Advanced Linux Shell Scripting for DevOps Engineers with user management, file permissions, and access control lists.

The script uses a loop to dynamically create directories with the given name prefix followed by numbers in the specified range.

Script: createDirectories.sh

#!/bin/bash

# Check if the correct number of arguments are provided
if [ $# -ne 3 ]; then
    echo "Usage: $0 <directory_name_prefix> <start_number> <end_number>"
    exit 1
fi

# Assign arguments to variables
prefix=$1
start=$2
end=$3

# Check if start and end are valid numbers
if ! [[ "$start" =~ ^[0-9]+$ ]] || ! [[ "$end" =~ ^[0-9]+$ ]]; then
    echo "Error: Start and end must be valid numbers."
    exit 1
fi

# Loop from start to end to create directories
for ((i=start; i<=end; i++)); do
    dirname="${prefix}${i}"
    mkdir "$dirname"
    echo "Directory $dirname created"
done

Explanation:

• Arguments: The script expects three arguments:

  1. directory_name_prefix: The prefix of the directory name (e.g., day, Movie, etc.).

  2. start_number: The starting number for the directory names.

  3. end_number: The ending number for the directory names.

• Checking for arguments: The script first checks if the correct number of arguments is provided.

• Loop: A for loop iterates from the start number to the end number, dynamically generating the directory names by concatenating the prefix and the number, and creates the directories using mkdir.

• Validation: There’s also basic validation to ensure that the start and end numbers are valid integers.

How to Run the Script:

1. Save the script in a file named createDirectories.sh.

2. Give the script execute permission:

    chmod +x createDirectories.sh
   

3. Run the script with the required arguments:

    ./createDirectories.sh day 1 90
   

   or

    ./createDirectories.sh Movie 20 50
   

Script to backup all your work done:

This script backs up the contents of a specified directory (for example, your work directory) and saves it in a backup location.

Script: backup.sh

#!/bin/bash

# Variables
SOURCE_DIR="$HOME/work"          # The directory containing your work
BACKUP_DIR="$HOME/backups"       # The directory where backups will be stored
TIMESTAMP=$(date +"%Y-%m-%d_%H-%M-%S")   # Current date and time
BACKUP_NAME="work_backup_$TIMESTAMP.tar.gz"  # Backup file name with timestamp

# Create the backup directory if it doesn't exist
if [ ! -d "$BACKUP_DIR" ]; then
    mkdir -p "$BACKUP_DIR"
    echo "Created backup directory: $BACKUP_DIR"
fi

# Create the backup file
tar -czf "$BACKUP_DIR/$BACKUP_NAME" -C "$SOURCE_DIR" .

# Check if the backup was successful
if [ $? -eq 0 ]; then
    echo "Backup successful!"
    echo "Backup file created: $BACKUP_DIR/$BACKUP_NAME"
else
    echo "Backup failed!"
    exit 1
fi

Explanation:

1. SOURCE_DIR: Set to the directory containing your work (in this case, ~/work). You can replace this with the actual path of your work directory.

2. BACKUP_DIR: This is where the backup files will be stored (set to ~/backups by default). The script will create this directory if it doesn't already exist.

3. TIMESTAMP: A timestamp is generated to create a unique filename for the backup based on the current date and time (e.g., work_backup_2024-10-05_12-45-00.tar.gz).

4. tar: The tar command is used to compress the contents of SOURCE_DIR into a .tar.gz archive stored in BACKUP_DIR.

5. Backup Success Check: The script checks if the backup was successful and prints a message accordingly.

How to Run the Script:

1. Save the script as backup.sh.

2. Make the script executable:

    chmod +x backup.sh
   

3. Run the script:

    ./backup.sh
   

This will create a compressed .tar.gz file of your work directory and store it in the backups folder with a timestamp. If you'd like to back up a different directory, just modify the SOURCE_DIR variable.

Cron and Crontab:

Cron is a background service that runs scheduled tasks at specific times on Unix-based systems. Crontab is a file or command used to manage cron jobs (scheduled tasks), and each user can have their own crontab.

Crontab Syntax:

*    *    *    *    *    command_to_execute
-    -    -    -    -
|    |    |    |    |
|    |    |    |    +----- Day of week (0-7)
|    |    |    +---------- Month (1-12)
|    |    +--------------- Day of month (1-31)
|    +-------------------- Hour (0-23)
+------------------------- Minute (0-59)

Common Commands:

• List cron jobs: crontab -l

• Edit crontab: crontab -e

• Remove cron jobs: crontab -r

Examples:

• Run a backup daily at 1 AM:
  0 1 * * * /home/user/backup.sh

• Run a script every 10 minutes:
  */10 * * * * /home/user/script.sh

File Permissions and Access Control Lists:

An step-by-step guide for creating a file, viewing its details with ls -ltr, and changing its user permissions using chmod, chown, and chgrp:

1. Create a Simple File:

You can create a file using the touch command:

touch myfile.txt

This creates a blank file named myfile.txt.

2. View File Details with ls -ltr:

Now, list the details of the file using:

ls -ltr myfile.txt

This command will output something like:

-rw-r--r-- 1 user group 0 Oct 5 12:00 myfile.txt

• -rw-r--r--: The file permissions.

  • Owner (user): Read, write (rw-).

  • Group (group): Read-only (r--).

  • Others: Read-only (r--).

3. Change File Ownership:

• Change the owner of the file using chown:

    sudo chown newuser myfile.txt
  

  This assigns newuser as the new owner of the file.

• Change the group ownership using chgrp:

    sudo chgrp newgroup myfile.txt
  

  This assigns newgroup as the new group that owns the file.

4. Change File Permissions for Others:

• Use chmod to change permissions. For example, if you want to remove read access for others:

    chmod o-r myfile.txt
  

• If you want to add execute permission for others:

    chmod o+x myfile.txt
  

5. Verify Changes with ls -ltr:

After changing the permissions and ownership, run ls -ltr again to see the updated details:

ls -ltr myfile.txt

You will notice that:

• The owner and group may have changed depending on your use of chown and chgrp.

• The permissions for others will be updated based on the chmod command you used.

For example:

-rw-r--r-x 1 newuser newgroup 0 Oct 5 12:05 myfile.txt

In this case:

• The owner is newuser and the group is newgroup.

• Others have execute (x) but no read (r) permission.

---

Recap of Commands:

• Create file: touch myfile.txt

• View file details: ls -ltr myfile.txt

• Change owner: chown newuser myfile.txt

• Change group: chgrp newgroup myfile.txt

• Change permissions: chmod o+rwx myfile.txt

File Permissions:

File permissions in Linux and Unix systems determine who can access and modify files and directories, essential for system security. Permissions apply to three categories of users.

1. Owner: The user who created or owns the file.

2. Group: A group of users who share access to the file.

3. Others: Everyone else who has access to the system but is neither the owner nor in the group.

Types of File Permissions:

• Read (r): Permission to view the contents of the file or directory.

• Write (w): Permission to modify the file or directory.

• Execute (x): Permission to run the file as a program or navigate into a directory.

Permission Representation:

Permissions are displayed in a 10-character string, such as:

-rwxr-xr--

• The first character (-) indicates the type (e.g., - for file, d for directory).

• The next three characters (rwx) are for the owner (read, write, execute).

• The middle three (r-x) are for the group (read, execute).

• The last three (r--) are for others (read only).

Changing Permissions:

You can modify permissions using the chmod command. For example:

• chmod 755 file.txt: Gives the owner read, write, execute (rwx), the group read, execute (r-x), and others read, execute (r-x).

Why File Permissions Matter:

File permissions are crucial for controlling access and safeguarding sensitive data, particularly in multi-user environments. They ensure that only authorized users can interact with files and directories securely.

Access Control Lists (ACLs):

ACLs (Access Control Lists) provide more granular control over file and directory permissions beyond the traditional owner-group-others model in Linux. With ACLs, you can assign specific permissions to individual users or groups, offering more flexibility.

---

Key ACL Commands:

1. getfacl: Displays the current ACL of a file or directory.

2. setfacl: Sets or modifies the ACL of a file or directory.

---

Example of Using ACLs

Step 1: Viewing ACL with getfacl

First, you can check the current permissions of a file using ls -l and then view the ACL using getfacl.

ls -l file.txt
getfacl file.txt

Output of getfacl might look like this:

# file: file.txt
# owner: user1
# group: group1
user::rw-
group::r--
other::r--

This output shows the standard permissions: the owner has rw- permissions, the group has r--, and others also have r--.

Step 2: Setting ACL with setfacl

Let’s assign specific permissions to another user (e.g., user2) using setfacl:

bashCopy codesetfacl -m u:user2:rw file.txt

Explanation:

• -m stands for modify.

• u:user2:rw assigns read and write permissions to user2 on file.txt.

Now, if you run getfacl again:

getfacl file.txt

The output will show:

# file: file.txt
# owner: user1
# group: group1
user::rw-
user:user2:rw-
group::r--
other::r--

Here, you see that user2 has been granted read and write permissions (rw-), in addition to the standard owner, group, and other permissions.

Step 3: Removing ACL Entries

To remove ACL entries, use the -x option with setfacl. For example, to remove the permissions for user2:

setfacl -x u:user2 file.txt

Now, getfacl will no longer show permissions for user2:

getfacl file.txt

Setting Default ACLs on Directories

You can also set default ACLs on a directory so that newly created files inside the directory inherit specific ACLs. For example:

setfacl -m d:u:user2:rw /path/to/directory

Here, any new file created in /path/to/directory will automatically give user2 read and write access

Why Use ACLs?

ACLs offer greater flexibility in managing file permissions by allowing specific permissions to be assigned to individual users or groups. This is particularly useful in multi-user environments or when fine-grained control over access to files and directories is needed.