Useful ussage of find and du commands

Useful ussage of find and du commands

find

$ find /home/zuko -type f -size 875c
$ find /home/zuko -name '*.mp3' -size -5000k
$ find /home/zuko -size +10000k
$ find /home/zuko -name '*.cpp' -exec more {} \; | grep MyText
$ find /home/zuko -name '*.cpp' -exec sh -c 'more $1 | grep MyText' {} {} \;
$ find /home/zuko -name '*.tmp' -exec rm {} \;
$ find /home/zuko -name "*.[ch]*" | xargs grep -c "^[ \t]*#include" | sort -rn -t : +1 -2 | more

(1) find all files with size equal to 875 bytes in /home/zuko directory
(2) find all ‘*.mp3’ files that have a size less than 5000 Kilobytes ( 10MB)
(4) grep all *.cpp files in /home/zuko directory for looking string MyText
(5) alternative of (4)
(6) find all *.tmp files and delete it
(7) count number of includes in *.c and *h files in /home/zuko directory

du

$ du -sh

Command will show size of the current directory

How to install small and safe FTP server for sharing files with your friends

I assume that anyone knows what FTP is, otherwise please look here: http://en.wikipedia.org/wiki/File_Transfer_Protocol. The main use case is to create safe FTP for our friends. It means that our server will be visible to anyone, but only a few people will be able to log in.

We are starting from FTP server instalation:
$ sudo apt-get install proftpd

For remove it just type:
$ sudo apt-get autoremove proftpd

possible output:

...
Setting up proftpd-basic (1.3.2e-4ubuntu0.1) ...
Adding system user `ftp' (UID 117) ...
Adding new user `ftp' (UID 117) with group `nogroup' ...
Creating home directory `/home/ftp' ...
`/usr/share/proftpd/templates/welcome.msg' -> `/home/ftp/welcome.msg.proftpd-new'
ProFTPd is started from inetd/xinetd.
Neither inetd nor xinetd appears installed: check your configuration.

ProFTPd configuration as usual is in /etc/proftpd/.

$ sudo mcedit /etc/proftpd/proftpd.conf

Let change a little bit out configuration

ServerType			standalone
ServerName			"MyLocalFTP"
#Port can be changed to any value between 0 and 65535 (2^16 - 1). Note that some ports 
#can be already used by other services. Best practice is to use port numbers after 1023.
Port				21

Add MyLocalFTP to known host names:
$ sudo mcedit /etc/hosts

Modify line:

127.0.1.1	myname-pc	MyLocalFTP

To check if it works:
$ ping MyLocalFTP

If you know IPs of your freinds, then you can also add limitation to your proftpd.conf file:

<Limit LOGIN>
Deny from all
Allow from 1.1.1.1
Allow from 2.2.2.2
Allow from 3.3.3.3
</Limit>

Now remove anonymous access to your FTP server. First step is remove user ftp and his home directory
$ sudo userdel -r ftp

Then remove all

<Anonymous ... >
...
</Anonymous>

tags from your proftpd.conf file.

Now we start to add logins and passwords for our friends. Because of security, we assume that only virtual users will have acces to our FTP server. Virtual user is user without system account, recognized only by proftpd, and connected to access rights of existing system user. Good practice is use one system user for all yours virtual users. We will use the simplest virtual user authentication mechanism: the AuthUserFile, which is a flat text file in the same format as the system /etc/passwd file. The AuthUserFile configuration directive is handled by the mod_auth_file module.

Please find such lines in proftpd.conf file:

User myserweruser
Group myserwergroup

Now find User-ID and Group-ID of myserweruser and his group
$ cat /etc/passwd | grep myserweruser

Columns in /etc/passwd file contains:
* Username
* Password ( contains the encrypted password)
* User-ID (access privileges)
* Group-ID (user’s primary group)
* Home directory
* Shell

Virtual users can be easly added by the ftpasswd tool. Ftpasswd tool is a Perl script, distributed with the ProFTPD source code, under the contrib/ directory. A copy can also be found online:
$ cd /etc/proftpd
$ sudo wget http://www.castaglia.org/proftpd/contrib/ftpasswd
$ sudo chmod 755 ftpasswd
$ sudo ftpasswd --passwd --name=kate --home=/home/ftp/kate --shell=/bin/false --uid=xxx --gid yyy
$ sudo ftpasswd --group --name=myserwergroup --gid=yyy --member=kate
$ sudo mkdir /home/ftp
$ sudo chmod +x /home/ftp
$ sudo mkdir /home/ftp/kate
$ sudo chown -R myserweruser:myserwergroup /home/ftp/kate
$ sudo chmod 751 /home/ftp/kate

Once you have created your AuthUserFile and AuthGroupFile with the ftpasswd tool, you need to configure your proftpd.conf to use those files by adding the following directives:

RequireValidShell  off
AuthUserFile /path/to/ftpd.passwd
AuthGroupFile /path/to/ftpd.group

Now jail all users in their homes.

