Common file search tools in Linux mainly include locate and find. However, because the locate tool depends on its own index database / var/lib/mlocate/mlocate.db, it is rarely used to accurately find the latest data in the cache of the database. However, its advantage is that it will not traverse all files when searching, so as to ensure that the query occupies less resources and is fast.
Only the use of the find command is described here
Introduction to find tool
The find real-time search tool completes the search by traversing the specified path
Working characteristics:
The search speed is slightly slow Exact search Real time search Rich search conditions Only directories where the user has read and execute permissions may be searched
Format:
find [OPTION]... [Find path] [Search criteria] [Processing action]
Find path: specify the specific target path; The default is the current directory
Search criteria: the specified search criteria, including file name, size, type, permission, etc; The default is to find all files in the specified path
Processing action: operate on qualified files and output to the screen by default
Specify search directory level
-maxdepth level Maximum search directory depth,The files in the specified directory are level 1 -mindepth level Minimum search directory depth
For each directory, first deal with the files in the directory, and then deal with the directory itself
-depth -d #warning: the -d option is deprecated; please use -depth instead, because the latter is a POSIX-compliant feature
Find by file name and inode
-name "File name" #glob is supported, such as: *?, [], [^], wildcards should be enclosed in double quotation marks -iname "File name" #Case insensitive -inum n #Find by inode number -samefile name #Files with the same inode number -links n #Files with n links -regex "PATTERN" #Match the entire file path with PATTERN, not the file name
Find by owner and group
-user USERNAME #Find a file whose owner is the specified user (UID) -group GRPNAME #Find files that belong to a specified group (GID) -uid UserID #Find a file whose owner is the specified UID number -gid GroupID #Find a file that belongs to the GID number specified by the group -nouser #Find files that do not belong to a master -nogroup #Find files that do not belong to a group
Find by file type
-type TYPE TYPE It can be in the following form: f: Ordinary file d: Catalog file l: Symbolic link file s: s socket b: Block device file c: Character device file p: Pipeline file
Empty file or directory
-empty
Combination condition
And:-a ,The default multiple conditions are and relationships Or:-o (The or here is the same as and) Non:-not ! virtue·Morgan's Law: (wrong A) or (wrong B) = wrong(A And B) (wrong A) And (wrong B) = wrong(A or B)
Example 1:
lookup/The subordinate primary and subordinate groups of the directory are yao Directory of [23:42:39 root@server[ yao]#find / -type d -user yao -group yao
Example 2:
lookup/Directory subordinate master is yao,Group is not yao Directory of [23:42:39 root@server[ yao]#find / -type d -user yao -not -group yao
Example 3:
lookup/Under the directory, the owner is oracle perhaps yao Directory of [23:55:21 root@server[ ~]#find / -type d -user oracle -o -user yao
Example 4:
lookup/tmp The user name in the directory is not root And the file name is not f Start file find /tmp -not \( -user root -o -name 'f*' \) –ls Spaces are required before and after parentheses
Example 5:
#Find all files with. conf suffix in / etc / except / etc/security directory [21:03:42 root@server[ ~]#find /etc/ -path '/etc/security/' -a -prune -o -name '*.conf'
Example 6:
#Find all. conf suffix files in / etc / except / etc/security and / etc / SYSTEMd and / etc / dbus-1 under / etc / [21:16:19 root@server[ ~]#find /etc/ \( -path "/etc/sst-pathem.d" -o -path "/etc/db -pathus-1" -o -path "/etc/security" \) -a -prune -o -name '*.conf'
Find by file size
-size [+|-]#UNIT #Common units: k, M, G, c (byte). Be case sensitive #UNIT: #express(#-1, #]For example, 6k means (5k,6k] -#UNIT #express[0,#-1] For example: - 6k means [0,5k] +#UNIT #express(#, ∞), for example, + 6k means (6k, ∞)
Example 1:
Find root directory greater than 10 G Directory of [21:22:50 root@server[ ~]#find / -size +10G
Find by timestamp
#In days -atime [+|-]# # #express[#,#+1) +# #express[#+1,∞] -# #express[0,#) -mtime -ctime #In minutes -amin -mmin -cmin
Find by permissions
-perm [/|-]MODE MODE #Exact permission matching /MODE #As long as one of the permissions of any kind of (u,g,o) object can match, or relationship, + it will be eliminated from CentOS 7 -MODE #Each type of object must have the specified permission at the same time, which is related to 0 Expressed no concern
Processing action
-print: The default processing action is displayed to the screen
-ls: This is similar to executing on a found file"ls -dils"Command format output
-fls file: The long format information of all found files is saved to the specified file, equivalent to -ls > file
-delete: Delete the found file with caution!
-ok COMMAND {} \; Execute by for each file found COMMAND The specified command is displayed for each file before executing the command
Interactive require user confirmation
-exec COMMAND {} \; Execute by for each file found COMMAND For the specified command, note that spaces should be added before and after the final curly braces
{}: Used to reference the found file name itself
Example 1:
Backup to/etc/Below./conf End of file
22:49:22 root@server[ etc]#find /etc/ -name "*.conf" -exec cp -a {} {}.orag \;
Backup to/etc/Below./conf End of file to/usr/local/test In the directory
[22:57:33 root@server[ etc]#find /etfind /etc/ -name "*.conf" -exec cp {} /usr/local/test/ \;
Example 2:
Interactive prompt to delete those that exist for more than 3 days root Temporary file for
[23:04:09 root@server[ ~]# find /tmp -ctime +3 -usr root -ok rm -rf {} \;
Example 3:
#Find ordinary files with 644 permissions and sh suffix under / data, and increase execution permissions
[23:04:09 root@server[ ~]#find /data/ -name "*.sh" -type f -perm 644 -exec chmod 755 {} \;
Parameter replacement xargs
Because many commands do not support pipeline to pass parameters, xargs is used to generate the parameters of a command, and xargs can read the number of stdin
The data of stdin is separated into parameters by a space character or carriage return character
In addition, many commands cannot accept too many parameters, and command execution may fail. xargs can solve this problem
Note: the file name or other nouns contain spaces
find is often combined with xargs command in the following form:
find | xargs COMMAND lookup/var The subordinate primary of the directory is root,And belongs to group mail All files [23:49:18 root@server[ ~]#find /var/ -user root -group mail -type f lookup/var Directory does not belong to root,lp,gdm All files [23:57:32 root@server[ ~]#find /var/ -not \( -user root -o -user ip -o -user gdm \) -type f lookup/etc Directory is greater than 1 M All documents of normal type [20:51:34 root@server[ ~]#find /etc/ -size +1M Find files that do not belong to a master or group on the current system and have been accessed in the last week find / \( -nouser -o -nogroup -a -atime 7 \) lookup/etc All users in the directory do not have write permission [21:50:28 root@server[ ~]#ls -la /find /etc/ -not \( -perm /222 \)