Note About Security: Best practices dictate that the security of your directories and files should be set to least privileges granted to get the job done. That means don’t open up the security of a directory or a file just to make it work. Know what you need to accomplish your goal and don’t open security beyond that.

Listing Files

By Date

“list long time reverse” = show detailed listing, by date, in reverse

ls -ltr *

By Size

“list long by size reverse human” = show detailed listing by size, reverse order, human readable (kb,Mb instead of blocks)

ls -lSrh

Finding Files

“find all files, starting at the root directory whose size is more than 4096k”

find / -size +4096k

Script to find big files

This script will locate all files in the specified directory that are more than 4M (4096k).

• The backward single tick around the find command is used to gather the results of the find and pass that as an argument to the ls command.
• The $1 in the find command is replaced with the first thing typed after our “bigfiles command”

The script below says: “list by size in reverse with human readable file sizes the stuff that the find command returns in the specified directory where the size is more than 4096k”.

• vi /usr/sbin/bigfiles (you’ll need to be root to do this)
• enter this into that file

#!/bin/sh
ls -lSrh `find $1 -size +4096k`

• chmod +x /usr/sbin/bigfiles

Run the command like this:

bigfiles /home/backup

The Fancy Version

#!/bin/sh
#
# Set the directory to look in to the current directory
# if the user did not give us a place to look
#
if [ "$1" = "" ]
then
    DIR=`pwd`
else
    DIR="$1"
fi
#
# Set the size limit, default to 25M
# user must specify in "k" or other
# format that is "find friendly"
#
if [ "$2" = "" ]
then
    SIZE="25000k"
else
    SIZE="$2"
fi
#
# list files by size
# that are at or below the directory provided
# whose size is at least the size specified
#
ls -lShr `find $DIR -size +$SIZE`

Run it like this to find files under /home over 100M:

bigfiles /home 100000k

Sharing (Read/Write) A Directory With Members Of Your Group

• The immediate parent in the tree needs to allow members of your group to have read/write privelages.
• The file(s) you want to share with the group must be set to read/write privelages.
• The example below assumes your primary login is part of the group “dev” and that you want to share a lower-level directory in it’s entirety with your group.
• See #File and Directory Permissions for details on reading permissions.

1. Login as a privelaged user (root)
2. Start at the root of the file system and lookup our directory tree permissions

 cd /
 ls -lhd /home
 ls -lhd /home/<targetdir>
 ls -lhd /home/<targetdir>/public_html

The file listings:

 drwxr-xr-x  64 root root 4.k Mar  8 09:10 /home
 drwxr-xr-x  64 <user1> <group1> 4.k Mar  8 09:10 /home/<targetdir>
 drwxr-xr-x  64 <user1> <group1> 4.k Mar  8 09:10 /home/<targetdir>/public_html

Since we are only trying to grant access to files within the public_html directory we can ignore the settings for the /, /home, and /home/<targetdir> directories. We are only concerned with the setting for the /home/<targetdir>/public_html directory itself and the files within.

1. Set the group for the directories
2. Set the group for the files
3. Change the permissions

 chgrp dev /home/<targetdir>/public_html
 chgrp dev /home/<targetdir>/public_html/*
 chmod g+w /home/<targetdir>/public_html
 chmod g+w /home/<targetdir>/public_html/*

Note About “Immediate Parent”

One small but important note about directory permissions. The ENTIRE tree does not need to be opened up for things like r-x to work… only the IMMEDIATE PARENT and the file itself. In other words, if I want /home/cyberspr/public_html/xyz.php to be read/write/execute for owner & group, but read-execute for world then you need to do this:

chmod 775 /home/cyberspr/public_html
chmod 775 /home/public_html/xyz.php

File and Directory Permissions

drwxr-xr-x  64 root root 4096 Mar  8 09:10 /home

• 1st character is the directory flag (d = directory, – = a file)
• next 3 characters (rwx in this example) are the OWNER privelages flags
• next 3 characters (r-x) are the GROUP privelages flags
• next 3 characters (r-x) are the WORLD privelages flags
• next digits are something we don’t care about right now
• the next item is the OWNER that the file belongs to (root)
• then comes the GROUP that the file belongs to (also root in this case, which is NOT the same as the user named root)

In our example above the following permissions are setup:

• The user named “root” has full privelages to the file , read, write, and execute
• The group named “root” can only read and execute files
• And anbody at all can read or execute the files within the home directory

Notes From The Real World

If you plan on using the subversion repos on the server you’ll want to add yourself to two groups : dev and svn. The reason is that the /home/<targetdir>/public_html/pipe/repo directory must be owned by svn for svnserve to work. However the parent directory (/home/<targetdir>/public_html) has to be in the group dev. Obvious conflict here without being part of 2 groups.

Related Links

• Another site with a list of useful Linux commands

• Share This:
  
• Bookmark on Delicious
• Digg this post
• Recommend on Facebook
• Share on Linkedin
• share via Reddit
• Share with Stumblers
• Tweet about it
• Subscribe to the comments on this post
• Tell a friend

Related posts:

1. Linux User Management
2. Using Find To Help Manage Files On Linux
3. Scheduling Linux Apps
4. Using a Git Excludes File
5. Finding Which Linux Packages Provide Which Files

0 Comment   |   Posted in System Administration,blog,files by lcleveland on April 06, 2009