Shulou(Shulou.com)06/01 Report--

File search under Linux system

1 、 which

(1) function: used to find and display the absolute path of a given command

(2) Syntax: which (option) (parameter)

(3) case:

[root@localhost ~] # which cd # find the path of the cd command

/ usr/bin/cd

[root@localhost ~] # which cp # find the path of the cp command

Alias cp='cp-i'

/ usr/bin/cp

2 、 whereis

(1) function: to locate the path of the instruction binaries, source code files, man man pages and other related files.

(2) Syntax: whereis (option) (parameter)

(3) case:

[root@dayi123 ~] # whereis passwd

Passwd: / usr/bin/passwd / etc/passwd / usr/share/man/man1/passwd.1.gz

[root@dayi123 ~] # whereis shutdown

Shutdown: / usr/sbin/shutdown / usr/share/man/man8/shutdown.8.gz

3 、 locate

(1) function: to find a file or directory

(2) search principle: according to the pre-built file index database on the system, the search file depends on the pre-built index. The index construction is carried out automatically when the system is idle (periodic task) or the administrator updates the database manually (updatedb). The index construction process needs to traverse the entire root file system, which consumes resources.

(3) work characteristics: fast search speed, fuzzy search, non-real-time search, search the full path of the file, not only the file name, but only the directory where the user has read and execute permissions.

(4) Syntax: locate (option) (parameter)

Parameter:-I perform a case-sensitive search

-n N enumerates only the first N matching items

(5) case:

[root@dayi123 ~] # locate install.log # find install.log file

/ root/install.log

/ root/install.log.syslog

[root@dayi123 ~] # locate-n 6 * .sh # looks for files at the end of .sh and only shows the first six

/ etc/acpi/actions/power.sh

/ etc/bash_completion.d/gdbus-bash-completion.sh

/ etc/dhcp/dhclient.d/ntp.sh

/ etc/profile.d/colorls.sh

/ etc/profile.d/glib2.sh

/ etc/profile.d/lang.sh

(6) Update the database: updatedb

Locate can not find the newly created file. You need to follow the new database before you can find it.

[root@dayi123 ~] # touch dayi123.html

[root@dayi123 ~] # locate dayi123.html # cannot find the newly created file

[root@dayi123 ~] # updatedb # Update the database

[root@dayi123 ~] # locate dayi123.html # updates the database before you can find the new file normally

/ root/dayi123.html

4 、 find

(1) function: real-time search tool to complete file search by traversing the specified path

(2) grammar: find [OPTION]. [search path] [search condition] [processing action]

Find path: specify a specific target path; default is the current directory

Search criteria: the specified search criteria, which can be file name, size, type,

Permissions and other standards; the default is to find all files under the specified path

Processing action: operate on files that meet the criteria, and output to the screen by default

(3) search conditions:

1) search based on file name and inode:

Condition:-name "File name": support the use of *,?, [], [^]

-iname "file name": case-insensitive

-inum n search by inode number

-samefile name files with the same inode number

-links n Files with n links

-regex "PATTERN": matches the entire file path string with PATTERN, not just the file name

[root@dayi123] # find. -name dayi123.html # find the file under the current directory named dayi123.html file

. / dayi123.html

[root@dayi123] # find. -inum 140370 # find the file with inode number 140370 in the current directory

. / 1.txt

[root@dayi123] # find. -links 2 # find files with 2 links in the current directory

. / dayi123

. / .ssh

2) search according to the owner and group:

Condition:-user USERNAME: find the file whose owner is the specified user (UID)

-group GRPNAME: find files that belong to the specified group (GID)

-uid UserID: find the file whose owner is the specified UID number

-gid GroupID: find files with the specified GID number in the group

-nouser: find files without owners

-nogroup: find files that do not belong to a group

[root@dayi123 ~] # find / home/-user dayi123 # find the file whose owner is dayi123

/ home/dayi123

/ home/dayi123/.bashrc

/ home/dayi123/.bash_profile

/ home/dayi123/.bash_logout

/ var/spool/mail/dayi123

[root@dayi123 ~] # find / home/-group hehe # find files with group hehe

/ home/hehe

/ home/hehe/.bashrc

/ home/hehe/.bash_profile

/ home/hehe/.bash_logout

[root@dayi123 ~] # userdel hehe

[root@dayi123 ~] # find. /-nourser

Find: unknown predicate `- nourser'

