Free Hosting Online for WorkStations

< Previous | Contents | Next >

Operators

Even with all the tests that find provides, we may still need a better way to describe the logical relationships between the tests. For example, what if we needed to determine if all the files and subdirectories in a directory had secure permissions? We would look for all the files with permissions that are not 0600 and the directories with permissions that are not 0700. Fortunately, find provides a way to combine tests using logical operators


to create more complex logical relationships. To express the aforementioned test, we could do this:



[me@linuxbox ~]$ find ~ \( -type f -not -perm 0600 \) -or \( -type d

-not -perm 0700 \)

[me@linuxbox ~]$ find ~ \( -type f -not -perm 0600 \) -or \( -type d

-not -perm 0700 \)


Yikes! That sure looks weird. What is all this stuff? Actually, the operators are not that complicated once you get to know them. Here is the list:


Table 17-4: find Logical Operators


Operator Description

Operator Description

-and Match if the tests on both sides of the operator are true. May be shortened to -a. Note that when no operator is present, -and is implied by default.


-or Match if a test on either side of the operator is true. May be shortened to -o.


-not Match if the test following the operator is false. May be abbreviated with an exclamation point (!).


( ) Groups tests and operators together to form larger expressions. This is used to control the precedence of the logical evaluations. By default, find evaluates from left to right. It is often necessary to override the default evaluation order to obtain the desired result. Even if not needed, it is helpful sometimes to include the grouping characters to improve readability of the command. Note that since the parentheses characters have special meaning to the shell, they must be quoted when using them on the command line to allow them to be passed as arguments to find. Usually the backslash character is used to escape them.



With this list of operators in hand, let’s deconstruct our find command. When viewed from the uppermost level, we see that our tests are arranged as two groupings separated by an -or operator:

( expression 1 ) -or ( expression 2 )

This makes sense, since we are searching for files with a certain set of permissions and for directories with a different set. If we are looking for both files and directories, why do


we use -or instead of -and? Because as find scans through the files and directories, each one is evaluated to see if it matches the specified tests. We want to know if it is ei- ther a file with bad permissions or a directory with bad permissions. It can’t be both at the same time. So if we expand the grouped expressions, we can see it this way:

( file with bad perms ) -or ( directory with bad perms )

Our next challenge is how to test for “bad permissions.” How do we do that? Actually we don’t. What we will test for is “not good permissions,” since we know what “good per- missions” are. In the case of files, we define good as 0600 and for directories, as 0700. The expression that will test files for “not good” permissions is:

-type f -and -not -perms 0600

and for directories:

-type d -and -not -perms 0700

As noted in the table of operators above, the -and operator can be safely removed, since it is implied by default. So if we put this all back together, we get our final command:

find ~ ( -type f -not -perms 0600 ) -or ( -type d -not

-perms 0700 )

However, since the parentheses have special meaning to the shell, we must escape them to prevent the shell from trying to interpret them. Preceding each one with a backslash character does the trick.

There is another feature of logical operators that is important to understand. Let’s say that we have two expressions separated by a logical operator:

expr1 -operator expr2

In all cases, expr1 will always be performed; however, the operator will determine if

expr2 is performed. Here’s how it works:


Table 17-5: find AND/OR Logic


Results of expr1

Operator

expr2 is...

True

-and

Always performed

False

-and

Never performed

True

-or

Never performed

False

-or

Always performed


Why does this happen? It’s done to improve performance. Take -and, for example. We know that the expression expr1 -and expr2 cannot be true if the result of expr1 is


false, so there is no point in performing expr2. Likewise, if we have the expression expr1 -or expr2 and the result of expr1 is true, there is no point in performing expr2, as we already know that the expression expr1 -or expr2 is true.

OK, so it helps it go faster. Why is this important? It’s important because we can rely on this behavior to control how actions are performed, as we shall soon see.


Top OS Cloud Computing at OnWorks: