LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   List files/directories by user permissions (https://www.linuxquestions.org/questions/linux-security-4/list-files-directories-by-user-permissions-4175414512/)

dizwell 07-02-2012 05:09 PM
List files/directories by user permissions
 
I have a requirement to check that all files which exist in a given directory "must have permission set to 0750 or less." Plus, there'll be a check that all files in a (different) directory should all be owned by a specific user.

I have man'd the ls command, and I can't see a way of listing only files with certain permissions or ownership. I would like to be able to do it with a one-liner. I thought of piping the output of ls -l to awk, substringing the first 10 characters of that and trying to work out what text patterns would violate the audit requirement.

But then I got to thinking that sounded way too complex and that there must be an easier way. Anyone have one?!

Kustom42 07-02-2012 05:19 PM
FINE!

I mean FIND!

Yea, pretty easy with find.


first take a look at the find man page, and here are some examples of what you are trying to do I believe:

Code:
find /path/to/users/dir -perm 0750 -type f | xargs ls -l
If you want to compare to the actual directory and see any files that are different:

Code:

find /path/to/users/dir -perm 0750 -type f | xargs ls -l >> ./correctfiles.txt
ls -al /path/to/users/dir > ./allfiles.txt

diff ./allfiles.txt ./correctfiles.txt
For user ownership:

Code:
find /path/to/users/dir -user username -type f | xargs ls -l

dizwell 07-02-2012 05:30 PM
Hi there: thank you for that.

But I probably wasn't clear. I don't want to list files which have permissions of exactly 750, which is what I think your first command is giving. I want to list the files which have more or greater permissions than that. IE, 750 is the starting point, not an equality test. And preferably without having to spell out '751, 752, 753...' in a bazillion separate tests.

But I feel some time with the find man page might help, so nice starting point.

dizwell 07-02-2012 05:54 PM
Indeed, the man pages are an excellent source of advice, if you know where to look! I've now come up with this:

find /some/directory -perm +0751 -type f | xargs ls -l | awk '{k=0;for(i=0;i<=8;i++)k+=((substr($1,i+2,1)~/[rwx]/)*2^(8-i));if(k)printf("%0o ",k);print}'

That "+" before the "0751" means it finds permissions greater than or equal to those specified. The gunk at the end of the script is just there so I can see the numeric permissions as well as the rwxrwxrwx version, just for sanity checking. Once I am confident it works, I'll just go back to plain old "xargs ls -l" as in your original reply.

Problem solved, therefore. Find was very definitely the right direction to go in: much appreciated.

dizwell 07-02-2012 08:47 PM
By way of follow up, I think the command works fine on Linux, but the -perm parameter doesn't work the same way in Solaris (a -perm +0751 lists only files which have permissions of exactly 751). Is there a way to make a command that works on both?

Reuti 07-03-2012 07:30 AM
Maybe the find on Solaris is a different one. You can download the GNU find here and compile it on your own on Solaris.

chrism01 07-03-2012 07:43 PM
I think the SUN Freeware pkg http://www.sunfreeware.com/ includes the GNU tools ported to Solaris.


All times are GMT -5. The time now is 09:39 PM.