DefaultRoot ~

Restarting
$ sudo killall -HUP proftpd
$ sudo /etc/init.d/proftpd restart

Now we have successfully configured FTP server, but our freinds have only access to their folders in /home/ftp. If you would like to share your files from i.e. /media/MyMusic with kate, then the easiest way is to make symbolic link to /media/MyMusic in their home folders
cd /home/ftp/kate
sudo ln -s /media/MyMusic SharedMusic
sudo chown o+r /media/MyMusic

Edit proftpd.conf
$ sudo mcedit /etc/proftpd/proftpd.conf

Add lines:

VRootOptions allowSymlinks

<IfModule mod_vroot.c>
    VRootEngine on
    DefaultRoot ~
    VRootAlias /media/MyMusic /home/kate/SharedMusic
</IfModule>

Other tips & tricks:

How to test my FTP server?

Just use ftp command, like:
$ ftp 127.0.0.1
and follow by instructions.

How to limit connections pool?

MaxClientsPerHost	1
MaxClients	10 "Too many connections"

How to forbid system users to log in to out FTP service?

Our configuration still allows system users to log in to our FTP service. To forbid this you can edit /etc/ftpusers file. Users listed in /etc/ftpusers file can not log on FTP, unless you have UseFtpUsers off line uncommended.

Add add all your system logins to /etc/ftpusers file:
$ vim /etc/ftpusers
and make sure that UseFtpUsers off is commented in your proftpd.conf file
$ vim /etc/proftpd/proftpd.conf

comment or remove line:

# UseFtpUsers off

Unable to list folders containing []

The FTP client as ususal uses the LIST command, but sometimes it would like to use MLSD command. The MLSD command is newly supported in proftpd-1.3.2. To work around this, you could use the following in your proftpd.conf:

<IfModule mod_facts.c>
    FactsAdvertise off
</IfModule>

In effect, this tells clients not to use the new MLSD command.

When I’m trying to run my FTP server, I get the message like: Current connections will be dropped:

Just remove /etc/shutmsg file:
$ sudo cp /etc/shutmsg /etc/shutmsg.org
$ sudo rm /etc/shutmsg

Sample proftpd.conf file

# Includes DSO modules
Include /etc/proftpd/modules.conf
 
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6				on
# If set on you can experience a longer connection delay in many cases.
IdentLookups			off
 
ServerName			"MyLocalFTP"
ServerType			standalone
DeferWelcome			off

MultilineRFC2228		on
DefaultServer			on
ShowSymlinks			on

TimeoutNoTransfer		600
TimeoutStalled			600
TimeoutIdle			1200

DisplayLogin                    welcome.msg
DisplayChdir               	.message true
ListOptions                	"-l"

DenyFilter			\*.*/

# Use this to jail all users in their homes 
DefaultRoot			~

# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
RequireValidShell		off

AuthUserFile /etc/proftpd/ftpd.passwd
AuthGroupFile /etc/proftpd/ftpd.group

# Port 21 is the standard FTP port.
Port				21

MaxClientsPerHost	1
MaxClients	10 "Too many connections"

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			5

# Set the user and group that the server normally runs at.
User	myserweruser
Group	myserwergroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask				022  022
# Normally, we want files to be overwriteable.
AllowOverwrite			off

TransferLog /var/log/proftpd/xferlog
SystemLog   /var/log/proftpd/proftpd.log

VRootOptions allowSymlinks
<IfModule mod_vroot.c>
    VRootEngine on
    DefaultRoot ~
    VRootAlias /media/MyMusic /home/kate/SharedMusic
</IfModule>

<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>

<IfModule mod_ratio.c>
Ratios off
</IfModule>

<Limit LOGIN>
AllowUser kate
DenyALL
</Limit>

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&amp;ID=LSS-2004-10-02
# It is on by default. 
<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine        off
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>


# In case when our files or folders can contains [] brackets in the names, then 
# tell the ftp client to not use MLSD command
<IfModule mod_facts.c>
    FactsAdvertise off
</IfModule>

<IfModule mod_ctrls_admin.c>
    AdminControlsEngine off
</IfModule>