Shulou(Shulou.com)06/01 Report--

Summary: this article mainly explains locate command and find command to help us find files in linux and facilitate us to locate files quickly.

I. document search

That is, to find qualified files on the file system, and common workers have locate and find

1. Locate command

The locate command is actually another way to write find-name, but much faster because it does not search for specific directories, but instead searches for the pre-built file index database / var/lib/locatedb or / var/lib/mlocate/mlocate.db on the system, which contains all the local file information.

Note: the Linux system automatically creates this database and automatically updates (periodic tasks) once a day when the system is idle, so you can't find the newly changed files using the locate command. To avoid this, you can manually update the database using the administrator manual update database (updatedb) before using locate. At the same time, because the process of updating the index database needs to traverse the files in the entire root file system, which consumes a lot of resources, it is best to update this database when the system is idle.

Characteristics of locate work:

Depends on the pre-built index / var/lib/mlocate/mlocate.db

Fast search speed (search database directly)

Fuzzy search (imprecise matching, qualified if containing keywords)

Non-real-time lookup (the construction of the index database is not real-time, so locate cannot find it in real time)

Search for the full path of the file, not just the file name (with the absolute path of the file as the search content, and even if you use the-b option, only the base name contains keywords)

It is possible to search only directories where the user has read and execute permissions (if the user does not have read and execute permissions on the directory, the user may not be able to get the file list information in that directory, thus affecting the search results)

Locate [options]... Mode.

Common options:

Instead of requiring only one match, Amam Murmurall displays entries that match all patterns.

-b,-- basename matches the base file name of a unique path name

-c,-- count shows only the number of entries found

-d,-- database DBPATH replaces the default database with DBPATH (/ var/lib/mlocate/mlocate.db)

-I,-- ignore-case ignores case differences when matching patterns

-r,-- regexp REGEXP searches the basic regular expression REGEXP instead of the pattern

The regex pattern is an extended regular expression

Expansion options: (understand)

-e,-- existing displays only existing file entries

-L,-- follow follows the spread of symbolic links when the file exists (default)

-l,-- limit,-n LIMIT is limited to the output (or count) of the LIMIT project

-m,-- mmap ignores backward compatibility

-P,-- nofollow,-H do not follow the spread of symbolic links when checking files

-0,-- items are separated by NUL when null is exported

-S,-- statistics does not search for items and displays statistics about each used database

-Q,-- quiet does not report error messages about reading the database

-s,-- stdio ignores backward compatibility

-w,-- wholename matches the full pathname (default)

Example:

A base file name that matches a unique path name (with relevant keywords)

[root@localhost] # locate-b passwd/etc/passwd/etc/passwd-/etc/pam.d/passwd/etc/security/opasswd...

Show only the number of entries found

[root@localhost ~] # locate-c passwd148

Use regular expressions

[root@localhost] # locate-r\ .repo$/etc/bash_completion.d/createrepo/etc/bash_completion.d/mergerepo/etc/bash_completion.d/modifyrepo/etc/yum.repos.d/CentOS-Base.repo

2. Find command

The find command is used to find files in the specified directory. Any string that precedes a parameter is treated as the name of the directory you are looking for. If you use this command without setting any parameters, the find command looks for subdirectories and files under the current directory. And all the subdirectories and files found are displayed.

Characteristics of find work:

Complete file lookup by traversing the file system hierarchy under the specified path (the default is to find all files in the current directory, including all files in the subdirectory)

Search is slightly slower (traversal lookup)

Exact search (search file name matches search criteria)

Real-time search (active search)

It is possible to search only directories where the user has read and execute permissions (if the user does not have read and execute permissions on the directory, the user may not be able to get the file list information in that directory, thus affecting the search results)

Standard syntax: find [- H] [- L] [- P] [- D debugopts] [- Olevel] [path...] [expression]

Simplified syntax: find [OPTION] [find path] [find conditional expression] [process Action]

Find path: specify a specific target path; default is the current directory

Search criteria: specified search criteria, such as file name, size, type, permissions, etc.; default is to find all files under the specified path

Processing action: perform operations on files that meet the criteria, such as-ls detailed display-delete deletion, etc., default output to standard output screen

Matching tests: the results are usually Boolean

Find wildcards that support glob style by file name and inode: *,?, [], [^]

-name "pattern"

-iname "pattern": case-insensitive letters

-inum n search by inode number

-samefile name files with the same inode number

-links n Files with n links

-regex pattern: finds a file based on a regular expression, matching the entire path instead of the file name

According to the file dependency (owner, group) to find:

-user USERNAME: find all files whose owner is the specified user (UID)

-group GRPNAME: find all files that belong to the specified group (GID)

-uid UserID: find all files whose owner is the specified UID number

-gid GroupID: find all files whose group is the specified GID number

-nouser: find files without owners

-nogroup: find files that do not belong to a group

Look up according to the type of file:

-type TYPE:

F: ordinary files

D: catalog file

L: symbolic link file

S: socket file

B: block device file

C: character device file

P: pipe fil

Combination conditions:

And:-a, default combinational logic

Or:-o

Non:-not!

