Linxu command and file search-which, whereis, locate, find

Linxu command and file search-which, whereis, locate, find

Linxu command and file search-which, whereis, locate, find

Which 』)

[Root @ www ~] # Which [-a] command option or parameter:-a: List all commands that can be found in the PATH directory, not just the first command name that is found. Example 1: use the root account and the general account to search for the full file name of the ifconfig Command [root @ www ~] # Which ifconfig/sbin/ifconfig <= use root to find the correct running file name! [Root @ www ~] # Su-vbird <= change your identity to vbird! [Vbird @ www ~] $ Which ifconfig/usr/bin/which: no ifconfig in (/usr/kerberos/bin:/usr/local/bin:/usr/bin: /home/vbird/bin) <= see the ghost! Generally, the ID account cannot be found! # Because which searches for runnable files based on the directories in the PATH variable configured by the user! So, # The commands found for different PATH configurations are certainly different! Because/sbin is not in the # PATH of vbird, it is a matter of course not to find it! [Vbird @ www ~] $ Exit <= Remember to switch the identity back to the original root Example 2: Use which to find out the which file name. Why? [Root @ www ~] # Which whichalias which = 'Alias |/usr/bin/which -- tty-only -- read-alias -- show-dot '/usr/bin/which # There are actually two which, one of them is alias! What is that? # This is the so-called "command alias", which means that the input of which will wait for the subsequent commands! Example 3: Find the complete file name of the cd Command [root @ www ~] # Which cd/usr/bin/which: no cd in (/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin: /usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin) # What? How can I use root to run cd without cd!

Whereis (find a specific file)

[Root @ www ~] # Whereis [-bmsu] file or directory name options and parameters:-B: Only find files in binary format-m: only find files in the manual path of the description file-s: find the source file only-u: search for other special files not in the above three projects. Example 1: use different identities to find the ifconfig file name [root @ www ~] # Whereis ifconfig:/sbin/ifconfig/usr/share/man/man8/ifconfig.8.gz [root @ www ~] # Su-vbird <= change the identity to vbird [vbird @ www ~] $ Whereis ifconfig <= find the same result! Ifconfig:/sbin/ifconfig/usr/share/man/man8/ifconfig.8.gz [vbird @ www ~] $ Exit <= return to the root account! # Note: ifconfig that is not found by which users can be found by whereis! # This is because the system actually has the ifconfig "file", but the user's PATH is not added to/sbin # So when you cannot find some commands in the future, you should first search for them using the file search command! Example 2: only find the "description file" File Name (man page) related to passwd [root @ www ~] # Whereis-m passwdpasswd:/usr/share/man/man1/passwd.1.gz/usr/share/man/man5/passwd.5.gz

Wait a moment and we will mention the find SEARCH Command. find is a powerful search command, but it takes a lot of time! (Because find is a direct search for hard disks, if your hard disk is old, hey! Yes !) At this time, whereis is quite useful! In addition, you can add options to whereis to search for relevant data. For example, if you are looking for a executable file (binary), add-B! If no option is added, all data will be listed!

So what exactly is whereis used? Why is the search speed so much faster than find? Actually, there is nothing! This is because the Linux system records all files in the system in a database file, and when whereis is used or the locate to be discussed below, the content of the database file prevails. Therefore, sometimes you will find the files that have been killed when using these two running files! You cannot find the latest file you just created! This is because these two commands are used to search for the files in the database! For more information about the database, see the following locate command.

Locate

[Root @ www ~] # Locate [-ir] keyword option and parameter:-I: case-insensitive;-r: The following can be followed by the regular expression of the display method Example 1: find all passwd-related file names in the system [root @ www ~] # Locate passwd/etc/passwd-/etc/news/passwd. nntp/etc/pam. d/passwd ...... (omitted below )....

This locate is easier to use. You can directly enter the part name of the file to obtain the result. In the preceding example, if I enter the locate passwd, passwd will be displayed in the complete file name (including the path name! This is also a convenient and easy-to-use command. If you forget the full file name ~~

However, there are limits on the use of this item! Why? You will find that using locate to search for data is extremely fast, this is because the data searched for by locate is found from the data in the "Created database/var/lib/mlocate/", so you do not need to directly access the data in the hard disk, haha! Of course it's fast!

What are the restrictions? It is because it is searched through the database, and the database creation is run once a day by default (each distribution is different, CentOS 5.x is to upgrade the database once a day !), So when the new file is still searched for before the Database Upgrade, the locate will tell you "no !』 Haha! Because you must upgrade the database!

Can I upgrade the database manually? Of course! The method for upgrading the locate database is very simple. Just enter "updatedb! The updatedb command reads the configuration file/etc/updatedb. conf, searches for the file name in the hard disk, and upgrades the entire database file! Because updatedb searches for hard disks, it may take several minutes to run updatedb!

Updatedb: Search for the file name in the system hard disk based on the/etc/updatedb. conf configuration, and upgrade the database file in/var/lib/mlocate;
Locate: locate the keyword file name entered by the user based on the database records in/var/lib/mlocate.

