPORTED=en_US.UTF-8:en_US:en
TERM=vt100
UID=503
USER=tclark
_=clear

The contents of a shell variable can be displayed by using the echo command and prefacing the variable name with a dollar sign as demonstrated below. Shell variables are referenced using all capital letters.

$ echo $TERM
vt100
$ echo $USER
tclark
$ echo $HOSTNAME ... $LOGNAME
appsvr.mytec.com ... tclark

There are also some special built-in variables that can be useful when creating shell scripts. Some of them are listed in the table below.

Built-in Variable Description
$# The total number of arguments passed to a shell script on the command line.
$* All arguments passed to the shell script.
$0 The command (script) invoked on the command line.
$1 – $9 The first through ninth arguments passed to the shell script from the command line.

These variables are provided by the shell and the names should not be used for other variables.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


linux, unix, system administration, sysadmin

Command aliases in Linux and UNIX

Aliases can be used to perform complex commands but are set in the shell like environmental variables.

If you find yourself frequently using a fairly complicated command like the one below and want to be able to run it without typing the whole thing you can use the alias command to set up a shortcut.

$ alias alert=’tail -200 /u01/installed/software/mypgm/alert.log|more’

Now you can execute this whole command simply by typing alert. Many of the features of shell scripting are available in aliases including the pipe (|) used to send the output of one command to the input of another.

If you would like to have an alias automatically set up every time you enter a shell you can add the alias definition to your .profile file (or whatever file your default shell executes at login.)

A small set of well written aliases can save you a lot of keystrokes, just be careful not to make aliases with the same name as commands you use unless you want the alias to replace that command when you type it.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


linux, unix, system administration, sysadmin

More Linux and UNIX find command options

Like many Linux and UNIX commands, the find command supports a long list of options. I covered several of the options in a previous article but there are even more useful options. Here are some of them:

Doing things with what we find

The –exec option gives find the powerful ability to execute commands on the files found. The syntax is a little tricky but an example is usually all it takes to get it right.

Before using the -exec option, especially with a powerful command like rm I recommend performing the same find without the –exec. By doing this you will see exactly which files you will be affecting when you run the final command.

The following is a practical example that finds files less than three days old with the .txt extension and deletes them.

Finding .txt Files < 3 Days Old and Delete Them

$ find . -name '*.txt' -mtime -3 -exec rm {} \;
$ ls –lt
total 8
-rw-r--r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 tclark presidents 1310 Jan 13 17:48 gettysburg.txt

The –exec option allows you to put any command after it. Here we have used rm but it is often useful to use this option with cp or chmod. Within the command to be run there must be two curly brackets {}. find will execute the command for each file it finds substituting the file name (and path) where the curly brackets are. Finally the end of the –exec option is signaled by an escaped semicolon (\;). The –exec option should always be the last option given in a find command.

The find command is great for finding files and directories but next we’ll look at some options for finding other things on the system.

Dealing with “Permission denied” in find

If you use find a lot (and you probably will) you will sometimes run into the problem where you get just pages and pages of output like this:

$ find / -name '*.txt'
find: /var/lib/dav: Permission denied
find: /var/lib/nfs/statd: Permission denied
find: /var/lib/dhcpv6: Permission denied
find: /var/lib/slocate: Permission denied
find: /var/lib/xdm/authdir: Permission denied
find: /var/lib/php/session: Permission denied
find: /var/log/samba: Permission denied
find: /var/log/ppp: Permission denied
find: /var/log/audit: Permission denied
find: /var/log/squid: Permission denied
...

This is find telling you there are certain directories you don’t have permissions to search. This can make it very difficult to find the useful output of the find as it can be mixed in with the permissions errors.

To ignore these (and any other) errors and just get the results of what you can find we can use a special redirect at the end of the command. Redirecting output will be covered in more detail in the chapter on shell scripting, but suffice it to say that in this command 2>/dev/null is redirecting the error output to nowhere.

$ find / -name '*.txt' 2>/dev/null
/var/www/icons/small/README.txt
/usr/X11R6/lib/X11/rgb.txt
/usr/X11R6/lib/X11/doc/Xprint_FAQ.txt
/usr/lib/4Suite/tests/Xml/Core/count.txt
...

While it would not be a good idea to redirect the error output all the time (usually you want to know when something has gone wrong) in this case of the find command it can be very useful.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!


find, search, unix, linux, system administration, sysadmin