13、查找/etc目录下所有用户都有写权限的文件;
[root@localhost ~]# find /etc -perm -222 -ls | head -n 10 667104 0 lrwxrwxrwx 1 root root 37 Nov 30 04:10 /etc/xdg/ 655829 0 lrwxrwxrwx 1 root root 19 Nov 30 03:54 /e 653507 0 lrwxrwxrwx 1 root root 11 Nov 30 03:53 /etc/in 662151 0 lrwxrwxrwx 1 root root 21 Nov 30 03:58 /etc/gd/ 655834 0 lrwxrwxrwx 1 root root 16 Nov 30 03:54 /etc/ssl/c 670719 0 lrwxrwxrwx 1 root root 29 Nov 30 04:08 /etc/vmware-tools/ 670721 0 lrwxrwxrwx 1 root root 25 Nov 30 04:08 /et 669583 0 lrwxrwxrwx 1 root root 22 Nov 30 04:06 /etc/grub.conf -> ../ 667434 0 lrwxrwxrwx 1 root root 19 Nov 30 04:01 /et -> .. 668205 0 lrwxrwxrwx 1 root root 18 Nov 30 04:02 /etc/rc.d/rc5.d/ 限于格式,只截取部分结果展示。
14、查找/etc目录下大于1M,且类型为普通文件的所有文件;
[root@localhost init.d]# find /etc -size +1M -type f -exec ls -lh {} \; -rw-r--r--. 1 root root 2.0M Nov 30 04:02 /etc/gconf/gconf.xml.defaults/%gconf-tree.xml -rw-r--r--. 1 root root 7.0M Nov 30 04:09 /etc/selinux/targeted/modules/active/policy.kern -rw-r--r--. 1 root root 7.0M Nov 30 04:09 /etc/selinux/targeted/policy/policy.24
15、查找/etc/init.d/目录下,所有用户都有执行权限,且其它用户有写权限的文件;
[root@localhost ~]# find /etc/init.d/ -perm -113 -exec ls -lh {} \; ---x--x-wx. 1 root root 0 Dec 24 11:22 /etc/init.d/test.text
16、查找/usr目录下不属于root、bin或hadoop的文件;
[root@localhost ~]# find /usr -not \( -user root -o -user bin -o -user hadoop \) -ls 395905 12 -rwsr-xr-x 1 abrt abrt 9904 Nov 22 2013 /usr/libexec/abrt-action- 限于格式,只截取部分结果。
17、查找/etc/目录下至少有一类用户没有写权限的文件;
[root@localhost ~]# find /etc/ -not -perm -222 -exec ls -lh {} \;
18、查找/etc目录下最近一周内其内容被修改过,且不属于root或hadoop的文件;
[root@localhost etc]# find /etc -mtime -7 -not \( -user root -o -user hadoop \) -ls 667125 0 --w--w--w- 1 admin admin 0 Dec 24 13:12 /etc/findtest.text [root@localhost etc]#