Running a report from .profile against 600 in bindview

Hello, I have been given a task to run a report in bindview .  The report should list all user profiles which are updatable by other users. ie: all files called .profile where the file mode is something other than 600.  How would I do this? - or what AIX command could I run (just to create a manual report in AIX)?
WebwitchAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

liddlerCommented:
Don't know about bindview, but the Unix command would be:
find / -name .profile -perm -og+rw -ls
0
ellesdCommented:
Actually the "-" in front of the og+rw will not work because it means that the file has at least those permissions.  If you leave the dash out, then it means exactly matches the permissions specified.  Since we know the permissions need to be 600 and we want to find those whose permissions don't match, we also need to negate the primary with "!".  The UNIX command should be:

find HOMEROOT -name .profile -a ! -perm 600 -exec ls {} \;

where HOMEROOT is where all users home directories reside.  For example if all home directories are on the /u filesystem:

find /u -name .profile -a ! -perm 600 -exec ls {} \;

Try it out and let me know.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tfewsterCommented:
# Find .profile writeable by group OR others
find / -name .profile  \( -perm -g+w -o -perm -o+w \)  -ls  

# Find .profile where permissions are not 600
find / -name .profile ! -perm 600  -ls

# So what's wrong with permissions 700? Or 755? Your call ;-)
0
ellesdCommented:
You are going to want to stick to specifying the permissions in octal since you know exactly what you want (600).  The above solution using symbolic permissions does not take read or execute permission into consideration.  It can be done with symbolic, but it will produce quite a long command.

My other issue is why are the solutions checking from root directory?  Do you really need to check the entire system (including mounted filesystems)?  This could take quite a long time.  User profiles are in their HOME directories.  If you have organized them into a common parent, then specify it as the path to find.  If you have more than one location for user's HOME directories, you can specify more than one path to search for find to look in.

Your call.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.