This comprehensive guide will walk you through installing and using incron on a Debian 9 (Stretch) system. Similar to cron, incron triggers commands based on file or directory events, such as modifications or changes to permissions, elevating your server automation capabilities.
1. Prerequisites
- System Administrator permissions (root login) are required. Execute all the commands in this guide as the root user.
- We’ll use the “nano” editor for file modifications. Substitute it with your preferred editor or install nano by utilizing the command:
apt-get install nano.
2. Installing Incron
Incron can be easily installed from the Debian repository with the following command:
apt-get install incron
Below is a snapshot of the installation process:
3. Using Incron
Incron usage parallels that of cron. The tool incrontab allows you to list (-l), edit (-e), and remove (-r) incrontab entries. Learn more via:
man incrontab
It’s important to configure user permissions for incron. To use incrontab as root, ensure /etc/incron.allow listed ‘root’ or is removed entirely:
rm -f /etc/incron.allow
Or add ‘root’ by editing:
nano /etc/incron.allow
Append:
root
Without these permissions, attempts to use incrontab result in errors:
server1:~# incrontab -l user 'root' is not allowed to use incron
With proper permissions:
server1:~# incrontab -l no table for root
Begin defining incron jobs via:
incrontab -e
Consult the man page for the incrontab format:
man 5 incrontab
The basic format for incron entries is:
<path> <mask> <command>
<path> specifies the directory or file to monitor, and <mask> denotes the type of events, which include:
IN_ACCESS: File was accessed (read) IN_ATTRIB: Metadata changed (permissions, etc.) IN_CLOSE_WRITE: File opened for writing was closed IN_CREATE: File/directory created in watched directory IN_DELETE: File/directory deleted from watched directory IN_MODIFY: File was modified ...and more.
The <command> specifies what is executed upon detection. Use wildcards to substitute variable parts of the command:
$$: dollar sign $@: watched filesystem path $#: event-related file name $%: event flags (textually) $&: event flags (numerically)
To experiment with wildcards and observe command executions, add this test line to incrontab:
incrontab -e
And then:
/tmp/ IN_MODIFY echo "$$ $@ $# $% $&"
Create or modify a file in /tmp and examine /var/log/syslog for outputs and errors:
tail /var/log/syslog
Here’s an example of modifying /tmp/hello.txt, demonstrating the interpretation of wildcards.
Let’s put it to practical use by monitoring /etc/apache2/apache2.conf and /etc/apache2/sites-available/ for changes and automatically restarting Apache:
incrontab -e
/etc/apache2/apache2.conf IN_MODIFY /usr/sbin/service apache2 restart /etc/apache2/sites-available/ IN_MODIFY /usr/sbin/service apache2 restart
Verify incognito job actions in /var/log/syslog after inducing changes in your Apache configuration.
NOTE: Avoid compromising system stability with infinite loops within monitored directories due to executing self-triggering scripts. For instance, don’t write log files within /tmp when it’s under surveillance.
List defined incron jobs with:
incrontab -l
server1:~# incrontab -l /etc/apache2/apache2.conf IN_MODIFY /usr/sbin/service apache2 restart /etc/apache2/vhosts/ IN_MODIFY /usr/sbin/service apache2 restart
Delete all incron jobs for the current user with:
incrontab -r
server1:~# incrontab -r removing table for user 'root' table for user 'root' successfully removed
4. Links
- Debian: http://www.debian.org
- Incron Software: http://inotify.aiken.cz/?section=incron&page=about&lang=en
FAQ
What is incron?
Incron is a daemon that monitors file and directory activities prompting specified commands upon detecting specific events.
What are the prerequisites for installing Incron?
You will need root access and a compatible text editor for editing system files. This guide uses the “nano” editor.
Where can I find more resources on Incron?
You can refer to the Debian project page and the official Incron documentation through the links provided above.