$ Linux One Liners
Back to commands

Linux Survival Basics

Read-only

Trace Every Parent Directory on a Permission Denial

You need to inspect each directory component in a path to find where traversal permission fails.

Command

namei -l fixtures/perm-audit/current/app/config/prod.token

Before you run this

System impact: Read-only. Low when scoped to the shown target.

When not to use it: Do not stop at the final file mode; parent execute bits and symlink targets matter.

Expected output

A component-by-component ownership and mode trace for the full path.

System impact

Read-only. Nothing changes. The command shows each path component with owner and mode.

Recovery / rollback: no state is changed.

When to use it

Use when a process gets permission denied even though the final file looks readable.

When not to use it

Do not stop at the final file mode; parent execute bits and symlink targets matter.

Watch this command run

Command transcript

This sanitized transcript shows the commands and output shape without exposing host details.

demo@lab:~$

$ stat -c '%A %U:%G %n' sample-files/perm-audit/current/app/config/prod.token

lrwxrwxrwx root:root sample-files/perm-audit/current/app/config/prod.token

$ namei -l sample-files/perm-audit/current/app/config/prod.token

f: sample-files/perm-audit/current/app/config/prod.token
drwxr-xr-x root root fixtures
drwxr-xr-x root root perm-audit
drwxr-xr-x root root current
lrwxrwxrwx root root app -> ../releases/2026-06-25
drwxr-xr-x root root   ..
drwxr-xr-x root root   releases
drwxr-xr-x root root   2026-06-25
drwxr-xr-x root root config
lrwxrwxrwx root root prod.token -> ../../../shared/secrets/prod.token
drwxr-xr-x root root   ..
drwxr-xr-x root root   ..
drwxr-xr-x root root   ..
drwxr-xr-x root root   shared
drwxr-xr-x root root   secrets
-rw------- root root   prod.token
View commands shown

These are the commands shown in the sanitized transcript.

Commands shown

  1. stat -c '%A %U:%G %n' fixtures/perm-audit/current/app/config/prod.token
  2. namei -l fixtures/perm-audit/current/app/config/prod.token

next steps

Related commands

Hosting Operations Can be slow

Audit a Symlink Permission Chain

A symlink can make the path you audited different from the file the app opens.

find fixtures/perm-audit -type l -printf '%p -> %l\n' -exec namei -l {} \;
Linux Survival Basics Read-only

Check Owner and Mode in One Line

The file existed. The owner and mode explained why it still failed.

stat -c '%A %U:%G %n' /var/www/example/index.html
Linux Survival Basics Can be slow

Find the Exact Log Line Before You Scroll

The error was there. The useful part was knowing exactly where it was.

grep -inE 'error|failed|denied|timeout' /var/log/nginx/error.log
Linux Survival Basics Read-only

Show Context Around the First App Error

The first error often explains more than the last one.

awk '{buf[NR%5]=$0} tolower($0) ~ /(error|exception|fatal)/ {for (i=NR-4;i<=NR;i++) if (i>0) print buf[i%5]; exit}' fixtures/incidents/app.log
Study mapping

Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.

  • lpic1:103-gnu-unix-commands
  • lfcs:essential-commands
  • linuxplus:automation-scripting
  • linuxplus:provisional
  • risk:read-only

Useful for

  • LPIC-1 style command-line practice
  • LFCS style performance tasks
  • Linux+ style troubleshooting review

Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.