Many a times, one needs to keep an eye on certain aspects of a system. Be it verifying transfer of contents over to a host or scanning log files as they are written to, these tasks need constant supervision. Wouldn’t it be better if there was some automation to accomplish this? Thankfully, there is one.
Most Linux distros have an inbuilt utility known as ‘watch’ which essentially keeps running a particular command, every ‘n’ number of seconds. The watch command is very simple to use.
Recently, I was rendering a video in Openshot. To my inconvenience, the progress bar within the Openshot failed to show any visual indication. Here I quickly fired up a console & navigated to the location where my video file was to be rendered by Openshot. After this, it was simply a matter of running the mundane ‘ls -lhtr’ command using watch. The ‘ls -lhtr’ lists the files by their recent modification times & presents them in human readable size output. I used the following format;
$watch -n 5 ls -lhtr
Here the ‘-n 5’ option tells watch to run the command ‘ls -lhtr’ every five seconds. One can notice the increasing file size of the file which was rendered by Openshot as the command ran at five seconds interval. Thus, I was guaranteed of Openshot doing its work smoothly despite the conked progress bar in GUI.
The ‘watch’ command is regularly used by system administrators to check the output of a log file as it is written to viz. apache access log. Of-course, one can even use the ‘tail -f’ command to check the output of the log file in this scenario. Watch is a nifty tool in any administrators toolbox and its utility is limited by your imagination.
Regular users do not have permissions to alter files, however the super user can do any changes to the critical system files. For most of the times, one must avoid logging as a root user but at times one needs to login as a root user itself. Here, a small mistake could potential cause irreversible damage to the system. Take an example you are deleting a file & enter the following;
# rm -rf / etc/sysconfig/network-scripts/ifcfg-eth0:0
Noticed the space after ‘/’? That’s not intentional & it got mistyped in haste. Now, if the root user hits enter without correcting his mistake, it will lead to deletion of the entire root directory. You wouldn’t want that. However there is a simple command which prevents root user from deleting files or directories. You can set it on files or directories which you perceive to be important.
The command sets a certain attribute onto a file. These are special attributes over the regular file permissions. The attribute can be only set & unset by a root user.
# chattr +a filename
Now try doing,
# rm -rf filename
You will get,
rm: cannot remove ‘filename’ : Operation not permitted
You can do same on directories.
# chattr +a directory
This will also have an effect on the subsequent sub-directories in the specified directory. However, with the append(a) option, the file can still be altered using the append command. So to avoid that, use the immutable(i) switch instead of (a).
# chattr +i filename
The file can be now deleted nor written to(cannot be appended too).
To unset any of these attributes, simply use minus(-) along with the attribute you specified & file name/directory name.
# chattr -i filename
# chattr -a /directory/
Set this attribute on critical files & directories and you may avoid a potential doom’s day.