Re: Why do UID values of system users matter?

[David Wright <deblis@lionunicorn.co.uk>]

On Mon 19 Aug 2019 at 09:24:59 (-0400), Greg Wooledge wrote:
> On Fri, Aug 16, 2019 at 11:42:12PM -0500, David Wright wrote:
> > Difficult to say. My reaction would be to check the ownership of all
> > non-root-owned files. Because of the potential for trouble like the
> > above, I routinely keep a list on each system.
> > 
> > # find / -mount \( ! -group 0 -o ! -user 0 \) -ls | awk '{printf "%s	%s	%s\n", $5, $6, $11}' | sort -k 3 > /root/non-root-owned-files
> 
> The use of $11 here assumes the filename doesn't contain any whitespace.
> It'll break if one does.  You'd be better off using GNU find's -printf
> features, than parsing the output of -ls with awk.

Yes, I expect the reason I haven't lost anything in my listing is that
whitespace is sensibly avoided in these system files.

> Looks like you want the username, groupname, and filename.  So that would
> be:
> 
> find / -mount \( ! group 0 -o ! -user 0 \) -printf '%u  %g  %p\n' |
>     sort -k 3 > /root/non-root-owned-files

Much appreciated improvement. (The - in -group got lost in transcription.)
Using \t tidies up the columniation too:

# find / -mount \( ! -group 0 -o ! -user 0 \) -printf '%u\t%g\t%p\n' | …

Cheers,
David.