Note About Security: Best practices dictate that the security of your directories and files should be set to least privileges granted to get the job done. That means don’t open up the security of a directory or a file just to make it work. Know what you need to accomplish your goal and don’t open security beyond that.
“list long time reverse” = show detailed listing, by date, in reverse
ls -ltr *
“list long by size reverse human” = show detailed listing by size, reverse order, human readable (kb,Mb instead of blocks)
“find all files, starting at the root directory whose size is more than 4096k”
find / -size +4096k
Script to find big files
This script will locate all files in the specified directory that are more than 4M (4096k).
- The backward single tick around the find command is used to gather the results of the find and pass that as an argument to the ls command.
- The $1 in the find command is replaced with the first thing typed after our “bigfiles command”
The script below says: “list by size in reverse with human readable file sizes the stuff that the find command returns in the specified directory where the size is more than 4096k”.
- vi /usr/sbin/bigfiles (you’ll need to be root to do this)
- enter this into that file
#!/bin/sh ls -lSrh `find $1 -size +4096k`
- chmod +x /usr/sbin/bigfiles
Run the command like this:
The Fancy Version
#!/bin/sh # # Set the directory to look in to the current directory # if the user did not give us a place to look # if [ "$1" = "" ] then DIR=`pwd` else DIR="$1" fi # # Set the size limit, default to 25M # user must specify in "k" or other # format that is "find friendly" # if [ "$2" = "" ] then SIZE="25000k" else SIZE="$2" fi # # list files by size # that are at or below the directory provided # whose size is at least the size specified # ls -lShr `find $DIR -size +$SIZE`
Run it like this to find files under /home over 100M:
bigfiles /home 100000k
Sharing (Read/Write) A Directory With Members Of Your Group
- The immediate parent in the tree needs to allow members of your group to have read/write privelages.
- The file(s) you want to share with the group must be set to read/write privelages.
- The example below assumes your primary login is part of the group “dev” and that you want to share a lower-level directory in it’s entirety with your group.
- See #File and Directory Permissions for details on reading permissions.
- Login as a privelaged user (root)
- Start at the root of the file system and lookup our directory tree permissions
cd / ls -lhd /home ls -lhd /home/<targetdir> ls -lhd /home/<targetdir>/public_html
The file listings:
drwxr-xr-x 64 root root 4.k Mar 8 09:10 /home drwxr-xr-x 64 <user1> <group1> 4.k Mar 8 09:10 /home/<targetdir> drwxr-xr-x 64 <user1> <group1> 4.k Mar 8 09:10 /home/<targetdir>/public_html
Since we are only trying to grant access to files within the public_html directory we can ignore the settings for the /, /home, and /home/<targetdir> directories. We are only concerned with the setting for the /home/<targetdir>/public_html directory itself and the files within.
- Set the group for the directories
- Set the group for the files
- Change the permissions
chgrp dev /home/<targetdir>/public_html chgrp dev /home/<targetdir>/public_html/* chmod g+w /home/<targetdir>/public_html chmod g+w /home/<targetdir>/public_html/*
Note About “Immediate Parent”
One small but important note about directory permissions. The ENTIRE tree does not need to be opened up for things like r-x to work… only the IMMEDIATE PARENT and the file itself. In other words, if I want /home/cyberspr/public_html/xyz.php to be read/write/execute for owner & group, but read-execute for world then you need to do this:
chmod 775 /home/cyberspr/public_html chmod 775 /home/public_html/xyz.php
File and Directory Permissions
drwxr-xr-x 64 root root 4096 Mar 8 09:10 /home
- 1st character is the directory flag (d = directory, – = a file)
- next 3 characters (rwx in this example) are the OWNER privelages flags
- next 3 characters (r-x) are the GROUP privelages flags
- next 3 characters (r-x) are the WORLD privelages flags
- next digits are something we don’t care about right now
- the next item is the OWNER that the file belongs to (root)
- then comes the GROUP that the file belongs to (also root in this case, which is NOT the same as the user named root)
In our example above the following permissions are setup:
- The user named “root” has full privelages to the file , read, write, and execute
- The group named “root” can only read and execute files
- And anbody at all can read or execute the files within the home directory
Notes From The Real World
If you plan on using the subversion repos on the server you’ll want to add yourself to two groups : dev and svn. The reason is that the /home/<targetdir>/public_html/pipe/repo directory must be owned by svn for svnserve to work. However the parent directory (/home/<targetdir>/public_html) has to be in the group dev. Obvious conflict here without being part of 2 groups.