[root@dayi123 ~] # find. /-nouser # find files that do not belong to a group

. / hehe.log

3) find it according to the file type:

Condition:-type TYPE:

F: ordinary files

D: catalog file

L: symbolic link file

S: socket file

B: block device file

C: character device file

P: pipe fil

[root@dayi123] # find. -type f # find the files in the current directory

. / .bashrc

. / 1.txt

. / .viminfo

. / .bash _ profile

. / dayi123.html

. / install.log

……

[root@dayi123 ~] # find / bin/-type f # find the linked files in the / bin/ directory

/ bin/taskset

/ bin/ipcalc

/ bin/gunzip

/ bin/uname

……

4) find it according to the file size:

Condition:-size [+ | -] # UNIT

Common units: K, M, G

[root@dayi123 ~] # find / etc/sysconfig/-size + 5k # find files greater than 5k under / etc/sysconfig/

/ etc/sysconfig/sysstat.ioconf

/ etc/sysconfig/network-scripts/ifup-eth

……

[root@dayi123 ~] # find / etc/sysconfig/-size-4k# find files less than 4k under / etc/sysconfig/

/ etc/sysconfig/grub

/ etc/sysconfig/ntpdate

/ etc/sysconfig/readahead

……

5) search based on time (according to timestamp):

In terms of "days"

-atime [+ | -] #, file access time

-mtime [+ | -] #, file modification time

-ctime [+ | -] #, time when the file attribute is changed

In minutes:

-amin

-mmin

-cmin

[root@dayi123 ~] # find / home/-mtime + 9 # find files whose contents were modified 9 days ago

/ home/dayi123/.bashrc

/ home/dayi123/.bash_profile

/ home/dayi123/.bash_logout

[root@dayi123 ~] # find / etc/sysconfig/-mtime-7 # find files that have been modified within 7 days

/ etc/sysconfig/

/ etc/sysconfig/grub

/ etc/sysconfig/keyboard

/ etc/sysconfig/cbq

/ etc/sysconfig/i18n

[root@dayi123 ~] # find / etc/sysconfig/-mtime 6 # files that have been modified up to the sixth day before today

/ etc/selinux/targeted/modules/active/modules/firewallgui.pp

/ etc/selinux/targeted/modules/active/modules/inn.pp

6) search based on permissions:

Condition:-perm [/ | -] MODE

MODE: exact permission matching

/ | + MODE: only one of the permissions of any kind of object can match, or relationship, centos 6-bit +, centos7 is /

-MODE: each type of object must have the specified permissions at the same time.

Usage instructions:

Find-perm 755 will match files whose permission mode happens to be 755

As long as anyone has write permission, find-perm + | / 222 will match.

Find-perm-222will match only if everyone has write permission.

Find-perm-002will match only if someone else (other) has write permission.

[root@dayi123 ~] # find. /-perm 755 # matches files with permissions of exactly 755

. / dayi123.txt

. / dayi.txt

. / hahl

[root@dayi123 ~] # find. /-perm-222# matches files where all users have write permission

. / test

[root@dayi123 ~] # find. /-perm / 222# matches a file in which anyone has write permission

. / .bash _ logout

. / .bash _ profile

. / .bashrc

. / .cshrc

. / .tcshrc

. / anaconda-ks.cfg

7) combination condition

Combination condition: with:-a

Or:-o

Non:-not!

V de Morgan's law:

(non-P) or (non-Q) = non (P and Q)

(non-P) and (non-Q) = non (P or Q)

[root@dayi123] # find. /-user dayi-not-group dayi

# find files whose owner is dayi and the group is not dayi

. / dayi.txt

[root@dayi123] # find-not\ (- user dayi-o-user dayi123\)

# find files whose owner is not dayi or owner is not dayi123

.

