File System

Show directory contents sorted by modification date and time

Find the files that are writable

Show disk usage by files and directories

Show hidden files

Show files bigger or smaller than a specified size

Show when the last modification was made within a directory

Show used and free disk space

Show used and free disk space

Find symbolic links pointing to a directory

Compare two directories, find their differences and what they have in common

Learn how to purge data before deleting a file

Find out when a file was initially created

The stat command can be used to show file statistics, such as file size, ownership, type, and several timestamps. It is a great addition to ls. Time to let it work for us! Basic example If we use the command on our /etc/passwd file, we might get output like below. # stat /etc/passwd File: /etc/passwd Size: 3387 Blocks: 8 IO Block: 4096 regular file Device: 10303h/66307d Inode: 47186412 Links: 1 Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2024-05-08 15:17:01.

Leverage the du command to find the biggest directories

Changing file permissions: chmod The primary command to change file permissions on a Linux system is chmod. It’s a basic system administration utility and pre-installed on the system. To make changes to an existing directory or file, it is first good to look up the existing permissions. This can be done using the ls -l command, that lists them with the long format. ls -l /etc/hosts -rw-r--r-- 1 root root 241 Feb 2 19:10 /etc/hosts There are two syntax styles to tell chmod what the new value should be.

File permissions are stored together with the data on a disk. The Linux kernel uses them to decide which users and processes can access what file. This page can be considered as a good cheat sheet, while the underlying articles explain how to use this information. Main permissions Read (r): Allows users to view the contents of a file or directory Write (w): Grants users the ability to modify the contents of a file or directory Execute (x): Enables users to execute a file or access the contents of a directory Permission Abbreviation Octal value Read r 4 Write w 2 Execute x 1 Possible combinations:

Every file that is stored has a set of file permissions stored within the filesystem. This data about the actual data, it called meta-data. Let have a look at how file permissions work on Linux systems and how to read and understand them. Read, Write, and Execute Linux file permissions are divided into three main categories: Read (r): Allows users to view the contents of a file or directory Write (w): Grants users the ability to modify the contents of a file or directory Execute (x): Enables users to execute a file or access the contents of a directory User, Group, and Others These permissions are each assigned to three entities:

If you want to know which hard links are present, the find utility can give you the answer. In this article we have a look at a few ways to discover more information about hard links. Good to know: a hard link shares the same inode, where a symbolic link has its own inode and just points from one to another. Show all hard links within a specific file system or directory When we have a directory with hard links, we can discover by looking at the link count of each file.

Linux systems use a file system to store and process data. In this section we have a look at what a file system and supporting articles to learn more about it. Purpose of a file system At its core, a file system is the method by which data is organized and stored on a storage device. The storage device is typically a hard drive or solid-state drive (SSD), but it can also be memory.

Also wondering what particular files do on Linux? One of those files we recently rediscovered during auditing is the /etc/networks file. For some reason it was always there, yet we never change it. Output of /etc/networks When looking at the man page of networks(5) we learn its purpose (almost instantly): It translates between IP ranges and network names It is used for tools like netstat and route It only works on class A, B, or C networks It does not work on subnets Surprisingly enough a test with subnetting actually showed the right names during our test.

When looking in /proc you will discover a lot of files and directories. Many of them are just numbers, which represent the information about a particular process ID (PID). By default, Linux systems are deployed to allow all local users to see this all information. This includes process information from other users. This could include sensitive details that you may not want to share with other users. By applying some file system configuration tweaks, we can change this behavior and improve the security of the system.

The history of hidden files Ever wondered why there are files on your Linux system, starting with a dot? The short answer: they are shortcuts. The story begins many years ago when the first file systems were created on UNIX. To allow easy navigation, a single file with a dot (.) was added to each directory. Secondly, a double dot file (..) was added to easily move up in the directory structure.

An introduction into extended attributes (xattrs) on Linux

Mount points are defined in /etc/fstab. They link a particular disk pointer to the related device (disk, partition or virtual device). By default the mount options are not focused on security, which gives us a room to further improve hardening of the system. This hardening is especially important considering our most precious data is stored here. Via mount options we can apply additional security controls to protect our data. Mount point example Let’s have a look at our /etc/fstab file.

Ever wondered what the plus (+) sign is when showing a directory listing? It is part of a POSIX standard to support access control lists (ACL) on files. Normal files on a file system will have only 10 characters displayed, with the last 9 used for file permissions. However, when file access control lists are used, an 11th character shows up. This plus sign indicates the usage of a file ACL.