Hosting Operations
Read-only, can be slowFind Runtime Directories Writable Outside the Owner
You need to review storage, cache, log, and upload directories that are writable by group or other users.
Command
find fixtures/perm-audit/releases/2026-06-25/storage fixtures/perm-audit/releases/2026-06-25/uploads -type d -perm /0022 -printf '%M %u:%g %p\n' | sortBefore you run this
System impact: Read-only. Can create load on large logs, directories, filesystems, or process tables.
When not to use it: Do not treat every result as wrong; caches, uploads, and logs may intentionally allow service-group writes.
Expected output
Runtime directories with group-write or other-write permission bits.
System impact
Read-only, can be slow. Nothing changes. The command lists runtime directories writable outside the owning user.
Scope this to the smallest useful path or service on busy systems.
Recovery / rollback: no state is changed.
When to use it
Use when reviewing writable application paths before hardening or incident cleanup.
When not to use it
Do not treat every result as wrong; caches, uploads, and logs may intentionally allow service-group writes.
Explanation-only example
Illustrated output, not a live lab run
This example is intentionally illustrative. It shows the command shape without killing real processes or changing your machine.
$ find sample-files/perm-audit/releases/2026-06-25/storage sample-files/perm-audit/releases/2026-06-25/uploads -type d -printf '%M %u:%g %p\n' | sort
drwxr-xr-x root:root sample-files/perm-audit/releases/2026-06-25/uploads
drwxrwxr-x root:root sample-files/perm-audit/releases/2026-06-25/storage
drwxrwxr-x root:root sample-files/perm-audit/releases/2026-06-25/storage/cache
drwxrwxrwx root:root sample-files/perm-audit/releases/2026-06-25/storage/logs$ find sample-files/perm-audit/releases/2026-06-25/storage sample-files/perm-audit/releases/2026-06-25/uploads -type d -perm /0022 -printf '%M %u:%g %p\n' | sort
drwxrwxr-x root:root sample-files/perm-audit/releases/2026-06-25/storage
drwxrwxr-x root:root sample-files/perm-audit/releases/2026-06-25/storage/cache
drwxrwxrwx root:root sample-files/perm-audit/releases/2026-06-25/storage/logsView commands shown
These are the commands shown in the sanitized transcript.
Commands shown
find fixtures/perm-audit/releases/2026-06-25/storage fixtures/perm-audit/releases/2026-06-25/uploads -type d -printf '%M %u:%g %p\n' | sortfind fixtures/perm-audit/releases/2026-06-25/storage fixtures/perm-audit/releases/2026-06-25/uploads -type d -perm /0022 -printf '%M %u:%g %p\n' | sort
next steps
Related commands
Find Release Files Writable Outside the Owner
A release file that someone besides the owner can modify deserves a second look.
find fixtures/perm-audit/releases/2026-06-25 -type f -perm /0022 -printf '%M %u:%g %p\n' | sort
Find Upload Files Writable Outside the Owner
Uploads are supposed to be writable at the edge, not writable forever by everyone.
find fixtures/perm-audit/releases/2026-06-25/uploads -type f -perm /0022 -printf '%M %u:%g %p\n' | sort
Group Writable Files by Owning Group
Group-writable files are not automatically wrong, but the owning group decides the risk.
find fixtures/perm-audit -type f -perm -0020 -printf '%g %M %p\n' | sort
Find Writable Directories Missing the Sticky Bit
A writable log directory is not the same thing as a safe shared directory.
find fixtures/perm-audit -type d -perm -0002 ! -perm -1000 -printf '%m %u:%g %p\n' | sort
Exclude the Current Release from Cleanup
Release cleanup should prove what current points to before listing old directories.
current=$(readlink -f /lab/disk-inode-cleanup/home/deploy/current); find /lab/disk-inode-cleanup/home/deploy/releases -mindepth 1 -maxdepth 1 -type d ! -samefile "$current" -printf '%TY-%Tm-%Td %p\n' | sort
Study mapping
Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.
Useful for
- LPIC-1 style command-line practice
- LFCS style performance tasks
- Linux+ style troubleshooting review
Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.