De Morgan's law: there are the following relationships in propositional logic:

(non-P) or (non-Q) = non (P and Q)

(non-P) and (non-Q) = non (P or Q)

Example:

! a-a! B =! (a-o B)

! a-o! B =! (a-a-B)

Look up according to the file size:

-size [+ | -] # UNIT

Common units: K, M, G

# UNIT: #-1, #]

For example, 10k means (9kpje 10k)

-# UNIT: [0memorie muri 1]

For example,-10k means [010k]

+ # UNIT: (# ∞)

For example, + 10k means (10k, ∞)

Find based on the timestamp:

In terms of "days"

-atime [+ | -] #

#: [#, # + 1)

+ #: [# + 1, ∞]

-#: [0BZ #)

-mtime

-ctime

In minutes:

-amin

-mmin

-cmin

Find based on permissions:

-perm [/ | -] MODE

MODE: exact permission matching

/ MODE: any one of the permissions of any type of user (umeme gpeno) can be matched by any one of them (rmae wpjol x).

There is an OR relationship between 9-bit permissions.

+ MODE form begins to be eliminated from centos7

-MODE: every member of the permissions of each type of user (uMagingPol x) must have the specified permissions at the same time.

There is a "and" relationship between 9-bit permissions.

0 indicates no concern

Eg:/002-002 and both have the same effect.

For example:

Find-perm 755 will match files whose permission mode happens to be 755

Find-perm + 222will match as long as anyone has write permission

Find-perm-222will match only if everyone has write permission.

Find-perm-002will match only if someone else (other) has write permission.

Processing action

-print: default processing action, displayed to the screen

-ls: similar to the "ls-l" command on the found file

-delete: delete the found file

-fls file: the long format information of all found files is saved to the specified file

-ok COMMAND {}\; execute the command specified by COMMAND for each file found; (fixed format)

The user is asked to confirm interactively before executing the command for each file

Eg:

[root@localhost ~] # find / etc-nouser-nogroup-ls 6594 0-rwxr-xrwx 1 1006 1006 August 20 15:13 / etc/rc.d/init.d/test [root@localhost ~] # find / etc-nouser-nogroup-ok chown root:root {}\

< chown ... /etc/rc.d/init.d/test >

? Y

-exec COMMAND {}\; execute the command specified by COMMAND for each file found (fixed format)

Eg:

[root@localhost init.d] # find. /-perm-656./test [root@localhost init.d] # find. /-perm-656-exec mv {} {}. Danger\; [root@localhost init.d] # ll total usage 92Murray. 1 root root 13948 September 16 2015 functions-rwxr-xr-x. 1 root root 2989 September 16 2015 netconsole-rwxr-xr-x. 1 root root 6630 September 16 2015 network-rw-r--r--. 1 root root 1160 November 20 2015 README-rwxr-xrwx. 1 root root August 20 15:13 test.danger-rwxr-xr-x. 1 root root 44264 July 25 22:00 vmware-tools-rwxr-xr-x. 1 root root 15721 July 25 22:00 vmware-tools-thinprint

{}: used to reference the found file name itself

When find passes the found file to the command specified later, it finds all matches

The conditional file is passed to the following command at one time

Some commands cannot accept too many parameters, and command execution may fail. This problem can be avoided in the following ways

Find | xargs COMMAND

Find command to find the result by pipeline | pass it to the following xargs command and then accept the find standard output command.

Xargs: establish and execute command lines from standard input

The xargs command is a filter for passing parameters to other commands and a tool for combining multiple commands. It is good at converting standard input data into command-line parameters, and xargs can process pipes or stdin and convert them into command parameters for specific commands. Xargs can also convert single-line or multi-line text input to other formats, such as multi-line to single-line, single-line to multiline. The default command for xargs is echo, and spaces are the default delimiters. This means that input passed to xargs through the pipeline will contain line breaks and whitespace, but with xargs processing, line feeds and whitespace will be replaced by spaces. Xargs is one of the important components for building one-line commands.

Main parameters

-I replace the passed data with {}

-I string uses string instead of passed data-n [number] sets how many rows of data are passed at a time

The-n option limits the number of parameters on a single command line

-t displays execution details

-p interaction mode

-P n the maximum number of threads allowed is n

-s [size] sets the maximum number of bytes for passing parameters (less than 131072 bytes)

The maximum length set by-x is greater than-s ends the execution of xargs command

Xargs command usage

Xargs is used as a replacement tool to read the input data and reformat the output.

Define a test file with multiple lines of text data:

Cat test.txt a b c d e f g h i j k l m n o p q r st u v w x y z

Multi-line input single-line output:

Cat test.txt | xargs a b c d e f g h i j k l m n o p q r st u v w x y z

-n option multi-line output:

Cat test.txt | xargs-n3 a b c d e f g h i j k l m n o p q r st u v w x y z

The-d option allows you to customize a delimiter:

Echo "nameXnameXnameXname" | xargs-dX

Name name name name

Use in conjunction with the-n option:

Echo "nameXnameXnameXname" | xargs-dX-N2

Name name

Name name

Read the stdin and pass the formatted parameters to the command

Suppose a command is sk.sh and a file arg.txt that saves parameters:

The contents of the #! / bin/bash # sk.sh command to print out all parameters. Echo $* arg.txt file content: cat arg.txt aaa bbb ccc

An option for xargs,-I, uses-I to specify a replacement string {}, which is replaced when xargs is extended. When-I is used in conjunction with xargs, each parameter command is executed once:

Cat arg.txt | xargs-I {}. / sk.sh-p {}-l-p aaa-l-p bbb-l-p ccc-l

Copy all the image files to the / data/p_w_picpaths directory:

Ls * .jpg | xargs-N1-I cp {} / data/p_w_picpaths

Xargs is used in conjunction with find

When you delete too many files with rm, you may get an error message: / bin/rm Argument list too long. Use xargs to avoid this problem:

Find. -type f-name "* .log"-print0 | xargs-0 rm-f

Xargs-0 uses\ 0 as the delimiter.

Count the lines of all php files in a source code directory:

Find. -type f-name "* .php"-print0 | xargs-0 wc-l

Find all the jpg files and compress them:

Find. -type f-name "* .jpg"-print | xargs tar-czvf p_w_picpaths.tar.gz xargs

Other applications if you have a file that contains a lot of URL you want to download, you can use xargs to download all the links:

Cat url-list.txt | xargs wget-c

Sub-Shell (Subshells) starts another command interpreter when running a shell script, as if your commands were interpreted at the command line prompt, similar to a series of commands in a batch file. Each shell script runs effectively in a child process of the parent shell (parent shell). The parent shell is the process that gives you command indicators in a control terminal or in a xterm window.

Cmd1 | (cmd2; cmd3; cmd4) | cmd5

If cmd2 is cd /, then the working directory of the child Shell will be changed, which is limited to the sub-shell, and cmd5 is completely unaware of the change in the working directory.

The child shell is a sequence of commands embedded in parentheses (), and the variables defined within the child Shell are local variables. The child shell can be used to set temporary environment variables for a set of commands:

COMMAND1

COMMAND2

COMMAND3

(

IFS=:

PATH=/bin

Unset TERMINFO

Set-C

Shift 5

COMMAND4

COMMAND5

Exit 3 # just exits from the child shell.

)

# the parent shell is not affected, and the value of the variable is not changed.

COMMAND6

COMMAND7

Example of the exercise:

Accurately find the corresponding file name file

[root@localhost ~] # find / etc-name "passwd" / etc/passwd/etc/pam.d/passwd

Match based on file or regular expression

Lists all files and folders in the current directory and subdirectories

Find.

Look for file names ending in .txt in the / home directory

Find / home-name "* .txt"

Same as above, but ignore case

Find / home-iname "* .txt"

Find all files ending in .txt and .pdf in the current directory and subdirectories

Find. \ (- name "* .txt"-o-name "* .pdf"\) or find. -name "* .txt"-o-name "* .pdf"

Match file path or file

Find / usr/-path "* local*"

Matching file paths based on regular expressions

Find. -regex ". *\ (\ .txt\ |\ .pdf\) $"

Same as above, but ignore case

Find. -iregex ". *\ (\ .txt\ |\ .pdf\) $"

Negative parameter to find files under / home that do not end in .txt

Find / home!-name "* .txt"

Search by file type

Find. -type type parameter

Type parameter list:

F ordinary file

L symbolic connection

D directory

C character device

B block equipment

S socket

P FIFO

The downward maximum depth limit for directory-based depth search is 3

Find. -maxdepth 3-type f

Search for all files with a depth of at least 2 subdirectories from the current directory

Find. -mindepth 2-type f

Search based on file timestamp

Find. -type f timestamp

The UNIX/Linux file system has three timestamps for each file:

Access time (- atime/ days,-amin/ minutes): the last time the user visited.