. / .bash _ logout

. / .bash _ profile

. / .bashrc

. / .cshrc

. / .tcshrc

(4) processing actions:

1)-print: default processing action, displayed to the screen

[root@dayi123] # find. /-name dayi.txt-print

. / dayi.txt

2)-ls: similar to executing the "ls-l" command on the found file

[root@dayi123] # find. /-name dayi.txt-ls

68002599 4-rwxr-xr-x 1 dayi dayi123 22 Mar 31 15:56. / dayi.txt

3)-delete: delete the found file

[root@dayi123] # find. /-name dayi.txt-delete

4)-fls file: the long format information of all files found is saved to the specified file

[root@dayi123] # find. /-name dayi123.txt-fls dayi123.log

[root@dayi123 ~] # cat dayi123.log

68002562 4-rwxr-xr-x 1 root root 17 Mar 31 13:22. / dayi123.txt

5)-ok COMMAND {}\; execute the command specified by COMMAND for each file found

The user is asked to confirm interactively before executing the command for each file

[root@dayi123 ~] # find. /-name dayi123.log-ok ls-l {}\

< ls ... ./dayi123.log >

? Y

-rw-r--r--. 1 root root 83 Apr 7 18:36. / dayi123.log

6)-exec COMMAND {}\; execute the command specified by COMMAND for each file found

{}: used to reference the found file name itself

[root@dayi123 ~] # find. /-name dayi123.log-exec ls-l {}\

-rw-r--r--. 1 root root 83 Apr 7 18:36. / dayi123.log

7) some commands cannot accept too many parameters, and command execution may fail. You can use find | xargs COMMAND to avoid this problem.

[root@dayi123 ~] # find / var/-type f | xargs ls-l

-rw-r--r--. 1 root root 64 Mar 29 06:49 / var/lib/yum/yumdb/d/1d144f3e96982fed47c4e94fde884e48172b8c3b-dbus-glib-0.100-7.el7-x86_64/checksum_data

-rw-r--r--. 322 root root 6 Mar 29 06:49 / var/lib/yum/yumdb/d/1d144f3e96982fed47c4e94fde884e48172b8c3b-dbus-glib-0.100-7.el7-x86_64/checksum_type

(5) find comprehensive case

1) find all files under the / var directory whose master is root and whose group is mail

[root@dayi123] # find / var/-user root-a-group mail

/ var/spool/mail

/ var/spool/mqueue

/ var/dayi

2) find all files in the / usr directory that do not belong to root, lp or gdm

[root@dayi123] # find / usr/-not\ (- user root-o-user lp-o-user gdm\)

/ usr/share/polkit-1/rules.d

[root@dayi123] # find / usr-not-user root-a-not-user lp-a-not-user gdm

/ usr/share/polkit-1/rules.d

3) find the files in the / var directory that have been modified in the last week, and the owner is neither root nor postfix.

[root@dayi123] # find / etc-mtime-7-a-not-user root-a-not-user postfix

[root@dayi123] # find / etc/-mtime-7-a-not\ (- user root-o-user postfix\)

4) find all files in the / etc directory that are larger than 1m and whose types are ordinary files

[root@dayi123] # find / etc/-size + 1m-a-type f

/ etc/udev/hwdb.bin

/ etc/selinux/targeted/contexts/files/file_contexts.bin

/ etc/selinux/targeted/policy/policy.29

5) find files with at least one class of users in the / etc directory that do not have execute permissions

[root@dayi123] # find / etc-not-perm-111l

34676121 12-rw-r--r-- 1 root root 8940 Apr 5 19:43 / etc/selinux/targeted/modules/active/modules/authconfig.pp

34769376 12-rw-r--r-- 1 root root 8234 Apr 5 19:43 / etc/selinux/targeted/modules/active/modules/jockey.pp

6) find files in the / etc directory that all users do not have write permission to

[root@dayi123] # find / etc-not-perm / 222-ls

33766578 196-root root 198453 Mar 29 06:44 / etc/pki/ca-trust/extracted/java/cacerts

67271661-root root 359773 Mar 29 06:44 / etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt

7) find files under the / etc/init.d directory where all users have execute permissions and other users have write permissions

[root@localhost] # find / etc/init.d/-perm-111a-perm-002

[root@localhost] # find / etc/init.d/-perm-113

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.