Inotify or automate routine operations with incron

    Until now, no one has already mentioned on the hubr about such a convenient subsystem of the linux kernel as inotify and its use in automating the work of the system administrator. I would like to fill this gap.

    What is inotify


    Inotify is a subsystem of the Linux kernel that allows you to receive notifications of changes in the file system. Those. in simple words - this thing gives us information about creating or changing any file or directory in the file system used.
    Inotify appeared in the kernel already in version 2.6.13 and passed the test of time. To use it, several utilities have been written, we will consider working with one of them.


    incron


    incron is a daemon that monitors events in the file system using inotify and executes the command when the event specified in the task occurs, similar to how its namesake cron does it when the specified time arrives.

    Install the daemon using our distribution kit. It looks like this for me:

    kolvir ~ # emerge incron

    After installation, we start the daemon and add it to the list of services that start when the system starts.
    Now you can add tasks. This is done by the incrontab -e command . You can, of course, edit the files manually ... they are in the / var / spool / incrontab directory , but it’s better to use a utility specially designed for this.
    There is a slight subtlety. If during installation you created the /etc/incron.allow file and it does not have your username, then you should add it there, otherwise you will be prohibited from working with incron and incrontab. If this file is not in the system, then by default access will be allowed to all users.
    So, we solved access problems. Now we type incrontab -e and see before us, as yet, a clean file opened in a text editor, which is registered by default in your system.
    Now I will tell you what you need to write there:

    crontab file format for incron

    The crontab syntax will be even simpler than the classic cron.
    Each line of the config should be of the following form:

    <path> <event> <command>

    Now we will decipher what we need to write in each column: Path - here we need to specify the full path to the file or directory that we intend to monitor. Command - this indicates which script or which command is required to be executed upon the occurrence of an event. Event - here you need to specify one of the following types of events:

    IN_ACCESS - The file was accessed (read)
    IN_ATTRIB - The metadata (rights, creation / editing date, extended attributes, etc.) was
    changed IN_CLOSE_WRITE - The file opened for writing was closed
    IN_CLOSE_NOWRITE - The file that was not open for writing was closed
    IN_CREATE - The file / directory was created in the monitored directory
    IN_DELETE - The file / directory was deleted in the monitored directory
    IN_DELETE_SELF - The monitored file / directory was deleted ( a)
    IN_MODIFY - the file has been changed
    IN_MOVE_SELF - the tracked file / directory has been moved (a)
    IN_MOVED_FROM - the file has been moved from the tracked directory
    IN_MOVED_TO - the file has been moved to the tracked directory
    IN_OPEN - the file has been opened

    You can also use the following in the command internal variables (very convenient for logir Bani IMHO):

    $$ sign $
    $ @ object of our surveillance (directory)
    $ # name of the created file
    $% event flag (text)
    $ & event flag (number)

    A few examples

    So. Armed with knowledge, now you can begin to automate. Surely many have already understood what and how can be done with incron, but I will still write a few examples for the rest.

    Take for example the crontab file taken from my home server: On the first line, when modifying any file from the / etc directory, a backup script is launched that saves all the important files from / etc. Thanks to the rsync utility, I can only copy modified files saving traffic and not downloading the channel in vain, but now it's not about that =). Next are the usual operations of restarting services when changing their configuration files. It's great not to do it manually every time! And in the last line, the firewall configuration script is launched if it has been changed.

    /etc IN_MODIFY /bin/backup
    /etc/bind/pri/ IN_MODIFY rndc reload
    /etc/bind/pri/named.conf IN_MODIFY /etc/init.d/named restart
    /etc/apache2/ IN_MODIFY /etc/init.d/apache2 restart
    /etc/squid/squid.conf IN_MODIFY /etc/init.d/squid restart
    /etc/squidGuard/ IN_MODIFY /etc/init.d/squid restart
    /etc/conf.d/firewall.sh IN_MODIFY /etc/conf.d/firewall.sh






    As you can see, everything here is quite simple and banal, but what a safety net for memory =). Especially when he is keen on something else or has not yet woken up completely, or, on the contrary, is very tired.
    In my example, only the IN_MODIFY event is used everywhere, but I can give a somewhat far-fetched, but still working example of using another event:

    /mnt/samba/public/shutdown IN_CLOSE_WRITE shutdown now

    Here we turn off the computer if, in the shared folder, someone created or edited the shutdown file.

    References

    You can find out more about the program interface, as well as other utilities here: ru.wikipedia.org/wiki/Inotify or here: www.ibm.com/developerworks/ru/library/l-ubuntu-inotify

    Also popular now: