Command Line Archives • Page 6 of 76 • Linux Tips

Short: Show File Creation, Modification, and Access Times

Today’s article is short because there’s no reason to make it longer and we’ll just show file creation, modification, and access times. This is just a simple process and won’t take all that much to learn. It shouldn’t take too long to explain.

Files contain metadata. This can be everything from the GPS location of an image file to the kind of camera used. You can even add your metadata fields with audio files, for example.

For example, we’ve previously covered metadata in these articles:

How To: Sanitize Exif Data From Your Digital Images For Privacy Sake
Review: MetaClean (Clean Exif/meta Data From Email Attachments Automatically)

Well, your files contain other metadata. This information includes things like file creation, modification, and access times. You can easily find out when a file was created. It’s easy to show when the file was modified and just as easy to see when the file was last accessed.

Nice and simple, right?

Well, we’ll be using the stat command.

The stat Command:

You won’t need to install anything. You’ll find that the stat application is already available. You can verify this with:

which stat

1	which stat

The outcome should match:

$ which stat
/usr/bin/stat

1 2	$ which stat /usr/bin/stat

You can check the man page with this command:

man stat

man stat

Doing so will show you that stat is described like:

stat - display file or file system status

1	stat - display file or file system status

Which is exactly what we need to show creation, modification, and access times. This will be the correct tool for the job.

Show File Creation, Modification, and Access Times:

This is a terminal-based process and you can usually access your default terminal by pressing CTRL + ALT + T. If that doesn’t work, find the terminal in your application menu.

With your terminal open, list the files:

ls -la

ls -la

Now, pick a file…

When you’ve picked a file, use the stat command. The syntax is easy:

stat <file_name>

1	stat <file_name>

When you opened your default terminal, you probably opened it in your home directory. Most of you will have a ~/.bashrc file, so we’ll use that. An example of this stat command would be:

stat ~/.bashrc

1	stat ~/.bashrc

Here’s an example output:

$ stat ~/.bashrc
File: /home/kgiii/.bashrc
Size: 3831 Blocks: 8 IO Block: 4096 regular file
Device: 802h/2050d Inode: 6815747 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 1000/ kgiii) Gid: ( 1000/ kgiii)
Access: 2024-03-06 15:04:01.821753362 -0500
Modify: 2024-02-15 22:01:20.734612826 -0500
Change: 2024-02-15 22:01:20.734612826 -0500
Birth: 2023-11-26 01:48:18.886257694 -0500

$ stat ~/.bashrc

File: /home/kgiii/.bashrc

Size: 3831 Blocks: 8 IO Block: 4096 regular file

Device: 802h/2050d Inode: 6815747 Links: 1

Access: (0644/-rw-r--r--) Uid: ( 1000/ kgiii) Gid: ( 1000/ kgiii)

Access: 2024-03-06 15:04:01.821753362 -0500

Modify: 2024-02-15 22:01:20.734612826 -0500

Change: 2024-02-15 22:01:20.734612826 -0500

Birth: 2023-11-26 01:48:18.886257694 -0500

As you can see, there’s the ‘birth’ (file creation time), an access time, and a changed time. There’s a lot of other information, but that’s outside the scope of this article.

Be sure to read the man page:

man stat

man stat

You can use several flags to extract just the information you want. If you wanted to, this would be useful for scripting or other programming. You don’t have to have the full output. For this simple and short article, the information isn’t that overwhelming. I see no reason to cover any particular flags unless I intended to cover a half dozen of them. You can find those just fine on your own.

Closure:

This has just been a short article. I wanted to cover the stat command and there’s not much to it – for the average user. File management is a pretty advanced topic and we cover that often. This time around, it’s just file creation, modification, and access times. Nothing too advanced.

I don’t do many of these short articles. I probably should, as they’re quick and get straight to the point. They’re quick articles that should be plenty easy to process and you don’t have to wade through a lot of text to get to the point of the article. If you like them, let me know.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

How To: Crack A PDF Password

I don’t know how handy today’s article is going to be in reality but it’s sort of possible to crack a PDF password. Once you read the article, you’ll see why I said “sort of possible”. The odds of success will vary greatly.

Everybody knows what a PDF file is. It’s a Portable Document Format. This is actually a standard (ISO 32000). You don’t need Adobe products to create, edit, or read PDF-formatted documents. Odds are good that your distro comes with tools for manipulating PDF documents.

It’s possible to password-protect a PDF document. You can have an owner’s password (allowing editing) or you can have a user’s password (allowing you to read the document). This may be something you’ve encountered in the past.

Well, like all things password-protected, it’s possible to crack the password.

What do I mean by crack? I mean it will reveal the password to you in plain text. This will allow you to access the document in one form or another, depending on which password you crack.

This is gonna take some time…

Also, I’ll assume you’re using something based on Debian because I’ve not tested this with other distros. I’ve only tested this on my systems.

The tool we’ll be using is a ‘brute-force’ password cracker. That means it starts from the letter a and works its way up, adding new letters after the rest of the letters have been tried. So, you’ll see aa, ab, ac, ad, and progression along those lines. You can immediately see why this is going to take a while.

The tool we’ll be using is helpfully called ‘pdfcrack’.

pdfcrack:

This pdfcrack is a terminal-based PDF password-cracking tool. You can use brute force or lists of words such as common passwords. You can also specify the character list, though the default is to just use the regular alphabet in both uppercase and lowercase formats.

The pdfcrack application is helpfully described as such:

pdfcrack – Password recovery tool for PDF-files

I’ll assume that you’re only trying to recover passwords on documents you should legally have access to. I assume that you won’t use this to access content that does not belong to you. That seems like a safe assumption!

As you can see, this is the correct tool if you want to crack a PDF password.

Crack A PDF Password:

As mentioned above, you’ll crack passwords in the terminal. That requires an open terminal, so we might as well install pdfcrack in the terminal. Just press CTRL + ALT + T and that will usually open up a terminal for you.

With your terminal now open, install pdfcrack:

sudo apt install pdfcrack

1	sudo apt install pdfcrack

With that installed, check the man page:

man pdfcrack

1	man pdfcrack

Download:

Example PDF File

Now, crack it…

pdfcrack -f /path/to/unlock-me.pdf

1	pdfcrack -f /path/to/unlock-me.pdf

As it’s a download, it’s probably in your ~/Downloads directory, but mine is stored in my ~/Documents directory because it’s a document. So, my example:

pdfcrack -f ~/Documents/unlock-me.pdf

1	pdfcrack -f ~/Documents/unlock-me.pdf

That uses a very simple password that should be cracked in a few seconds. On my older and slower computer, I was able to do more than 20,000 words per second. This short password should crack almost instantly.

Leave a comment telling me what the password is!

By default, pdfcrack will crack the user password. You can specify which password you wish to crack. Though the syntax is a little wonky. In this case, the syntax is as follows:

pdfcrack -f filename.pdf <options>

1	pdfcrack -f filename.pdf <options>

Which translates into the following…

For the owner:

pdfcrack -f filename.pdf -o

1	pdfcrack -f filename.pdf -o

For the user:

pdfcrack -f filename.pdf -u

1	pdfcrack -f filename.pdf -u

If you want to pause this, you can!

To pause a running pdfcrack instance just press CTRL + C. This will save the progress as savedstate.sav. The program will automatically resume when you run the command again. Pretty neat!

There’s a lot you can do with this command. Let’s say you recall the password was between 8 and 12 characters and want to just search in that area.

pdfcrack -f filename.pdf -n 8 -m 12

1	pdfcrack -f filename.pdf -n 8 -m 12

You can also specify the character set. If you want to use uppercase, lowercase, and numbers you can do that. You just add them to the command with the -c flag, making sure to put them in quotes. That’d look like this:

pdfcrack -f filename.pdf -c 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890'

1	pdfcrack -f filename.pdf -c 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890'

You can specify a wordlist like so:

pdfcrack -f filename.pdf -w wordlist.txt

1	pdfcrack -f filename.pdf -w wordlist.txt

The format for that file appears to require one word per line and there are collections of common passwords you can download to help you crack a PDF password.

As you can imagine, and as you were warned near the start, this process can take a while. Assuming you have the right characters loaded and enough time, it’s certain to work eventually.

Go ahead and crack my example file above. That one won’t take you very long, even on a slow computer. It won’t be instantaneous, but it’ll be pretty quick.

If you want, you can also run a benchmark to see how fast your computer is. The command to do that is quite simply this:

pdfcrack -b

1	pdfcrack -b

I ran this on the slowest computer I use. I didn’t run it on anything faster because I don’t care that much. I’m sure you’ll do better on your computers, though you can share the results as a way to compare your rig with others.

Anyhow, my output was this:

kgiii@kgiii:~/Documents$ pdfcrack -b
Benchmark:	Average Speed (calls / second):
SHA256 (fast):		3309920.8
SHA256 (slow):		1727111.3

MD5:			3973834.3
MD5_50 (fast):		153127.8
MD5_50 (slow):		163666.6

RC4 (40, static):	1334279.6
RC4 (40, no check):	1339898.4
RC4 (128, no check):	1305946.2

Benchmark:	Average Speed (passwords / second):
PDF (40, user):		943049.0
PDF (40, owner):	520400.4
PDF (40, owner, fast):	1139653.1

PDF (128, user):	44928.0
PDF (128, owner):	21999.9
PDF (128, owner, fast):	45202.4

kgiii@kgiii:~/Documents$ pdfcrack -b

Benchmark: Average Speed (calls / second):

SHA256 (fast): 3309920.8

SHA256 (slow): 1727111.3

MD5: 3973834.3

MD5_50 (fast): 153127.8

MD5_50 (slow): 163666.6

RC4 (40, static): 1334279.6

RC4 (40, no check): 1339898.4

RC4 (128, no check): 1305946.2

Benchmark: Average Speed (passwords / second):

PDF (40, user): 943049.0

PDF (40, owner): 520400.4

PDF (40, owner, fast): 1139653.1

PDF (128, user): 44928.0

PDF (128, owner): 21999.9

PDF (128, owner, fast): 45202.4

Be sure to check out the man page. It’s a simple application but there are many options available for pdfcrack and you might as well learn about them now. You never know when you’ll find an old PDF document with a forgotten password. It can (and does) happen!

Also, be sure to check the pdfcrack project page.

Closure:

So, you might wonder why I’d include an article like this. After all, isn’t cracking passwords a potential legal mess? Isn’t it immoral to crack passwords? Is it even legal to crack passwords?

The answer is simple enough. It’s a tool you can use to recover your lost passwords. You can use this tool to access things that you shouldn’t be accessing, just like you can use a screwdriver to poke things you shouldn’t be poking. I’m just giving information.

I am also not a lawyer. I permit you to crack the password of the included file. For other files, don’t do anything illegal in your jurisdiction. If it’s a crime, don’t do it. I’m decidedly not your lawyer. If you think this requires asking a lawyer, go ahead and do so.

That and it’s not a great secret. If you’re relying on a password to protect PDF files from anyone serious, you’re probably doing your security wrong. It’s well known that this is possible and that the tools are easily installed. PDF passwords aren’t very good for security, though you can make complicated passwords.

The distro you’re using may very well have pdfcrack available, even if it isn’t one of the Debian-based distros. Just search and you can find it. With some work, you can even mostly install it with PIP. Just click the link above to the project page for more information about that.

As always…

The du Command In Linux

There’s always time for a basic article or two and today we’ll do that as we just play around with the du command in Linux. This is a functional tool and one you can learn to use in just a few minutes. Because of that, I’ll try to keep the article reasonably short.

Storage…

On Linux, everything is a file. These files are stored with a system – such as a particular formatting method like Ext4. Collectively, this is your file system.

Because of this, you may have done similar things, you’ll find that file sizes are all divisible by four. That’s because of the way things are stored. They’re stored in blocks and 4KB is (generally speaking) the smallest block you can have. So, it only makes sense that things can be divided by four.

Running out of storage space is A BAD THING®. It can even prevent you from booting! You do not want to run out of space on your drives. You don’t want to run out of space on any of your partitions.

When you installed Linux, you should have taken care to ensure that the partitions will be large enough for you to grow into. It’s possible to add storage. You can even modify your system to move your ~/home directory onto a partition all its own.

It’s easier to ensure you have enough room when you start. Storage space is relatively inexpensive these days. You can get really fast storage (such as an NVMe M.2 SSD) for little money. If your motherboard doesn’t support NVMe, you can get a cheap PCIe riser card to add that feature.

We’ll be using the du command to see how much space you’ve used.

The du Command:

The du command is a terminal-based application. You shouldn’t need to install anything for this article, it should be installed by default. We’ve previously used this command to sort files by size if you’re curious.

Anyhow, you can ensure du is available with the following terminal command:

which du

which du

Which should give you an output like this:

$ which du
/usr/bin/du

1 2	$ which du /usr/bin/du

If you get an output similar to that, you’re good to go and won’t need to install anything to finish this article. The man page can be accessed with the following terminal command:

man du

man du

The output from that command should be a good indicator that we’re using one of the correct tools for the job. This being Linux, there are many choices. In this case, the du command is described as:

du - estimate file space usage

1	du - estimate file space usage

As you can tell by the introductory paragraphs, that’s a good tool for the task we’ve set for ourselves today. We want to see how much file space we’re using.

Using The du Command In Linux:

If you read the above paragraphs you’d know that this is another one of those things you do in the Linux terminal. Yes, there are graphical tools that will let you do this – but this way is universal. You’re going to find the du command on any Linux system you’re likely to touch. So, press CTRL + ALT + T and we can get going.

With your terminal open, you can just start with the basics:

du

That will show you the bytes used by the directories. We want to see the storage space consumed by directories and files, so we’ll add the -a flag to the following command:

du -a

du -a

That should show file and directory sizes in bytes. That’s not very readable by a human unless you want to do some math in your head. So instead we’re going to add the -h flag. Like so:

du -ah

du -ah

That’s all well and good. You can use cd to navigate around your computer or you can specify the path. How do you do that? Well, the syntax follows:

du -ah <path_to_directory>

1	du -ah <path_to_directory>

So, if we want to view the storage consumption of the ~/Downloads directory we’d simply use the following command:

du -ah ~/Downloads

1	du -ah ~/Downloads

Now, if you just want to see the total value of the directory you can use the following command with the -s flag:

du -sh ~/Downloads

1	du -sh ~/Downloads

If you want to find out how much storage space is consumed by your entire ~/home/<user> directory, that’s a very simple command:

du -sh ~/

du -sh ~/

I’d not suggest using the du command to check the entire drive of a running system. It will want to also calculate anything plugged into the computer and take forever. There are other ways to view drive usage information.

If you want to use a GUI, here’s a few tools for you:

A Few Ways To Visualize Disk Usage In Linux

There are innumerable ways to do this in the terminal and I’ve covered many of them. Most recently, I showed you a way to use Python to view disk usage. I admit my bias, but that’s a neat way to give you some basic information in a handy format that’s easily understood.

This is one of those things you can do with a multitude of tools. It is also a fairly basic task and something we should all be aware of. Know how much free storage you have and act accordingly.

Don’t wait for the drives to fill up before acting because that just makes it harder on you. You know the adage about how an ounce of prevention is better than a pound of cure? Well, keep that in mind when you think about your storage solutions.

Closure:

Oh, I’m sure I’ve mentioned the du command before. It sounds like something I’ve written about. I do know that I used it so that you could sort files by size, which is nice. At least I’m pretty sure I did…

At this point, who knows? I could do a lot of searching just to check, but the search doesn’t always do a good job and it’s too late now because I’ve written the article!

As of today, you should be fairly fluent in the du command. You might want to read the man page. There’s quite a bit that I didn’t cover. I only covered the basics. More specifically, I only covered the ways I use the du command. You may have very different needs. You may have a very different process. With that in mind, read the man page.

Show Your USB Devices In The Linux Terminal

Today’s article won’t be all that long or complicated because we’re just going to show your USB devices in the Linux terminal. This is something easily done and not something too unusual. You never know when you’ll want to show your USB devices, but this is your chance to do so.

We have covered the lsusb command in the past, but we’ll include that and go beyond that. Why? Because we can. It’s okay to revisit earlier material if we’re going to add to it.

USB stands for Universal Serial Bus and there are many versions. I’d like to think that my readers don’t need to be told what USB is. You’ve probably used USB devices in the past, including using a USB storage device to install Linux or use as an input device like your keyboard and mouse.

Not having to explain that will save a lot of time!

Show Your USB Devices:

You can learn quite a bit about your USB devices in the terminal. You can learn what the devices are, maybe the product name, where it’s plugged in, and more. So, we’ll cover that in this article.

The two tools we’re going to use shouldn’t require any new software. Sweet!

lsusb:

The first tool we’ll cover is the lsusb application. You won’t need to install this. It will be installed by default. You can confirm that you have lsusb installed with the following command:

which lsusb

1	which lsusb

Sure enough, you can check the man page to see that this is a good tool for this task. That command is:

man lsusb

man lsusb

With that information, you can see that it’s described like this:

lsusb – list USB devices

See? It’s exactly the tool for the job!

To run this command, you simply run it in your terminal – like so:

lsusb

lsusb

That will output a bunch of USB information.

usb-devices:

Now this is a command that I’ve not previously covered. It’s a simple command to operate but the output is different from the above. This command gives a great deal more information than the above lsusb command does.

You can ensure that usb-devices is installed with this command:

which usb-devices

1	which usb-devices

If you want to check the man page, run this command:

man usb-devices

1	man usb-devices

You’ll see that this is a useful tool if you want to show USB devices. In fact, you’ll see that it’s possibly better than the plain lsusb command. It’s described like:

usb-devices – print USB device details

The important part is ‘details’. This command will show you a great deal of the details regarding the USB devices.

NOTE: This will only show the details for things that are active. If you have inactive USB devices it will not show them. That explains the difference between the lsusb command and the usb-devices command. Well, that and this command spits out a lot more information.

