Strange output from find

nixie · August 12, 2012, 5:08pm

How can I prevent find from outputting the directory name /home/xxxxxxxx/Backup/.system (which isn't even "other writable"?

I am trying to search for files that are "world writable" on a shared web host using the find statement, and I want to prevent find from creating an error (because the of directory permissions). I don't want to just pipe stderr to /dev/null as this would suppress unexpected errors.

This statement works correctly but produces an error"

# find /home/xxxxxxxx  -type f -perm -o+w
find: `/home/xxxxxxxx/Backup/.system': Permission denied

but for some reason the statement

find /home/xxxxxxxx -type d \( -iwholename "/home/xxxxxxxx/Backup/.system" \) -prune -o -type f -perm -o+w

creates the output

/home/xxxxxxxx/Backup/.system

i.e. it outputs the name of the directory excluded along with the files that are "other" writeable.

FYI

# ls -laR /home/xxxxxxxx/Backup/
/home/xxxxxxxx/Backup/:
total 12
drwxr-xr-x  3 xxxxxxxx xxxxxxxx 4096 Feb 15  2011 ./
drwx--x--- 31 xxxxxxxx nobody   4096 Aug 12 14:43 ../
drwx--x---  4 root     xxxxxxxx 4096 Feb 15  2011 .system/
/bin/ls: cannot open directory /home/xxxxxxxx/Backup/.system: Permission denied

the W bit is not set for "other", so I don't understand what is going on.
I am using find (GNU findutils) 4.4.2 on CentOS in case it matters.

How can I prevent find from outputting the directory name /home/xxxxxxxx/Backup/.system (which isn't even "world writable"?

As an aside, has anyone seen a good find tutorial? Man page does an OK job with the individual options, but really lacks the context for putting them together in combination

Chubler_XL · August 12, 2012, 7:01pm

Problem is you don't have a -print argument so all true expressions will print, including the prune.

Try:

find /home/xxxxxxxx -type d \( -iwholename "/home/xxxxxxxx/Backup/.system" \) -prune -o -type f -perm -o+w -print

alister · August 12, 2012, 10:40pm

Chubler_XL is correct. Here's the relevant bit from the POSIX documentation:

Regards,
Alister

nixie · August 13, 2012, 3:02pm

chubler_xl:

Problem is you don't have a -print argument so all true expressions will print, including the prune.

Try:
find /home/xxxxxxxx -type d \( -iwholename "/home/xxxxxxxx/Backup/.system" \) -prune -o -type f -perm -o+w -print

Thank you so much... that is exactly what I needed.

---------- Post updated at 03:02 PM ---------- Previous update was at 10:06 AM ----------

Thanks for the reply Alister... I've read it, and have a bit more of a clue, but the phrase given expression is what is confusing me. In the context of the find statement:

find /home/xxxxxxxx -type d \( -iwholename "/home/xxxxxxxx/Backup/.system" \) -prune -o -type f -perm -o+w -print

I'm really confused about that term given expression. It appears there are two expressions, one for include and one for exclude.

It appears that the order of processing is: -prune \(-type d \( -iwholename "/home/xxxxxxxx/Backup/.system" \) \) , where the directory to prune comes before the prune statement rather than after it. Yet -type f -perm -o+w is processed Left to Right as I would normally expect.

I now understand that I can add to the pruned directories by adding as many -o -iwholename "/path/to/exclude" inside the brackets.

I'm still at a bit of a loss as to the correct way to add additional conditions to the find (i.e. modified within the last 10 days for example, or owned by user yyyyyyy).

Also does the "prune" expression need to be the first, or can the order of statement be reordered?

I'm in awe of the power and flexibility of (*)nix, (not many software systems from the 1970s are still in popular use) but the learning curve is steep and man pages are usually just for "a reminder" as they often include enough context for a newbe.

Any tips/input/reference to a good tutorial would be appreciated.

Thanks

Lem · August 14, 2012, 9:00am

First of all, please forgive my bad English.
Something you've written sounds a bit odd to me.

First: my find is GNU find 4.2.2 too, but my man find is like this one:
UNIX man pages : find ()
and not like this one:
find.

In my find manual I can't read any "given expression", but I read clearly: "If the expression contains no actions other than -prune, -print is performed on all files for which the expression is true."

Second: the manual I linked above is pretty clear about what is an expression, how is it made up of options, tests and actions, and what's find behaviour depending on them being true or false. If you haven't read it yet, I suggest you give it a try. I'm sure it will be of some help.

Third: action -prune doesn't mean "ignore it", but "do not descend into it, if it is a directory". So a pruned directory found by find is printed itself (but its content is ignored) if the action -print (the default action) is performed.

Fourth: besides Chubler_XL solution, you could go with:

find /home/xxxxxxxx -type d -iwholename "/home/xxxxxxxx/Backup/.system" -prune , -type f -perm -o+w

(however you don't need any parenthesis).
This way the first expression, before the comma, is evaluated (-prune works), but its return values are then discarded: the directory /home/xxxxxxxx/Backup/.system is found by the first expression in which -prune gives a true return value for that directory, but this true value is then discarded, so only true return values of the second expression (after the comma) will cause something to be printed (default action).
--
Bye