Using find command in Linux/Unix
find is one of the unix power tools that searches for files within a directory hiererchy . It is a delight for Sys Admin and provides lots of options to refine our search.
Using find command :
Simple executing find in the current directory will give a full listing of all files in the current directory and all subdirectories including hidden files:
$find
The syntax of find is as follows
find [path...] [expression]
path: the directory under which search is performed
expression: expression is made of options , tests based on which find will perform its search operation. We can also perform some action based on the results of our search
Some of the useful options are:
-name: To find based on file name
-perm: To find based on file permission . We can also add [+|-] sign with -perm mode to refine our search more . If the perm option is preceded by a `-(minus)` sign, then it searches for files wherein atleast all of the bits in the mode are set in the file's mode bits. If preceded by a `+(plus)` sign, it will search for files if any of the bits in the mode are set in the file's mode bits .
-type: To find based on file type . Some of the file types are: f-regular file ,
d-directory, l-symbolic link , s-socket etc
-mtime : To find files based on file modification time
-user : To find files based on file ownership
-prune : To find files omitting the directory
Some of the Actions are:
-exec : with the -exec action , we can specify any command to perform any action on the search results
-ok : same as -exec but will ask for a prior confirmation before executing the command.
Examples of find command
Let's now put some of the options in demonstration. We will start with a simple example
$$ Using find to search files based on file name :
Suppose I want to identify all files starting with name 'vsftpd' under /etc directory
$ sudo find /etc/ -name vsftpd.\* -print
/etc/vsftpd.conf
/etc/log.d/conf/services/vsftpd.conf
/etc/log.d/conf/logfiles/vsftpd.conf
/etc/vsftpd/vsftpd.conf
If we are using wildcard character in the search pattern , then we need to put the search string in quotes, or precede it with a backslash so that the shell does not interpret it.
$$ Using find to search files based on file permission:
To identify files having rwx permission for all
$ sudo find /etc/ -type f -perm 777 | xargs ls -l
-rwxrwxrwx 1 root root 0 Oct 30 11:16 /etc/test
Let's see another example to identify all files having rwx for world.
$ sudo find /etc/ -type f -perm -o=rwx | xargs ls -l
-rwxrwxrwx 1 root root 0 Oct 30 11:16 /etc/test
$ find /bin/ /usr/bin/ -type f -perm -4000 -exec ls -l {} \;
-rwsr-xr-x 1 root wheel 85536 Mar 5 2008 /bin//ps
-r-sr-xr-x 1 root wheel 56208 Nov 29 2007 /bin//rcp
-r-sr-xr-x 1 root wheel 69552 Apr 9 2008 /usr/bin//at
-r-sr-xr-x 1 root wheel 69552 Apr 9 2008 /usr/bin//atq
The ` -' sign before the permission mode of 4000 tells to identify files with the SUID bit set, regardless of what other permissions are set.
$$ Using find to search for files within a particular directory but omitting a subdirectory within it.
In this example , we will try to search files named 'vsftpd.conf' under /etc directory but omitting the '/etc/log.d' subdirectory within it.
$sudo find /etc/ -path '/etc/log.d' -prune -o -name vsftpd.conf -print
/etc/vsftpd.conf
/etc/vsftpd/vsftpd.conf
$$ To identify files based on their modification time
Let's try to identify files which are modified in the last two days.
$ sudo find /var/log/ -type f -mtime -3 -name messages\* | xargs ls -l
-rw------- 1 root root 16928 Oct 27 15:22 /var/log/messages
-rw------- 1 root root 53282 Oct 25 04:02 /var/log/messages.1
Let's see another example to identify files which have not been modified for the last three days.
$ sudo find /var/log/ -type f -mtime +3 -name messages\* | xargs ls -l
-rw------- 1 root root 67603 Oct 18 04:02 /var/log/messages.2
-rw------- 1 root root 56208 Oct 11 04:02 /var/log/messages.3
-rw------- 1 root root 52016 Oct 4 04:02 /var/log/messages.4
$$ Identify files based on file ownership.
Suppose you are doing an auditing of your system and as a part of that you want to identify all files which are not own by the root user under /etc . In that case , we can use the 'user' option with find command.
$ sudo find /etc/ ! -user root | xargs ls -l
-rw-r--r-- 1 amanda disk 500 Jun 29 2004 /etc/amanda/crontab.sample
-rw-r--r-- 1 amanda disk 17638 Jun 29 2004 /etc/amanda/DailySet1/amanda.conf
-rw-r--r-- 1 amanda disk 2099 Jun 29 2004 /etc/amanda/DailySet1/disklist
-rw-r--r-- 1 amanda disk 0 Jun 29 2004 /etc/amandates
Performing actions on the search results of find command
We can also use use find command to execute some command like copy , remove etc on our search result . For this , find provides two options like -exec and -ok . We will see now how to use these actions .
$$ To do a long listing after searching for files with rwx permission for world
$ sudo find /etc -type f -perm -o=rwx -exec ls -l {} \;
-rw-r--rwx 1 root root 0 Oct 30 11:53 /etc/test.conf
-rw-r--rwx 1 root root 0 Oct 30 11:53 /etc/test
$$ To remove all files which are having rwx permission for world under /etc directory
$ sudo find /etc -type f -perm -o=rwx -exec rm {} \;
$$ To remove all files which are having rwx permission for world under /etc directory with prompting us before executing the command.
$ sudo find /etc -type f -perm -o=rwx -ok rm {} \;
< rm ... /etc/test.conf > ? y
< rm ... /etc/test > ? y
Conclusion:
Thus we had seen using find command with some of the widely used options . It is a very powerful command and lots of other options to refine our search. It is worth spending some time to go through the manual pages.
Using find command :
Simple executing find in the current directory will give a full listing of all files in the current directory and all subdirectories including hidden files:
$find
The syntax of find is as follows
find [path...] [expression]
path: the directory under which search is performed
expression: expression is made of options , tests based on which find will perform its search operation. We can also perform some action based on the results of our search
Some of the useful options are:
-name: To find based on file name
-perm: To find based on file permission . We can also add [+|-] sign with -perm mode to refine our search more . If the perm option is preceded by a `-(minus)` sign, then it searches for files wherein atleast all of the bits in the mode are set in the file's mode bits. If preceded by a `+(plus)` sign, it will search for files if any of the bits in the mode are set in the file's mode bits .
-type: To find based on file type . Some of the file types are: f-regular file ,
d-directory, l-symbolic link , s-socket etc
-mtime : To find files based on file modification time
-user : To find files based on file ownership
-prune : To find files omitting the directory
Some of the Actions are:
-exec : with the -exec action , we can specify any command to perform any action on the search results
-ok : same as -exec but will ask for a prior confirmation before executing the command.
Examples of find command
Let's now put some of the options in demonstration. We will start with a simple example
$$ Using find to search files based on file name :
Suppose I want to identify all files starting with name 'vsftpd' under /etc directory
$ sudo find /etc/ -name vsftpd.\* -print
/etc/vsftpd.conf
/etc/log.d/conf/services/vsftpd.conf
/etc/log.d/conf/logfiles/vsftpd.conf
/etc/vsftpd/vsftpd.conf
If we are using wildcard character in the search pattern , then we need to put the search string in quotes, or precede it with a backslash so that the shell does not interpret it.
$$ Using find to search files based on file permission:
To identify files having rwx permission for all
$ sudo find /etc/ -type f -perm 777 | xargs ls -l
-rwxrwxrwx 1 root root 0 Oct 30 11:16 /etc/test
Let's see another example to identify all files having rwx for world.
