[Tip] Housekeeping Tasks Made Easy - User Home directories and Leftover Files


Login or Register for Dates, Times and to Reply

 
Thread Tools Search this Thread
# 1  
[Tip] Housekeeping Tasks Made Easy - User Home directories and Leftover Files

We have regularly questions about how to create users and user accounts. But regularly user accounts need to be deleted too. It is quite easy to delete the user account itself but usually the HOME directory of the user remains.

It is good style to remove these directories but simply deleting them can pose a problem: just because an account does no longer exist doesn't mean all its files are useless. It makes sense to backup these directories therefore but keep the backups somewhere safe in case they are needed again.

Here is a little script that: searches the /home directory for directories with no owner - these usually are the leftover hoe directories of deleted accounts - and then creates a gzipped tar-archive and finally deletes the directory itself.

Here it is:

Code:
root@system # find /home/* -type d -prune -nouser | while read DIR ; do
                  cd "${DIR%/*}"
                  tar cf - "${DIR##*/}" | gzip -9 > /home/${DIR##*/}.tar.gz
                  rm -rf "${DIR}"
              done

After running this look for "*tar.gz" files in /home. These are the archives. Put them on long-term storage or whatever you want to do with them.

Another thing is files and directories with no owner. In principle such a thing should not exist but updates (even from renowned manufacturers like IBM) regularly introduce these, because they forget to remove their developers ownerships when they create their packages for the rollout. The last years i regularly found such files in freshly updated AIX systems.

Tarballs also regularly introduce such files because their restore their content with all the ownership information of the system the tarball was created at. Usually this is an intended effect but if you download something from a foreign system (i.e. from somewhere on the internet) this poses a problem.

First, search for surch files to get an impression of what the problem is:

Code:
find / -nouser -print > /tmp/found_files

You may want to exclude some directory - i.e. application directories - from this search because the application team is responsible for them and have to take care for these. You can exclude a directory like this:

Code:
find / -name dir_to_exclude -prune -o -nouser -print > /tmp/found_files

I suggest you carefully analyze the content of the file /tmp/found_files. It is always better to check first than to fix later. If you are satisfied and want all the files to be changed - usually to root:system, root:root or something similar, depending on your system - you can run:

Code:
find / -name dir_to_exclude -prune -o -nouser -exec chown root:system {} \;

If you want to give some of the files to other users/groups just do that (manually or by a variation of the above line) before running this command. Once they have a proper ownership they are ignored because of the -nouser clause.

I hope this helps.

bakunin

Last edited by bakunin; 07-28-2019 at 10:57 AM..
These 4 Users Gave Thanks to bakunin For This Post:
# 2  
I once had two scripts for our customer:
1. scanning "unowned" homedirs for recently accessed files. If nothing found, delete. If something found, display it and stop the search - and do not delete.
2. scanning shared project directories in "deepest first fashion" (find -depth), and assign each "unowned" directory to the owner of its parent directory.
This User Gave Thanks to MadeInGermany For This Post:
# 3  
I run a similar, but different, script like this to scan an enter web file system and check ownership and permissions of each file and directory in that part of the filesystem, as a security measure.

When filesystems are secure, it is difficult for malicious code from the web to write to the file system using flaws in the web code.
This User Gave Thanks to Neo For This Post:
# 4  
Quote:
Originally Posted by MadeInGermany
1. scanning "unowned" homedirs for recently accessed files. If nothing found, delete. If something found, display it and stop the search - and do not delete.
Yes, that is another possible solution. A problem could be that users put things in their homedir crontab and so some files get regularly accessed even if the accounts are deleted. If this or my solution is better is perhaps depending on the environment you work in, policies in place and - last but not least - personal taste. The real point, though, is to take care of (removed users) data in some way in specific and to not let accumulate data waste on the system in general.

Quote:
Originally Posted by MadeInGermany
2. scanning shared project directories in "deepest first fashion" (find -depth), and assign each "unowned" directory to the owner of its parent directory.
This is a very good idea! I will update the above script eventually when i find time.

I hope this helps.

bakunin
Login or Register for Dates, Times and to Reply

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #280
Difficulty: Easy
CPU modes (also called processor modes, CPU states, CPU privilege levels and other names) are operating modes for the central processing unit of some computer architectures that place restrictions on the type and scope of operations that can be performed by certain processes being run by the CPU.
True or False?

6 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

New user to own files made by root?

Hi, when I installed debian 8, all files are created and owned by root, when I add new user, for example marco, he can't create directory or change files created by root. I tried with ftp, permission denied. so, I am interested how to grant to user marco ownership of all files in the system so... (5 Replies)
Discussion started by: alanford
5 Replies

2. Solaris

How to unmount user home directories ??

I've allocated /exports for all user directories by making separate directories under /exports..... :rolleyes: now i need to unmount /exports . But i'm unable to do that.. How can i troubleshoot this issue. Thanks in advance:D (2 Replies)
Discussion started by: vamshigvk475
2 Replies

3. Homework & Coursework Questions

i made this tasks. and i need some explenation or just remake my code.

Hello i hope this post is ok! and i hope that i get the point of rules :) i made this tasks by my self but few of them arent working.. and i dont know why!? u think u could help me? to give me some reasons why dont they work.. and remake my code that will work? hope to get answer soon! ... (9 Replies)
Discussion started by: eclip
9 Replies

4. Homework & Coursework Questions

How to verify all user home directories are writable only by their owner

1. The problem statement, all variables and given/known data: Need to verify that all user home directories are writable only by their owner on Solaris. The script posted below is workable but it is taking a long time to display the results, and I don't seem to be able to fix it or find any... (6 Replies)
Discussion started by: NuuBe
6 Replies

5. Shell Programming and Scripting

How to verify all user home directories are writable only by their owner

Hi, I'm currently working on my school assignment on how to verify that all user home directories are writable only by their owner on Solaris with VMware. But I'm not sure why my codes take a very long time to display the results. My friend says it's the `su - $i -c "ls -ld" 2> /dev/null | grep... (1 Reply)
Discussion started by: NuuBe
1 Replies

6. Shell Programming and Scripting

Batch delete specific folder from user home directories

Hi! Need your help. How can I delete the cache folder of multiple user home directories via automatically executed shell script on a Mac OS X Server? Example: The userdata are stored on a Xsan Volume like this: /Volumes/Xsan/userdata/mike /Volumes/Xsan/userdata/peter... (2 Replies)
Discussion started by: nipodrom
2 Replies

Featured Tech Videos