Linux System Find command detailed

Source: Internet
Author: User

Find Command

– Purpose: Used to find files or directories

– format: Find [ look in ] [ find Criteria ]

Common search criteria

– -name : Find by file name

– -size : Find by File size

– -user : Search by file owner

– -type : Find by File type

– -print : To \ n Print a file (path) for a newline character

Advanced Find Criteria

– -perm : Search by Permissions

– - CTime ( - Cmin ): Find by File creation time (in days)

– - ( - ): Find by Access time

– - Mtime ( - Mmin ): Modify Time Lookup

– -newer : Find files that are newer than the specified file

– -delete : Delete a file that satisfies the search criteria

– ! : Take counter action

– -exec : Find and then perform an action

Operation Combat:

Look for the file named Core in the/tmp directory and delete it.
A core file is a temporary file generated by some applications that consumes storage space for a long time.
In addition, the malicious hacker may use this file to cause damage to the system. The command is as follows:
Find/tmp-name Core-type F-print |xargs/bin/rm-f

There are such commands in the system that the normal user is replaced with root at run time.
This type of command should be effectively managed to prevent hackers from adding such commands to certain dangerous commands.
Our approach is to find these commands and save them to the/root/suid.txt file, and check them regularly.
The command is as follows:
Find/\ (-perm-4000-fprintf/root/suid.txt '% #m%u%p\n ' \)

Find files larger than 100M in the entire system and save them in the/root/big.txt file.
The command is as follows:
Find/\ (-size +100m-fprintf/root/big.txt ' $-10s%p\n ' \)

In the current directory, look for files that have write permissions for users and their groups, with the following command:
Find. -perm-g+w,u+w

Find directories with Write permissions for users and groups throughout the system and save the name, user, and permissions of the directory to the Wdir file.
The command is as follows:
Find/\ (-perm-u+w,g+w-type d-fprintf/root/wdir '%m%u%p\n ' \)

Find a directory that can be written by anyone in the entire system, and save the name, user, and permissions of the directory to the Wdir file in a newline style. The command is as follows:
Find/\ (-perm-o+w-type d-fprintf/root/wdir '%m%u%p\n ' \)

Finds all files and directories in the current directory that read and write permissions but do not have permission to execute. The command is as follows:
Find. -perm-a+r-perm/a+w! -perm/a+x

Find supports variables that look for files that have been modified within 24 hours of the $home variable directory. The command is as follows:
Find $HOME-mtime 0

Find files in the current directory and view their file types. The command is as follows:
Find. -type f-exec file ' {} ';

This article is from the blog, "to work well with the good system", make sure to keep this source http://stlong.blog.51cto.com/5144113/1426544

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.