Info: (find) Mode Bits

⇖ Info Catalog ← find: Owner ↑ find: Finding Files → find: Contents
find: Mode Bits

1 
1 2.7 File Mode Bits
1 ==================
1 
1 ⇒File Permissions, for information on how file mode bits are
1 structured and how to specify them.
1 
1    Four tests determine what users can do with files.  These are
1 '-readable', '-writable', '-executable' and '-perm'.  The first three
1 tests ask the operating system if the current user can perform the
1 relevant operation on a file, while '-perm' just examines the file's
1 mode.  The file mode may give a misleading impression of what the user
1 can actually do, because the file may have an access control list, or
1 exist on a read-only filesystem, for example.  Of these four tests
1 though, only '-perm' is specified by the POSIX standard.
1 
1    The '-readable', '-writable' and '-executable' tests are implemented
1 via the 'access' system call.  This is implemented within the operating
1 system itself.  If the file being considered is on an NFS filesystem,
1 the remote system may allow or forbid read or write operations for
1 reasons of which the NFS client cannot take account.  This includes
1 user-ID mapping, either in the general sense or the more restricted
1 sense in which remote superusers are treated by the NFS server as if
1 they are the local user 'nobody' on the NFS server.
1 
1    None of the tests in this section should be used to verify that a
1 user is authorised to perform any operation (on the file being tested or
1 any other file) because of the possibility of a race condition.  That
1 is, the situation may change between the test and an action being taken
1 on the basis of the result of that test.
1 
1  -- Test: -readable
1      True if the file can be read by the invoking user.
1 
1  -- Test: -writable
1      True if the file can be written by the invoking user.  This is an
1      in-principle check, and other things may prevent a successful write
1      operation; for example, the filesystem might be full.
1 
1  -- Test: -executable
1      True if the file can be executed/searched by the invoking user.
1 
1  -- Test: -perm pmode
1 
1      True if the file's mode bits match PMODE, which can be either a
1      symbolic or numeric MODE (⇒File Permissions) optionally
1      prefixed by '-' or '/'.
1 
1      A PMODE that starts with neither '-' nor '/' matches if MODE
1      exactly matches the file mode bits.  (To avoid confusion with an
1      obsolete GNU extension, MODE must not start with a '+' immediately
1      followed by an octal digit.)
1 
1      A PMODE that starts with '-' matches if _all_ the file mode bits
1      set in MODE are set for the file; bits not set in MODE are ignored.
1 
1      A PMODE that starts with '/' matches if _any_ of the file mode bits
1      set in MODE are set for the file; bits not set in MODE are ignored.
1      This is a GNU extension.
1 
1      If you don't use the '/' or '-' form with a symbolic mode string,
1      you may have to specify a rather complex mode string.  For example
1      '-perm g=w' will only match files that have mode 0020 (that is,
1      ones for which group write permission is the only file mode bit
1      set).  It is more likely that you will want to use the '/' or '-'
1      forms, for example '-perm -g=w', which matches any file with group
1      write permission.
1 
1      '-perm 664'
1           Match files that have read and write permission for their
1           owner, and group, but that the rest of the world can read but
1           not write to.  Do not match files that meet these criteria but
1           have other file mode bits set (for example if someone can
1           execute/search the file).
1 
1      '-perm -664'
1           Match files that have read and write permission for their
1           owner, and group, but that the rest of the world can read but
1           not write to, without regard to the presence of any extra file
1           mode bits (for example the executable bit).  This matches a
1           file with mode 0777, for example.
1 
1      '-perm /222'
1           Match files that are writable by somebody (their owner, or
1           their group, or anybody else).
1 
1      '-perm /022'
1           Match files that are writable by either their owner or their
1           group.  The files don't have to be writable by both the owner
1           and group to be matched; either will do.
1 
1      '-perm /g+w,o+w'
1           As above.
1 
1      '-perm /g=w,o=w'
1           As above.
1 
1      '-perm -022'
1           Match files that are writable by both their owner and their
1           group.
1 
1      '-perm -444 -perm /222 ! -perm /111'
1           Match files that are readable for everybody, have at least one
1           write bit set (i.e., somebody can write to them), but that
1           cannot be executed/searched by anybody.  Note that in some
1           shells the '!' must be escaped;.
1 
1      '-perm -a+r -perm /a+w ! -perm /a+x'
1           As above.
1 
1      '-perm -g+w,o+w'
1           As above.
1 
1           Warning: If you specify '-perm /000' or '-perm /mode' where
1           the symbolic mode 'mode' has no bits set, the test matches all
1           files.  Versions of GNU 'find' prior to 4.3.3 matched no files
1           in this situation.
1 
1  -- Test: -context pattern
1      True if file's SELinux context matches the pattern PATTERN.  The
1      pattern uses shell glob matching.
1 
1      This predicate is supported only on 'find' versions compiled with
1      SELinux support and only when SELinux is enabled.
1
⇖ Info Catalog ← find: Owner ↑ find: Finding Files → find: Contents