The Find command on Linux is detailed

1. Introduction of the command:

The Find command is used to locate files under the specified directory. Any string that precedes the parameter will be treated as the name of the directory you want to find. If you use this command without setting any parameters, the Find command looks for subdirectories and files under the current directory. and displays all the subdirectories and files that are found.

In contrast to locate, find is a real-time lookup tool that completes file lookups by traversing the file system hierarchy under the specified starting path.

Locate command use: http://afterdawn.blog.51cto.com/7503144/1856664

Operating characteristics:

The speed is slightly slow;

Accurate search;

Real-time search;

2. Usage:

find [OPTION] ... [Find Path] [Search Criteria] [Handling Action]
Find path : Specify a specific target path; defaults to the current directory
Search Criteria: Specifies the criteria for finding criteria, such as file name, size, type, permissions, etc., by default to find all files under the specified path
Handling Actions : Perform actions on eligible files, output to screen by default

2.1 [Find Path]

Do not enter the directory that represents the current directory, generally specify the lookup

Find/etc *.conf #查找etc目录下所有以. conf is the suffix of the file find A.txt #只查找当前目录下的a. txt, and does not look up subdirectories for find. A.txt #查找当前目录和当前目录下的子目录的a. txt

2.2 [Find conditions]

Search by file name

-name "file name": Support using glob*,?, [], [^]
-iname "file name": Letter case insensitive

-regex pattern: Finds a file based on a regular expression pattern, which matches the entire path, not its name;

Use Demo:

[[email protected] a]# Touch Name.txt[[email protected] a]# find. -name Name.txt./name.txt[[email protected] a]# find. -name Name.txt[[email protected] a]# find. -iname Name.txt./name.txt[[email protected] a]# find. -name Name.*./name.txt

Find based on file affiliation:

-user USERNAME: Find files that belong to the specified user (UID)
-group GRPNAME: Finding files that belong to a specified group (GID)
-uid UserID: Find the file that belongs to the specified UID number
-gid GroupID: Finding files with a specified GID number for the genus Group
-nouser: Finding files that are not owned by the master

-nogroup: Finding files that are not owned by a group

Use Demo:

[[email protected] tmp]# find. -user Centos[[email protected] tmp]# find. ! -user CentOS

Find by file type:

-type Type:
F: Normal file
D: Catalog file
L: Symbolic Link file
S: Socket file
B: Block device files
C: Character device file

P: Pipeline File

Use Demo:

[[email protected] tmp]# find. -type F[[email protected] tmp]# find. -type D

Combination test:

With:-A, default combination logic;
Or:-O

Non:-not,!

Use Demo:

[[email protected] tmp]# find . -type d  -a -user root[[email protected] tmp]# find . -type d -o  -user root[[email protected] tmp]# find . -not -user root - Ls[[email protected] tmp]# find . ! -user root -ls 

Exercise: 1. Find all files in the/tmp directory that are not root; [[email protected] tmp]# find. -not-user root-type f-ls[[email protected] tmp]# find. ! -user Root-type f-ls2, find the file name in the/tmp directory that does not contain the fstab string; [[email protected] tmp]# find. -type f! -name *fstab*3, find out the/tmp directory subordinate main is non-root, and the file name does not contain fstab string files; [[email protected] tmp]# find. -not-user root-a-not-name *fstab*[[email protected] tmp]# find.  ! -user root-a! -name *fstab*

Find by File Size:

-size [+|-] #UNIT
Common units: K, M, G

For example: find/var-type-f-size +10k Find files above 10k in/var directory

Use demo :

Search for files that are currently larger than 10k find. -type f-size +10k Search for files currently equal to 10k find. -type F-size 10k Searches the current directory for files smaller than 10k find. -type f-size-10k

Find by Time stamp:

There are three timestamps for each file in the Linux file system:
access Time (-atime/days,-amin/minutes):User last access time;
modification Time (-mtime/days,-mmin/minutes):The last time the file was modified;
Change Time (-ctime/days,-cmin/minutes):file data elements (such as permissions, etc.) the last modification time;