Modification time (- mtime/ days,-mmin/ minutes): the last time the file was modified.

Change time (- ctime/ days,-cmin/ minutes): the last time the file data element (such as permissions, etc.) was modified.

Search for all files accessed in the last seven days

Find. -type f-atime-7

Search for all files that were accessed exactly seven days ago

Find. -type f-atime 7

Search all files that have been accessed in more than seven days

Find. -type f-atime + 7

Search all files that have been accessed for more than 10 minutes

Find. -type f-amin + 10

Find all the files that take longer to modify than file.log

Find. -type f-newer file.log

Match based on file size

Find. -type f-size file size unit

File size unit:

B-block (512 bytes)

C-byte

W-word (2 bytes)

K-kilobytes

M-megabytes

G-gigabyte

Search for files greater than 10KB

Find. -type f-size + 10k

Search for files less than 10KB

Find. -type f-size-10k

Search for files equal to 10KB

Find. -type f-size 10k

Delete matching file

Delete all .txt files in the current directory

Find. -type f-name "* .txt"-delete

Search for files with permissions of 777 under the current directory according to file permissions / ownership

Find. -type f-perm 777

Find out the php files in the current directory whose permissions are not 644.

Find. -type f-name "* .php"!-perm 644

Find out all the files owned by the current directory user tom

Find. -type f-user tom

Find out all the files owned by the current directory user group sunk

Find. -type f-group sunk

Use the-exec option in conjunction with other commands to find all root files in the current directory and change ownership to user tom

Find.-type f-user root-exec chown tom {}\

In the above example, {} is used in conjunction with the-exec option to match all files, which is then replaced with the appropriate file name.

Find all the .txt files in your home directory and delete them

Find $HOME/. -name "* .txt"-ok rm {}\

In the above example, the-ok behavior is the same as the-exec behavior, but it gives a hint as to whether to perform the appropriate action.

Find all .txt files in the current directory and splice them together and write them to the all.txt file

Find. -type f-name "* .txt"-exec cat {}\; > all.txt

Move the .log file from 30 days ago to the old directory

Find. -type f-mtime + 30-name "* .log"-exec cp {} old\

Find all the .txt files in the current directory and print them in the form of "File: file name"

Find. -type f-name "* .txt"-exec printf "File:% s\ n" {}\

Because multiple commands cannot be used in the-exec parameter in a single-line command, the following method allows you to accept multiple commands after-exec-exec. / text.sh {}\; search but jump out of the specified directory to find all .txt files in the current directory or subdirectory, but skip the subdirectory sk

Find. -path ". / sk"-prune-o-name "* .txt"-print

Find collection of other techniques

To list all files with zero length

Find. -empty

2. Homework exercises:

1. Find all the files under the / var directory whose master is root and whose group is mail.

[root@localhost] # find / var-user root-group mail/var/spool/mail/var/spool/mail/root

2. Find all the files in the / var directory that do not belong to root, lp or gdm

Find / var-not\ (- user root-o-user lp-o-user gdm\)

3. Find files whose contents have been modified in the last week in the / var directory, and the owner is neither root nor postfix.

Find / var-mtime-7-not\ (- user root-a-user postfi\)

4. Find files that have no owners or groups on the current system and have been accessed in the most recent week

Find /-atime-7-not\ (- nouser-a-nogroup\)

5. Find all files in the / etc directory that are larger than 1m and whose types are ordinary files

Find / etc\ (- size + 1m-type f\)-ls

6. Find files in the / etc directory that all users do not have write permission to

Find / etc-not-perm / 222-ls

7. Find at least one class of files in the / etc directory that the user does not have the right to execute.

Find / etc-not-perm-111111-ls

8. Find files under the / etc/init.d directory where all users have execute permission and other users have write permission

Find / etc/init.d/-perm-111-perm / 002-ls

9. Find all the files under the / tmp directory that are mainly non-root

[root@localhost ~] # find / tmp!-user root [root@localhost ~] # find / tmp-not-user root

10. Find the files in the / tmp directory that do not contain the fstab string in the file name

[root@localhost ~] # find / tmp!-iname "* fstab*" [root@localhost ~] # find / tmp-not-iname "* fstab*"

11. Find files under the / tmp directory that are mainly non-root and do not contain a fstab string in the file name

Find / tmp!-user root!-iname "* fstab*" find / tmp!-user root-a!-iname "* fstab*" find / tmp-not-user root-a-not-iname "* fstab*" find / tmp!\ (- user root-o-not-iname\) "* fstab*" find / tmp-not\ (- user root-o-not-iname\) "* fstab*"

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.