How to use updatedb command as an ordinary user?

The locate command is very useful tool on Linux, but it seems only root can run updatedb command which is very unconvinent to use it. So how to make ordinary user to have the priviledge to run updatedb command?

updatedb is the command use to update the db used by locate command.

But there is the following error message when try to run updatedb as ordinary user:

[mirror@home code]$ updatedb
updatedb: can not open a temporary file for `/var/lib/mlocate/mlocate.db'

Or:

updatedb -o db
updatedb: can not change group of file `/var/lib/gforge/chroot/home/users/bigmeow/tmp/db.uhEZFQ': Operation not permitted

hugemeow

Posted 2012-08-28T02:03:05.173

Reputation: 1 819

Answers

Edit the command to:

updatedb --require-visibility 0 -o ~/.locate.db

from "updatedb (8)":

-l, --require-visibility FLAG

Set the 'require file visibility before reporting it' flag in the generated database to FLAG.

If FLAG is 0 or no, or if the database file is readable by "others" or it is not owned by slocate, locate(1) outputs the database entries even if the user running locate(1) could not have read the directory necessary to find out the file described by the database entry.

If FLAG is 1 or yes (the default), locate(1) checks the permissions of parent directories of each entry before reporting it to the invoking user. To make the file existence truly hidden from other users, the database group is set to slocate and the database permissions prohibit reading the database by users using other means than locate(1), which is set-gid slocate.

Note that the visibility flag is checked only if the database is owned by slocate and it is not readable by "others".

user292632

Posted 2012-08-28T02:03:05.173

Reputation: 151

you explain what the --require-visibility flag is... but maybe you could explain a little bit about why? like why not just do what @xaizek is doing and generate the database in a location your user has permission without using the --require-visibility flag? – Trevor Boyd Smith – 2018-11-29T15:28:53.327

later on in the man page there is an answer to my question: SECURITY Databases built with --require-visibility no [tbs: or 0] allow users to find names of files and directories of other users, which they would not otherwise be able to do. – Trevor Boyd Smith – 2018-11-29T15:39:55.397

You can just create database in home with -o argument of updatedb:

updatedb -o ~/.locate.db

And use it with slocate like this:

slocate --database=~/.locate.db <pattern>

You probably want to define an alias for slocate --database=~/.locate.db.

xaizek

Posted 2012-08-28T02:03:05.173

Reputation: 891

1in fact even with -o option, i failed, why? updatedb -o dbdb updatedb: can not change group of file `/home/mirror/tmp/dbdb.zwHn1W': Operation not permitted – hugemeow – 2012-09-19T15:06:57.507

1@hugemeow not sure why it happens. Maybe /mirror/tmp was mounted with non-standard options, which forbid updatedb to change group. Though it createsd database file with xaizek:users owner:group pair for me, so group is the default one. You can also check options in /etc/updatedb.conf file. – xaizek – 2012-09-19T19:26:06.197

do i have to use slocate rather than locate? cannot find slocate on centos... – hugemeow – 2012-10-14T02:12:09.687

1@hugemeow slocate is a more secure version of old locate. I think centos should have slocate installed with name locate. Anyway, there should be no differences in your case, and basically in most possible cases (on Slackware locate is just a symbolic link to slocate). – xaizek – 2012-10-14T08:40:16.957

somebody told me mlocate is better than slocate:( btw, why i cannot find source code of slocate, i wanna build it from source... – hugemeow – 2012-10-14T14:20:33.937

@hugemeow It's written that mlocate should be faster, but still compatible with slocate. I'm not sure if it's the reason. If you wan't to try slocate, which site isn't working, download sources from one of Slackware mirrors, they include sources of the packages: see here.

– xaizek – 2012-10-14T18:55:44.693

why command updatedb -o db not works? – hugemeow – 2012-10-15T09:26:18.403

seem edit1, why updatedb -o db failed after running for about two minutes? – hugemeow – 2012-10-15T09:34:25.133

@hugemeow Maybe it's easier to ask system administrator to add you to slocate (or mlocate) group? Even if group can't be changed, the file is there, so you should be able to use it (updatedb probably didn't remove, did it?). – xaizek – 2012-10-15T13:37:23.097

Here are all the steps to have a complete solution (tested in Centos 6.5)

1) generate the db:

updatedb --require-visibility 0 -o ~/.locate.db

2) use the db:

locate --database=/full/path/to/.locate.db (does not work with ~)
or
locate --database=.locate.db

3) create an alias:

alias mylocate='locate --database=/full/path/to/.locate.db'

4) use your locale locate db:

mylocate <my pattern>

Yann Sagon

Posted 2012-08-28T02:03:05.173

Reputation: 129

use $HOME instead of ~, or just get rid of the =. both of the following will work: locate --database ~/.locate.db or locate --database=$HOME/.locate.db. see this thread: https://stackoverflow.com/questions/11587343/difference-between-home-and-tilde

– ardnew – 2017-07-18T16:19:38.073