If you want to search files which have some special permission.
SUID or SGID
[root@localhost rpm]# find /sbin/ -perm /6000 -ls
630385 12 -rwsr-xr-x 1 root root 11224 Jul 19 2016 /sbin/pam_timestamp_check
630387 36 -rwsr-xr-x 1 root root 36280 Jul 19 2016 /sbin/unix_chkpwd
1155906 40 -rws--x--x 1 root root 40312 Jan 28 2014 /sbin/userhelper
1261593 12 -rwx--s--x 1 root lock 11208 Jan 26 2014 /sbin/lockdev
1225816 12 -rwxr-sr-x 1 root root 11224 Sep 12 2016 /sbin/netreport
1225821 12 -rwsr-xr-x 1 root root 11288 Sep 12 2016 /sbin/usernetctl
1350842 112 -rwsr-xr-x 1 root root 113400 Aug 17 2016 /sbin/mount.nfs
1863959 216 -rwxr-sr-x 1 root postdrop 218552 Jan 27 2014 /sbin/postdrop
1863966 256 -rwxr-sr-x 1 root postdrop 259992 Jan 27 2014 /sbin/postqueue
[root@localhost rpm]#
SUID or SGID
[root@localhost rpm]# find /sbin/ -perm /6000 -ls
630385 12 -rwsr-xr-x 1 root root 11224 Jul 19 2016 /sbin/pam_timestamp_check
630387 36 -rwsr-xr-x 1 root root 36280 Jul 19 2016 /sbin/unix_chkpwd
1155906 40 -rws--x--x 1 root root 40312 Jan 28 2014 /sbin/userhelper
1261593 12 -rwx--s--x 1 root lock 11208 Jan 26 2014 /sbin/lockdev
1225816 12 -rwxr-sr-x 1 root root 11224 Sep 12 2016 /sbin/netreport
1225821 12 -rwsr-xr-x 1 root root 11288 Sep 12 2016 /sbin/usernetctl
1350842 112 -rwsr-xr-x 1 root root 113400 Aug 17 2016 /sbin/mount.nfs
1863959 216 -rwxr-sr-x 1 root postdrop 218552 Jan 27 2014 /sbin/postdrop
1863966 256 -rwxr-sr-x 1 root postdrop 259992 Jan 27 2014 /sbin/postqueue
[root@localhost rpm]#
SUID and SGID
[root@localhost rpm]# find /sbin/ -perm -6000 -ls
[root@localhost rpm]#
[root@localhost rpm]# touch my.txt
[root@localhost rpm]# chmod 6755 /sbin/my.txt
[root@localhost rpm]# find /sbin/ -perm -6000 -ls
2134075 0 -rwsr-sr-x 1 root root 0 Jan 25 14:18 /sbin/my.txt
[root@localhost rpm]#
Note:- '-ls' is not ls command here, it is an option of find command.
By default find command shows files and directory both. If you want to find only for files/directories, you can user below options-
[root@localhost rpm]# find /etc -name pass* -type f -ls
8740295 4 -r-------- 1 root root 45 Dec 29 07:41 /etc/openldap/certs/password
8957061 4 -rw-r--r-- 1 root root 2363 Dec 29 14:17 /etc/passwd
8858380 4 -rw-r--r-- 1 root root 2318 Dec 29 14:15 /etc/passwd-
25166768 4 -rw-r--r-- 1 root root 188 Jan 30 2014 /etc/pam.d/passwd
26738864 4 -rw-r--r-- 1 root root 974 Dec 29 07:58 /etc/pam.d/password-auth-ac
[root@localhost rpm]# find /etc -name pass* -type d -ls
26528985 0 drwx------ 2 root root 44 Dec 29 07:49 /etc/selinux/targeted/active/modules/100/passenger
[root@localhost rpm]#
Note:- '-ls' is not ls command here, it is an option of find command.
By default find command shows files and directory both. If you want to find only for files/directories, you can user below options-
[root@localhost rpm]# find /etc -name pass* -type f -ls
8740295 4 -r-------- 1 root root 45 Dec 29 07:41 /etc/openldap/certs/password
8957061 4 -rw-r--r-- 1 root root 2363 Dec 29 14:17 /etc/passwd
8858380 4 -rw-r--r-- 1 root root 2318 Dec 29 14:15 /etc/passwd-
25166768 4 -rw-r--r-- 1 root root 188 Jan 30 2014 /etc/pam.d/passwd
26738864 4 -rw-r--r-- 1 root root 974 Dec 29 07:58 /etc/pam.d/password-auth-ac
[root@localhost rpm]# find /etc -name pass* -type d -ls
26528985 0 drwx------ 2 root root 44 Dec 29 07:49 /etc/selinux/targeted/active/modules/100/passenger
[root@localhost rpm]#
Comments
Post a Comment
Please share your experience.....