实验5

1、查找/var目录下属主为root，且属组为mail的所有文件

[02:58:25 root@localhost ~][#find /var  -user root -group mail
/var/spool/mail

2、查找/var目录下不属于root、lp、gdm的所有文件

find /var \( ! -user root -o ! -user lp -o ! -user gdm \) -type f

find /var -not \( -user root -or -user lp -or -user gdm \) -type f

3、查找/var目录下最近一周内其内容修改过，同时属主不为root，也不是postfix的文件

[03:02:55 root@localhost ~][#find /var -type f -mtime -7 ! -user root ! -user postfix
/var/lib/sss/db/config.ldb
/var/lib/colord/mapping.db
/var/lib/colord/storage.db
/var/lib/gdm/.config/pulse/cookie
/var/lib/gdm/.config/ibus/bus/6019865a73ce469eaf023bd8572389a7-unix-wayland-0
/var/lib/gdm/.config/.gsd-keyboard.settings-ported
/var/lib/gdm/.config/dconf/user
/var/lib/gdm/.local/state/wireplumber/restore-stream
/var/lib/gdm/.cache/gstreamer-1.0/registry.x86_64.bin
/var/lib/chrony/drift
/var/spool/mail/wang
/var/spool/mail/bash
/var/spool/mail/testbash
/var/spool/mail/basher
/var/spool/mail/sh
/var/spool/mail/user1
/var/spool/mail/user2
/var/spool/mail/user3
/var/spool/mail/user4
/var/spool/mail/user5
/var/spool/mail/user6
/var/spool/mail/user7
/var/spool/mail/user8
/var/spool/mail/user9
/var/spool/mail/user10


或者

[03:03:12 root@localhost ~][#find /var -mtime -7 ! \( -user root -o -user postfix \)
/var/lib/sss/db
/var/lib/sss/db/config.ldb
/var/lib/sss/pipes
/var/lib/sss/pubconf
/var/lib/colord
/var/lib/colord/mapping.db
/var/lib/colord/storage.db
/var/lib/colord/.cache
/var/lib/gdm
/var/lib/gdm/.config
/var/lib/gdm/.config/pulse
/var/lib/gdm/.config/pulse/cookie
/var/lib/gdm/.config/gnome-session
/var/lib/gdm/.config/gnome-session/saved-session
/var/lib/gdm/.config/ibus
/var/lib/gdm/.config/ibus/bus
/var/lib/gdm/.config/ibus/bus/6019865a73ce469eaf023bd8572389a7-unix-wayland-0
/var/lib/gdm/.config/.gsd-keyboard.settings-ported
/var/lib/gdm/.config/dconf
/var/lib/gdm/.config/dconf/user
/var/lib/gdm/.local
/var/lib/gdm/.local/share
/var/lib/gdm/.local/share/gnome-shell
/var/lib/gdm/.local/share/sounds
/var/lib/gdm/.local/share/flatpak
/var/lib/gdm/.local/share/flatpak/db
/var/lib/gdm/.local/share/applications
/var/lib/gdm/.local/share/pki
/var/lib/gdm/.local/share/pki/nssdb
/var/lib/gdm/.local/share/icc
/var/lib/gdm/.local/state
/var/lib/gdm/.local/state/wireplumber
/var/lib/gdm/.local/state/wireplumber/restore-stream
/var/lib/gdm/.cache
/var/lib/gdm/.cache/ibus
/var/lib/gdm/.cache/gstreamer-1.0
/var/lib/gdm/.cache/gstreamer-1.0/registry.x86_64.bin
/var/lib/chrony
/var/lib/chrony/drift
/var/lib/tpm2-tss/system/keystore
/var/log/sssd
/var/log/cups
/var/spool/mail/wang
/var/spool/mail/bash
/var/spool/mail/testbash
/var/spool/mail/basher
/var/spool/mail/sh
/var/spool/mail/user1
/var/spool/mail/user2
/var/spool/mail/user3
/var/spool/mail/user4
/var/spool/mail/user5
/var/spool/mail/user6
/var/spool/mail/user7
/var/spool/mail/user8
/var/spool/mail/user9
/var/spool/mail/user10

4、查找当前系统上没有属主或属组，且最近一个周内曾被访问过的文件

Bash
find / -nouser -o -nogroup -type f -atime -7
注意：由于 -nouser 和 -nogroup 选项可能在某些Linux发行版中不可用，你可能需要结合 ls -l 的输出进行过滤，例如：

Bash
find / -type f -atime -7 | xargs ls -l | grep '^(?!.*:[^:]*:[^:]*)'
这个命令可能不够完美，因为grep部分可能无法在所有环境下准确识别无属主或无属组的文件，但提供了一个基本思路。

5、查找/etc目录下大于1M且类型为普通文件的所有文件

[03:05:31 root@localhost ~][#find /etc -type f -size +1M
/etc/udev/hwdb.bin
/etc/selinux/targeted/policy/policy.33

6、查找/etc目录下所有用户都没有写权限的文件

find /etc -type f ! -perm /222

7、查找/etc目录下至少有一类用户没有执行权限的文件

find /etc -type f ! -perm /ugo=x
find /etc -type f ! -perm /111      #r-4  w-2 x-1

8、