Running a report from .profile against 600 in bindview

Posted on 2003-02-20
Medium Priority
Last Modified: 2010-04-21
Hello, I have been given a task to run a report in bindview .  The report should list all user profiles which are updatable by other users. ie: all files called .profile where the file mode is something other than 600.  How would I do this? - or what AIX command could I run (just to create a manual report in AIX)?
Question by:Webwitch
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 18

Expert Comment

ID: 7986495
Don't know about bindview, but the Unix command would be:
find / -name .profile -perm -og+rw -ls

Accepted Solution

ellesd earned 300 total points
ID: 7987235
Actually the "-" in front of the og+rw will not work because it means that the file has at least those permissions.  If you leave the dash out, then it means exactly matches the permissions specified.  Since we know the permissions need to be 600 and we want to find those whose permissions don't match, we also need to negate the primary with "!".  The UNIX command should be:

find HOMEROOT -name .profile -a ! -perm 600 -exec ls {} \;

where HOMEROOT is where all users home directories reside.  For example if all home directories are on the /u filesystem:

find /u -name .profile -a ! -perm 600 -exec ls {} \;

Try it out and let me know.
LVL 21

Expert Comment

ID: 7987270
# Find .profile writeable by group OR others
find / -name .profile  \( -perm -g+w -o -perm -o+w \)  -ls  

# Find .profile where permissions are not 600
find / -name .profile ! -perm 600  -ls

# So what's wrong with permissions 700? Or 755? Your call ;-)

Expert Comment

ID: 7987792
You are going to want to stick to specifying the permissions in octal since you know exactly what you want (600).  The above solution using symbolic permissions does not take read or execute permission into consideration.  It can be done with symbolic, but it will produce quite a long command.

My other issue is why are the solutions checking from root directory?  Do you really need to check the entire system (including mounted filesystems)?  This could take quite a long time.  User profiles are in their HOME directories.  If you have organized them into a common parent, then specify it as the path to find.  If you have more than one location for user's HOME directories, you can specify more than one path to search for find to look in.

Your call.

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month8 days, 10 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question