Find all the -perm -o=x ! -perm /o=rw folder, and all ancestor paths to this folder need x permission for "others"?

I found that sudo -u <user> test might work, but I don’t have the sudo command on my system.

For example

/a d......--x
/a/aa d......--x YES
/b d......---
/b/bb d......--x NO

When I use the root user, I cannot use the test command to determine the permissions for "others".
Related questions I found: Test effective permissions of file for user

Asked By: hrdom


Here’s how you do it:

find ./ ! -perm -o=x -prune -o ( -type d ! -perm /o=rw -perm -o=x -print )
  • ! -perm -o=x -prune – don’t descend into directories that don’t have execute bit for "others".
  • The parentheses aren’t really required, I added them just for clarity. The command would work the same without them.
  • Without the explicit -print at the end, the pruned directories (the ones that find doesn’t descend into, i.e. those that don’t have execute bit for "others") would also be printed. The explicit -print ensures that ONLY the directories found at the right hand side (after the prune) are printed.

Now, this command would be the most obvious one. However, there are ways to make it much shorter by performing some logical reductions.

First of all, if you think about it, you don’t need the second -perm -o=x; If the first ! -perm -o=x evaluates to "True" (meaning, there’s no execute bit on the folder), it won’t even get to the right hand side after the -o (since logically, the whole expression would be evaluated as "True" after checking the first condition). This means that the whole section inside the parentheses would only be evaluated if there’s an execute bit for others on the file.

Bottom line, the -perm -o=x part inside the parentheses is redundant and can be removed.

find ./ ! -perm -o=x -prune -o ( -type d ! -perm /o=rw -print )

Now, as I said, the reason we need the -print at the end is because -prune action returns "True", and we don’t want to print those pruned directories. However, we can invert the "True" by just adding ! before the -prune; Those folders will still be pruned, but the result would be "False", so they wouldn’t be printed anyway.

find ./ ! -perm -o=x ! -prune -o ( -type d ! -perm /o=rw -print )

And then we don’t need the -print at the end anymore.

find ./ ! -perm -o=x ! -prune -o ( -type d ! -perm /o=rw )

And as I said, you can remove the parentheses. And that’s how you finally get to the:

Final shortened command:

find ./ ! -perm -o=x ! -prune -o -type d ! -perm /o=rw
Answered By: aviro
Categories: Answers Tags:
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.