Find

[Root @ www ~] # Find [PATH] [option] [action] Options and parameters: 1. time-related options: Total-atime,-ctime and-mtime, with-mtime description-mtime n: n as the number, indicates a file that has been updated before n days.-mtime + n: It is listed before n days (excluding n days) name of the file whose content has been changed;-mtime-n: name of the file whose content has been changed within n days (including n days. -Newer file: file is an existing file that lists file names that are newer than file. Example 1: Change the system's previous 24 hours (mtime) file list [root @ www ~] # Find/-mtime 0 # That 0 is the key! 0 indicates the current time, so from now until 24 hours ago, # files with changed content will be listed! What if it was within 24 hours three days ago? # Find/-mtime 3 objects that have changed are listed! Example 2: Find the file under/etc. If the file date ratio is/etc/passwd, list [root @ www ~] # Find/etc-newer/etc/passwd # It is useful to use-newer to distinguish between two files!

What if I want to find the "file name that has been changed in four days? You can use "find/var-mtime-4 』. If it is the day four days ago, use find/var-mtime 4 』. Is there a big difference between "+! We can use a simple illustration to illustrate the following:

The rightmost part of the image is the current time, and the more to the left, the earlier the timeline. As shown in figure 5.2.1, we can clearly understand:

+ 4 indicates the file name that is later than 5 days ago: ex> find/var-mtime + 4
-4 indicates the file name in the last four days: ex> find/var-mtime-4
4 indicates the file name on the 4-5 day: ex> find/var-mtime 4

Options and parameters: 2. parameter Related to the user or group name:-uid n: n is a number, which is the user's account ID, that is, UID, this UID is the number corresponding to the account name in/etc/passwd. In this regard, we will introduce the fourth article. -Gid n: n is a number. This number is the ID of the group name, that is, GID. This GID is recorded in/etc/group. We will introduce the fourth part ~ -User name: name indicates the user account name! For example, dmtsai-group name: name is the group name, for example, users;-nouser: the owner of the file does not exist in/etc/passwd! -Nogroup: The owner group of the file to be searched does not exist in the/etc/group file! When you install the software on your own, it is very likely that there is no file owner in the software attributes. This is possible! At this time, you can use-nouser and-nogroup to search. Example 3: Search for vbird files under/home [root @ www ~] # Find/home-user vbird # This is also useful ~ When we want to find all the files in the system of any user, # We can use this command to find all the files belonging to a user! Example 4: Search for files not owned by anyone in the system [root @ www ~] # Find/-nouser # Use this command to easily find out abnormal files. # Do not be too nervous when you find a file that is not owned by anyone in the system. # Sometimes it is normal ~ Especially when you compile software with the original code.

Options and parameters: 3. parameters related to file permissions and names:-name filename: search for a file named filename;-size [+-] SIZE: Search larger than SIZE (+) or a small (-) file. The SIZE has the following specifications: c: represents byte, and k: represents 1024 bytes. Therefore, to find a file larger than 50 kb, it is "-size + 50 k"-type TYPE: the TYPE of the search file is type. The types include: general attributes such as regular file (f), device file (B, c), directory (d), link file (l), socket (s), and FIFO (p. -Perm mode: searches for files with the File Permission "just waiting for" mode. This mode is similar to the chmod attribute value. For example, the attribute of-rwsr-xr-x is 4755! -Perm-mode, -perm-0744 is used. When the permission of a file is-rwsr-xr-x, or 4755, it is also listed, because the attributes of-rwsr-xr-x already include the attributes of-rwxr -- r. -Perm + mode: searches for files with the File Permission "permission containing any mode". For example, if-rwxr-xr-x, that is,-perm + 755, but a file whose attribute is-rw ------- will also be listed because it has-rw .... attribute exists! Example 5: Find the file named passwd [root @ www ~] # Find/-name passwd # use this-name to search for the file name! Example 6: Find out the file name with the Socket type under the/var directory? [Root @ www ~] # Find/var-type s # This-type attribute is also very helpful! Especially find out the weird files, # For example, socket and FIFO files, you can use find/var-type p or-type s to find them! Example 7: Search for attributes in the file that contain SGID, SUID, or SBIT [root @ www ~] # Find/-perm + 7000 # the so-called 7000 is --- s -- t, so as long as the list contains s or t, # Of course, you must use + 7000, use-7000 to indicate that all three permissions containing --- s -- t are required ~

Option and parameter: 4. Additional actions:-exec command: command is another command.-exec can be followed by additional commands to process the search results. -Print: print the result to the screen. This action is the default action! Example 8: Use ls-l to list the files found in the previous example ~ [Root @ www ~] # Find/-perm + 7000-exec ls-l {}\; # note that the ls-l after-exec is an additional command. The command does not support command aliases, # So you can only use ls-l and cannot use ll! Note! Example 9: Find a file larger than 1 mb in the system [root @ www ~] # Find/-size + 1000 k # Although M and G can be used to represent MB and GB on man page, # However, this function cannot be used ~ Therefore, only c and k are supported!

In this example, the special characters include {} And \; and The-exec keyword. The meanings of these things are as follows:

{} Indicates "content found by find", as shown in. The find result is placed in the {} position;
-Exec until \; is a keyword that represents the start (-exec) to the end (\;) of the find extra action, in the middle of which is the extra action in the find command. In this example, it is "ls-l!
Because ';' has special significance in the bash environment, it uses a backslash to escape.

This article permanently updates the link address: