sudo find /usr -perm /a=x 和 sudo find /usr -executable 之间有什么区别

tag-icon tag-icon find executable
sudo find /usr -perm /a=x 和 sudo find /usr -executable 之间有什么区别

他们都应该获得可执行的文件,但我得到不同的数字

[user@j6727961 ~]$ sudo find /usr -perm /a=x | nl
    1   /usr
     2  /usr/bin
     3  /usr/bin/nroff
     4  /usr/bin/gzexe
     5  /usr/bin/catchsegv
     6  /usr/bin/diff
     7  /usr/bin/gzip
     8  /usr/bin/gencat
     9  /usr/bin/diff3
    10  /usr/bin/zcat
    11  /usr/bin/getent
    12  /usr/bin/sdiff
    13  /usr/bin/zcmp
    14  /usr/bin/iconv
    15  /usr/bin/db_recover
    16  /usr/bin/ldd
    17  /usr/bin/unxz
    18  /usr/bin/zdiff
    19  /usr/bin/locale
    20  /usr/bin/xz
    21  /usr/bin/zgrep
    22  /usr/bin/localedef
    23  /usr/bin/xzcat
-
-
-
-
 17112  /usr/local/share/man/man8x
 17113  /usr/local/share/man/man9
 17114  /usr/local/share/man/man9x
 17115  /usr/local/share/man/mann
 17116  /usr/local/src
 17117  /usr/src
 17118  /usr/src/debug
 17119  /usr/src/kernels
 17120  /usr/tmp

并带有 -executable 标志:

[user@j6727961 ~]$ sudo find /usr -executable | nl
[sudo] password for user: 
     1  /usr
     2  /usr/bin
     3  /usr/bin/nroff
     4  /usr/bin/gzexe
     5  /usr/bin/catchsegv
     6  /usr/bin/diff
     7  /usr/bin/gzip
     8  /usr/bin/gencat
     9  /usr/bin/diff3
    10  /usr/bin/zcat
    11  /usr/bin/getent
    12  /usr/bin/sdiff
    13  /usr/bin/zcmp
    14  /usr/bin/iconv
    15  /usr/bin/db_recover
    16  /usr/bin/ldd
    17  /usr/bin/unxz
    18  /usr/bin/zdiff
-
-
-
-
 12218  /usr/local/share/man/man4x
 12219  /usr/local/share/man/man5
 12220  /usr/local/share/man/man5x
 12221  /usr/local/share/man/man6
 12222  /usr/local/share/man/man6x
 12223  /usr/local/share/man/man7
 12224  /usr/local/share/man/man7x
 12225  /usr/local/share/man/man8
 12226  /usr/local/share/man/man8x
 12227  /usr/local/share/man/man9
 12228  /usr/local/share/man/man9x
 12229  /usr/local/share/man/mann
 12230  /usr/local/src
 12231  /usr/src
 12232  /usr/src/debug
 12233  /usr/src/kernels
 12234  /usr/tmp

答案1

根据man find

   -perm /mode
          Any  of the permission bits mode are set for the file.

所以-perm /a+x将匹配一个文件任何可执行位设置。

   -executable
          Matches  files  which  are  executable and directories which are
          searchable (in a file name resolution sense).  This  takes  into
          account  access  control  lists  and other permissions artefacts
          which the -perm test  ignores.   This  test  makes  use  of  the
          access(2) system call, and so can be fooled by NFS servers which
          do UID mapping (or root-squashing), since many systems implement
          access(2)  in  the client's kernel and so cannot make use of the
          UID mapping information held on the server.  Because  this  test
          is  based only on the result of the access(2) system call, there
          is no guarantee that a file for which  this  test  succeeds  can
          actually be executed.

所以-executable会匹配一个文件当前用户可以根据access()系统调用进行访问

答案2

-executable查找可执行或可遍历的文件或目录,系统调用表明access它们可由运行的用户find(在您的情况下为 root)执行或遍历。-perm查看文件模式位。在大多数情况下,它们之间最显着的区别来自于默认情况下find不取消引用符号链接;这意味着-perm默认情况下将查看链接的文件模式位(通常为 0777),而-exec将查看引用文件的文件模式位,因为access总是取消引用符号链接。

摘要:通常的区别在于,find -perm /a=x将包含所有符号链接,而find -executable仅包含指向可执行文件或可遍历目录的符号链接。

相关内容