Inotify or automate routine operations using incron
Until now, in Habré, no one has ever mentioned such a convenient linux kernel subsystem as inotify and its use in automating the work of a system administrator. I would like to fill this gap.
Inotify is a Linux kernel subsystem that allows you to receive notifications about changes in the file system. Those. in simple words - this piece gives us information about the creation or modification of any file or directory in the used file system.
Inotify appeared in the kernel in version 2.6.13 and passed the test of time. Several utilities have been written to use it, and we will consider working with one of them.
incron is a daemon that monitors file system events using inotify and executes a command when an event specified in a task arrives, similar to how its namesake cron does it at the specified time.
')
Install the daemon using your distro. It looks like this to me:
kolvir ~ # emerge incron
After installation, start the daemon and add it to the list of services that are started at system startup.
Now you can add tasks. This is done with the incrontab -e command. You can of course edit the files manually ... they are located in the / var / spool / incrontab directory , but it is better to use a utility specially designed for this.
There is a small subtlety here. If during installation you have created the file /etc/incron.allow and it does not have your user name, then you should add it there, otherwise you will not be allowed to work with incron and incrontab. If this file is not in the system, then by default access will be allowed to all users.
So, we solved problems with access. Now we type incrontab -e and we see in front of us, for the time being, a clean file opened in a text editor, which is registered in your system by default.
Now I will tell you what to write there:
The crontab syntax will be even simpler than the classic cron.
Each line of the config should be of the following form:
<path> <event> <command>
Now let's decipher what we need to write here in each table: Path - here we need to specify the full path to the file or directory that we intend to follow. Command - this indicates which script or which command is required to be executed upon the occurrence of an event. Event - here you need to specify one of the following types of events:
IN_ACCESS - The file was accessed (read)
IN_ATTRIB - Metadata changed (rights, date of creation / editing, extended attributes, etc.)
IN_CLOSE_WRITE - The file open for writing has been closed.
IN_CLOSE_NOWRITE - File not open for writing has been closed
IN_CREATE - The file / directory was created in the monitored directory.
IN_DELETE - File / directory deleted in the monitored directory
IN_DELETE_SELF - The monitored file / directory was (a) deleted (a)
IN_MODIFY - File has been changed
IN_MOVE_SELF - The monitored file / directory has been moved.
IN_MOVED_FROM - The file has been moved from the tracked directory.
IN_MOVED_TO - The file is moved to the monitored directory.
IN_OPEN - The file has been opened.
You can also use the following internal variables in the command (very convenient for logging IMHO):
$$ $ sign
$ @ object of our surveillance (directory)
$ # file name created
$% event flag (text)
$ & event flag (digit)
So. Armed with knowledge, now you can begin to automate. Surely, many have already understood what and how can be done with the help of incron, but I will still write a few examples for the rest.
Take for example the crontab file taken from my home server:
In the first line, when modifying any file from the / etc directory, a backup script is launched that saves all the important files from / etc. Thanks to the rsync utility, I can only copy changed files, saving traffic and not loading a channel, but now it's not about that =).
Next comes the usual operations restart services, when changing their configuration files. How great it is not to do it manually every time!
And in the last line, the firewall configuration script is launched, if it has been changed.
As you can see, everything is pretty simple and banal, but what a safety net of memory =). Especially when I am fascinated by something else, or have not quite woken up yet, or, on the contrary, are very tired.
In my example, only the IN_MODIFY event is used everywhere, but I can give a slightly contrived, but still working example of using another event:
Here we turn off the computer, if in the shared folder, someone created or edited the shutdown file.
Learn more about the software interface, as well as other utilities, here: ru.wikipedia.org/wiki/Inotify or here: www.ibm.com/developerworks/ru/library/l-ubuntu-inotify
What is inotify
Inotify is a Linux kernel subsystem that allows you to receive notifications about changes in the file system. Those. in simple words - this piece gives us information about the creation or modification of any file or directory in the used file system.