Search all files that have been accessed in the current directory for the last seven days find. -type f-atime-7 Search All files that were visited in the current directory 7 days ago find. -type f-atime +7 Search the directory where the current directory was accessed 7 days ago find. -type D-atime 7 Find all the files in the current directory that are longer than the File.log modification time find. -type F-newer File.log

Search by permissions:

-perm [/|-]mode
Mode: precise permission matching;
/mode: Any one (r,w,x) of the permissions of any class of users (U,g,o) is satisfied with the condition;
There is a "or" relationship between 9-bit permissions;
-mode: Each class of users (U,g,o) in the permissions of each bit (r,w,x) at the same time meet the condition is satisfied;
There is a "and" relationship between 9-bit permissions;
Find-perm 755 matches a file with a permission pattern of exactly 755
As long as any person has write permission, Find-perm +222 will match
find-perm-222 matches only when everyone has permission to write

FIND-PERM-002 matches only if other people (other) have write permissions

Use Demo:

Search for files with the current directory permission of 777 find. -type F-perm 777 Find the current directory permission is not a PHP file of 644 find. -type f-a! -perm 644-a-name "*.php"

2.3 [Handling Action]

-print: Output to standard output, default action;
-ls: Similar to the "ls-l" command for the found file, the output file details;
-delete: Delete the found file;
-fls/path/to/somefile: Saves the long format information of all files found to the specified file;
-ok command {} \;: Executes commands for each file found, and each operation needs to be confirmed;
-exec command {} \;: Executes commands for each file that is found;
#注意: {}: Used to refer to the file name itself, followed by \; is a fixed usage;
Note: Find passes the file path found to the following command, it is first to find out all eligible file paths, and one-time pass to the following command;
However, some commands cannot accept too long arguments, at which point the command execution fails, and another way to circumvent this problem:
Find | Xargs COMMAND

Use Demo:

Back up the current directory with a. conf suffix and the. bak+ current date as the suffix find-type f-name "*.conf"-exec cp {} {}. ' date + '%f%h:%m:%s ' \;  Look for a question file that has been in the current directory for more than 3 days and that belongs to the group root and delete find. -type f-ctime +3-user root-ok rm {} \; Look for files that other users have write permissions in their home directory and remove other users ' write permissions from find./-type f-perm-002-exec chmod o-w {} \ ;

Practice:

1. Find the main root of the/var directory and all files or directories belonging to the group Mail; ~]# find /var -user root -a -group mail  -LS2, find all files or directories that do not belong to Root, bin or Hadoop under the/usr directory; in two ways;~]# find /usr -not -user  Root -a -not -user bin -a -not -user hadoop~]# find /usr  -not \ ( -user root -o -user bin -o -user hadoop \)  -LS3, find in/etc directory in the last week, its content has been modified, and the owner is not the root user is not a Hadoop user file or directory;~]# find /etc -mtime -7  -a -not \ ( -user root -o -user hadoop \)  -ls~]# find / etc -mtime -7 -a -not -user root -a -not -user hadoop - LS4, finding files or directories that are not owned or owned by the current system and have been visited in the last week; ~]# find  /  \ ( -nouser -o - nogroup \)   -atime  -7  -ls5, find all files that are larger than 1M in the/etc directory and are of type normal file;~]# find  /etc -size +1m&nBsp;-type f -exec ls -lh {} \;6, find files in/etc directory where all users do not have write permission; ~]# find /etc  -NOT -PERM /222 -TYPE F -LS7, find/etc directory at least one class of users do not have permission to execute files; ~]# find /etc  -NOT -PERM -111 -TYPE F -LS8, find/etc/init.d/directory, all users have execute permission, and other users have write permission to all files; ~]#  find /etc -perm -113 -type f -ls

This article is from the "Wang Liming" blog, make sure to keep this source http://afterdawn.blog.51cto.com/7503144/1856660

The Find command on Linux is detailed