If you want to perform a task every time a specific event occurs, you could employ various techniques for polling or log watching; however, Linux provides a more general solution in the form of a tool called incron. Incron uses the inotify subsystem [1] to listen for events that affect a filesystem, such as opening, creating, or deleting a file; accessing a directory; or changing an attribute.

The name incron suggests the common cron utility [2]; however, cron jobs are triggered by a moment in time (every Friday, once a day at 3 am, in August, etc.), whereas incron is triggered by file or directory events. The gears in your head are probably already spinning, thinking of all the potential uses of incron. So, in this article, I describe how to set up incron and put it to work in some simple examples.

Getting incron

The incron tool set is not usually preinstalled by default in most distros, but because it is an implementation of the inotify subsystem (see the box "The Origin of incron"), it is likely in your distro's repository, so you can install it through the package manager. However, if for some reason you can't install the necessary packages from your distro's repos, you can download the latest version [3] and build from source.

[...]