Inotify appeared in the kernel in version 2.6.13 and passed the test of time. Several utilities have been written to use it, and we will consider working with one of them.
incron
incron is a daemon that monitors file system events using inotify and executes a command when an event specified in a task arrives, similar to how its namesake cron does it at the specified time.
')
Install the daemon using your distro. It looks like this to me:
kolvir ~ # emerge incron
After installation, start the daemon and add it to the list of services that are started at system startup.
Now you can add tasks. This is done with the incrontab -e command. You can of course edit the files manually ... they are located in the / var / spool / incrontab directory , but it is better to use a utility specially designed for this.
There is a small subtlety here. If during installation you have created the file /etc/incron.allow and it does not have your user name, then you should add it there, otherwise you will not be allowed to work with incron and incrontab. If this file is not in the system, then by default access will be allowed to all users.
So, we solved problems with access. Now we type incrontab -e and we see in front of us, for the time being, a clean file opened in a text editor, which is registered in your system by default.
Now I will tell you what to write there:
crontab file format for incron
The crontab syntax will be even simpler than the classic cron.
Each line of the config should be of the following form:
<path> <event> <command>
Now let's decipher what we need to write here in each table: Path - here we need to specify the full path to the file or directory that we intend to follow. Command - this indicates which script or which command is required to be executed upon the occurrence of an event. Event - here you need to specify one of the following types of events:
IN_ACCESS - The file was accessed (read)
IN_ATTRIB - Metadata changed (rights, date of creation / editing, extended attributes, etc.)
IN_CLOSE_WRITE - The file open for writing has been closed.
IN_CLOSE_NOWRITE - File not open for writing has been closed
IN_CREATE - The file / directory was created in the monitored directory.
IN_DELETE - File / directory deleted in the monitored directory
IN_DELETE_SELF - The monitored file / directory was (a) deleted (a)
IN_MODIFY - File has been changed
IN_MOVE_SELF - The monitored file / directory has been moved.
IN_MOVED_FROM - The file has been moved from the tracked directory.
IN_MOVED_TO - The file is moved to the monitored directory.
IN_OPEN - The file has been opened.
You can also use the following internal variables in the command (very convenient for logging IMHO):
$$ $ sign
$ @ object of our surveillance (directory)
$ # file name created
$% event flag (text)
$ & event flag (digit)
A few examples
So. Armed with knowledge, now you can begin to automate. Surely, many have already understood what and how can be done with the help of incron, but I will still write a few examples for the rest.
Take for example the crontab file taken from my home server:
/etc IN_MODIFY /bin/backup
/etc/bind/pri/ IN_MODIFY rndc reload
/etc/bind/pri/named.conf IN_MODIFY /etc/init.d/named restart
/etc/apache2/ IN_MODIFY /etc/init.d/apache2 restart
/etc/squid/squid.conf IN_MODIFY /etc/init.d/squid restart
/etc/squidGuard/ IN_MODIFY /etc/init.d/squid restart
/etc/conf.d/firewall.sh IN_MODIFY /etc/conf.d/firewall.sh
In the first line, when modifying any file from the / etc directory, a backup script is launched that saves all the important files from / etc. Thanks to the rsync utility, I can only copy changed files, saving traffic and not loading a channel, but now it's not about that =).
Next comes the usual operations restart services, when changing their configuration files. How great it is not to do it manually every time!
And in the last line, the firewall configuration script is launched, if it has been changed.
As you can see, everything is pretty simple and banal, but what a safety net of memory =). Especially when I am fascinated by something else, or have not quite woken up yet, or, on the contrary, are very tired.
In my example, only the IN_MODIFY event is used everywhere, but I can give a slightly contrived, but still working example of using another event:
/mnt/samba/public/shutdown IN_CLOSE_WRITE shutdown nowHere we turn off the computer, if in the shared folder, someone created or edited the shutdown file.
Links
Learn more about the software interface, as well as other utilities, here: ru.wikipedia.org/wiki/Inotify or here: www.ibm.com/developerworks/ru/library/l-ubuntu-inotify
Source: https://habr.com/ru/post/66569/
All Articles