$ sudo find /etc/ -type f -perm -o=rwx | xargs ls -l
-rwxrwxrwx 1 root root 0 Oct 30 11:16 /etc/test
To identify files which are having SUID bit set .
$ find /bin/ /usr/bin/ -type f -perm -4000 -exec ls -l {} \;
-rwsr-xr-x 1 root wheel 85536 Mar 5 2008 /bin//ps
-r-sr-xr-x 1 root wheel 56208 Nov 29 2007 /bin//rcp
-r-sr-xr-x 1 root wheel 69552 Apr 9 2008 /usr/bin//at
-r-sr-xr-x 1 root wheel 69552 Apr 9 2008 /usr/bin//atq
The ` -' sign before the permission mode of 4000 tells to identify files with the SUID bit set, regardless of what other permissions are set.
$$ Using find to search for files within a particular directory but omitting a subdirectory within it.
In this example , we will try to search files named 'vsftpd.conf' under /etc directory but omitting the '/etc/log.d' subdirectory within it.
$sudo find /etc/ -path '/etc/log.d' -prune -o -name vsftpd.conf -print
/etc/vsftpd.conf
/etc/vsftpd/vsftpd.conf
$$ To identify files based on their modification time
Let's try to identify files which are modified in the last two days.
$ sudo find /var/log/ -type f -mtime -3 -name messages\* | xargs ls -l
-rw------- 1 root root 16928 Oct 27 15:22 /var/log/messages
-rw------- 1 root root 53282 Oct 25 04:02 /var/log/messages.1
Let's see another example to identify files which have not been modified for the last three days.
$ sudo find /var/log/ -type f -mtime +3 -name messages\* | xargs ls -l
-rw------- 1 root root 67603 Oct 18 04:02 /var/log/messages.2
-rw------- 1 root root 56208 Oct 11 04:02 /var/log/messages.3
-rw------- 1 root root 52016 Oct 4 04:02 /var/log/messages.4
$$ Identify files based on file ownership.
Suppose you are doing an auditing of your system and as a part of that you want to identify all files which are not own by the root user under /etc . In that case , we can use the 'user' option with find command.
$ sudo find /etc/ ! -user root | xargs ls -l
-rw-r--r-- 1 amanda disk 500 Jun 29 2004 /etc/amanda/crontab.sample
-rw-r--r-- 1 amanda disk 17638 Jun 29 2004 /etc/amanda/DailySet1/amanda.conf
-rw-r--r-- 1 amanda disk 2099 Jun 29 2004 /etc/amanda/DailySet1/disklist
-rw-r--r-- 1 amanda disk 0 Jun 29 2004 /etc/amandates
Performing actions on the search results of find command
We can also use use find command to execute some command like copy , remove etc on our search result . For this , find provides two options like -exec and -ok . We will see now how to use these actions .
$$ To do a long listing after searching for files with rwx permission for world
$ sudo find /etc -type f -perm -o=rwx -exec ls -l {} \;
-rw-r--rwx 1 root root 0 Oct 30 11:53 /etc/test.conf
-rw-r--rwx 1 root root 0 Oct 30 11:53 /etc/test
$$ To remove all files which are having rwx permission for world under /etc directory
$ sudo find /etc -type f -perm -o=rwx -exec rm {} \;
$$ To remove all files which are having rwx permission for world under /etc directory with prompting us before executing the command.
$ sudo find /etc -type f -perm -o=rwx -ok rm {} \;
< rm ... /etc/test.conf > ? y
< rm ... /etc/test > ? y
Conclusion:
Thus we had seen using find command with some of the widely used options . It is a very powerful command and lots of other options to refine our search. It is worth spending some time to go through the manual pages.
Comments
It seems 토토 배너 as if you're in the middle of replica air jordan 18 retro men a sea of air jordan 18 retro yellow discount gambling, and you're seeing gambling games all over the air jordan 18 retro men blue great site world. air jordan 18 retro men red online store In this review, we take a look at