If you want to run this command in your terminal, it’s simply done like so:

usb-devices

1	usb-devices

That’s not very complicated at all and will reveal quite a bit more information than you’d get with the previous lsusb command. It’s worth running both in some situations, but run this usb-devices command if you need detailed information.

Closure:

See? I told you that this one wouldn’t take all that long. I probably could have labeled this one as a short article, but I didn’t. It’s also written in a different format – not even telling you how to open your terminal. If you need to know that, you can figure it out – or you already know. I did mention the terminal in the headline.

Generate A Process Tree

This shouldn’t be a very long (or complicated) article as we’re simply going to cover one way to generate a process tree. This is more useful than it may sound, especially in process management.

We’ll be doing this in distros that support apt. So, that’d be distros like Debian, Ubuntu, Linux Mint, Elementary, and many others. That’s distros within the Debian family. That’s a good chunk of the available distros, so this will apply to many of you.

It’s not that this won’t work on other distros. It’s that I haven’t tested this on other distros. You can likely follow along and figure it out with your package manager, I’ve just not done so. I do have a limited amount of time and the only human resource I have is myself. Man, I could use an editor!

For the record, this seems like something you’ll find installed by default on any major system. You may not need to install anything at all. This might just be already available.

Anyhow… About processes…

Everything running on Linux is a process. There are a whole lot of processes that make up a running system. For the most part, you can ignore all this and keep computing. However, when you troubleshoot a system you may be interested in which processes are running. If you’re recovering from a slow system, you may be interested in killing processes.

One process may spawn other processes. For example, you may have a browser with open tabs. The browser is itself one process. The open tabs may be separate processes. This is a good thing for things like compartmentalization and even security, but that’s outside of the scope of this article.

So, what tools will we be using?

psmisc:

I believe the correct term for psmisc is that it’s a meta-package. That is, psmisc is a package that contains some other tools. If you want to follow along with this article, that’s the package you’ll likely want to install. I’ll cover installing it with apt, which is nice.

If you’re interested in psmisc, here’s the psmisc project page. The package includes the following applications:

fuser – Identifies processes using files or sockets
killall – kills processes by name, e.g. killall -HUP named
prtstat – prints statistics of a process
pslog – prints log path(s) of a process
pstree – shows the currently running processes as a tree
peekfd – shows the data travelling [sic] over a file descriptor

Of these, we’re interested in ‘pstree’. We have mentioned the killall command before and chances are that you won’t need to install anything for this at all. I did mention that above…

pstree:

This is the tool we’ll be using to generate a process tree. It comes with the above package and is one of those tools I think is likely available by default. I’ll cover how to use apt to install it below, but it seems like one of those things that you’re going to find on other distros. You’ll likely find that it’s installed by default on all those distros.

You can verify that you have this available with the following command:

which pstree

1	which pstree

The output should match this:

$ which pstree
/usr/bin/pstree

1 2	$ which pstree /usr/bin/pstree

Don’t worry if that’s not available, we’ll install it below.

If you want to generate a process tree, you’ll see that the man page confirms that this is a good tool to do so, though the name should have clued you in. To read the man page, just run this command:

man pstree

1	man pstree

See? It’s not all that involved. It’s a pretty simple application.

Generate A Process Tree:

To generate a process tree in Linux, you’ll need an open terminal. Well, if you’re going to use pstree to generate a process tree in Linux, you will need an open terminal. Most of you can just open a terminal by pressing CTRL + ALT + T on your keyboard.

With your terminal open, let’s make sure that you have installed psmisc.

sudo apt install psmisc

1	sudo apt install psmisc

Now that you have psmisc installed, you can use the pstree command. Don’t blame me for this, I didn’t do it.

You can simply run the command as it stands:

pstree

pstree

However, I previously wrote this article:

How To: Kill Processes By Their PID (Process ID)

I want to tie into that article. You can use the pstree command, which is a nice and easily understood output, to show the PID. That command would look like this command:

pstree -p

pstree -p

However, there’s a more useful command for those dealing with sudden issues. You can use a flag known as --color=age to get an idea about how new the processes are.

Green would be within the past 60 seconds, yellow would be within the past hour – or so I’m told. Every time I try, it shows up red. You can try it if you want, like so:

pstree --color=age

1	pstree --color=age

Good luck with that one! Seriously… Good luck!

Even if that doesn’t work, you can now generate a process tree to show the running processes on your system. This seems like a good thing to know.

Closure:

I was recently asked if I was running out of ideas for articles and the answer I gave them was that I am not. There’s always something to write about, even if it’s just a simple task like generating a process tree. Ideally, these articles will stand as a solution for those with specific problems. This is one of those articles.

Don’t forget that you can sponsor an article!