Re: Determining real user access permissions to files/directories (ls -l doesn't help)
- From: Kenan Kalajdzic <kenan@xxxxxxx>
- Date: Sat, 4 Aug 2007 16:45:28 +0200 (CEST)
Yanko <yhdezalvarez@xxxxxxxxx> wrote:
How can I determine (recursive) which files/ folders inside a folder
are inaccessible for a specific user in a certain way?
Examples of that query would be:
? a list of files that user "exampleuser" can't write inside folder /
var/directory
? a list of files that user "test" can't read inside folder /etc
"ls -l" only helps me if the user is the owner, but it doesn't if the
user belongs to the group owning the file/folder or if the rest of the
users have access to the file/folder.
Is there any command/script which can help me to get such an answer?
You should first determine the groups a user belongs to, and then you can
build a query for the "find" command that would give you the list of files
that meet your criteria. Here is an example:
Let's say you want to know which files and directories within the directory
/some/dir are writable by a user named "testuser". First you determine the
groups this user belongs to using the "groups" command:
$ groups testuser
users staff
Now you can invoke the "find" command as follows:
$ find /some/dir -user testuser -perm -u+w \
-o \( -group users -o -group staff \) -perm -g+w \
-o -perm -o+w
You can combine these two commands into a small script:
DIR="/some/dir"
USR=testuser
MOD=w
find "$DIR" -user $USR -perm -u+$MOD \
-o \( `groups $USR | sed 's/ / -o -group /g;s/^/-group /'` \) \
-perm -g+$MOD -o -perm -o+$MOD
--
Kenan Kalajdzic
.
- References:
- Prev by Date: Re: script to generate names ???
- Next by Date: Re: Leading tilde in the output of calc
- Previous by thread: Determining real user access permissions to files/directories (ls -l doesn't help)
- Next by thread: Re: Determining real user access permissions to files/directories (ls -l doesn't help)
- Index(es):
Relevant Pages
|
|
