May 27,

2015

LINUX FIND COMMAND

Linux find command

Under Linux find command to search for files in the directory structure, and the
specified action.

Linux find command provides a considerable number of search criteria, very

powerful. Linux, find common usage examples

find path -option [-print] [-exec -ok command] {} \;

# -print Will find files to standard output Space between; and \ will be found in the
file execute command operations, {} -;
# -exec command {} \
# -ok And -exec, except that before proceeding to inquire user
-name filename

# Find the file called filename

-perm
# Press executing authority to find
-user username
# Press file owner to find
-group groupname # as a group to find
-mtime -nn
-atime -nn
-user username

# Press file to change the time to find the file, -n means less
than n days, n refers to the n days ago
# Press file access times to check GIN: 0px "> - perm # press
execute permissions to find
# Press file owner to find

-group groupname
-mtime -nn

# as a group to find
# Press file to change the time to find the file, -n means less
than n days, n refers to the n days ago

-atime -nn

-nogroup

# Press file access time to find the file, -n means less than n
days, n refers to the n days ago
# by file creation time to find the file, -n means less than n
days, n refers to the n days ago
# check file without valid genus group is a group that is not

-nouser

present in the file / etc / groups in

# search without a valid owner of the file, the owner of a file

-ctime nn

naomychan

Page 1

May 27,
2015

LINUX FIND COMMAND

does not exist in the / etc / passwd in

-newer f1! f2 find the file, -n means less than n days, n refers to the n days ago
-ctime nn
# by file creation time to find the file, -n means less than n
days, n refers to the n days ago
-nogroup
# check file without valid genus group is a group that is not
-nouser
-newer f1! f2

present in the file / etc / groups in

# search without a valid owner of the file, the owner of a
file does not exist in the / etc / passwd in
# check changes over time than f1 f2 new but the old files

-type b / d / c / p / l / f # check is a block device, directory, character equipment,

pipes, symbolic links, Trivial File
-size n [c]
# check the length of n block [or n bytes] file
-depth
# so look before entering a subdirectory complete catalog
look-ahead
-fstype
-mount
-follow

# check changes over time than f1 f2 new but the old files
# check file is not cross file system mount points
# If you have a symbolic link file, it referred to the trace
file links

-cpio

# matching files using cpio command, they backed up to

tape devices
# ignore a directory

-prune

More information can be viewed: "Linux under the find command explanation"
http://www.phpq.net/linux/linux-find.html,"
Linux find command examples
http://www.phpq.net/linux/linux-find-demo.html .

naomychan

Page 2

May 27,
2015

LINUX FIND COMMAND

1) Find in / tmp all the * .h, and look for "SYSCALL_VECTOR" In these documents,
the last print out all contain "SYSCALL_VECTOR" file name
A) find / tmp -name "* .h" | xargs -n50 grep SYSCALL_VECTOR
B) grep SYSCALL_VECTOR /tmp/*.h | cut -d ":" -f1 | uniq> filename
C) find / tmp -name "* .h" -exec grep "SYSCALL_VECTOR" {} \; -print
2) find / -name filename -exec rm -rf {} \;
find / -name filename -ok rm -rf {} \;
3) For example, to find the disk file is larger than 3M of:
. find -size 3000k -exec ls -ld {};
4) to find out what put it somewhere else
find * .c -exec cp "{}" / tmp ";"
5) If you have a special file, you can use cpio, you can also use this syntax:
find dir -name filename -print | cpio -pdv newdir
6) Find files that have changed 2015-05-27 20:44:37 time
# A = `find ./ -name" * php "` | ls -l -full-time $ A 2> / dev / null | grep "2015-05-27
20:44:37

naomychan

Page 3

May 27,
2015

LINUX FIND COMMAND

linux find command usage under

1. Basic usage:
find / -name filename
find ver1.d ver2.d -name "* .c" -print Find ver1.d, ver2.d * .c file and print
find. -type d -print from the current directory to find, only to find directory, find,
print pathname. It can be used to print directory structure.
2. Find error:
find / -name access_log 2> / dev / null
3. Find by size:
find / -size 1500c (1,500 bytes to find the size of the file, c represents bytes)
find / -size 1500c (Find files larger than 1,500 bytes in size, represents more than)
find / -size 1500c (look for files smaller than 1,500 bytes in size, and - represents
less than)
4. Time:
find / -amin n Last n minutes
find / -atime n the last n days
find / -cmin n n the last minute to change state
find / -ctime n the last n days to change state
5. Other:
find / -empty blank document, empty folders, no sub folders
find / -false find the system files are always wrong
find / -fstype type to find the specified file exists in the file system, such as the
type of ext2
find / -gid n group id for the n files
find / -group gname the file named gname
find / -depth n layer in a specified directory to find the file contents priority
find / -maxdepth levels descending in a hierarchical manner directory Find

6. Logic
-and -or conditions or conditions
7. Find string
. find -name "* .html" -exec grep "mailto:" {}

naomychan

Page 4

May 27,
2015

LINUX FIND COMMAND

Since the find has powerful features, so it's also a lot of options, most of which
options are worth our time to find out. Even if the system contains a Network File
System (NFS), find the command in the file system as effective, only you have the
appropriate permissions.
When you run a very resource-consuming find command, many people tend to put it
in the background, because traversing a large file system can take a long time (in this
case more than 30G bytes of the file system).
A, find the command format
1, find the general form of the command is;
find pathname -options [-print -exec -ok ...]
2, find the command parameters;
pathname: directory path to find the command are looking for.
For example. To indicate the current directory, use / to represent system root.
-print: file find command to match output to standard output.
-exec: find command to execute shell commands given by the parameter of the
matching files. The corresponding form of the command to "command" {} \ ;, note {}
and \; spaces between.
-ok: -exec action and the same, but in a more secure mode to execute shell
commands given by the parameter before executing each command will prompt you
to allow users to determine whether to execute.
3, find the command options
-name
Find files by file name.
-perm
To find files by file permissions.
-prune
Use this option to make the find command is not specified in the current directory to
find, if you use the -depth option, then -prune find command will be ignored.
-user
According to the file owner to locate the file.
naomychan

Page 5

May 27,
2015

LINUX FIND COMMAND

-group
According to the group the file belongs to locate the file.
-mtime -n n
Change the file according to the time to find the file, - n represents the file to change
the time from within now n days, n that file to change the time from now n days ago.
There -atime and -ctime find command options, but they are and -m time options.
-nogroup
Find files without a valid-owned group, which belongs to the group that does not
exist in the file / etc / groups in.
-nouser
Find files without a valid owner, that the owner of the file does not exist in the / etc /
passwd in.
-newer file1! file2
Change the time to find new than the file file1 file2 older than the file but the file.
-type
Find certain types of files, such as:
b - block device file.
d - directory.
c - character device file.
p - pipe file.
l - a symbolic link file.
f - an ordinary file.
-size n: [c] Find files file n blocks of length, indicates that the file length in bytes time
with c.
-depth: when you find a file, first locate the files in the current directory, and then in
its subdirectories.
-fstype: Find the file is located in a certain type of file system, these file system types
can usually be found in the configuration file / etc / fstab, the configuration file
contains information regarding the system file system.
-mount: When searching files do not cross file system mount points.
-follow: If you find command encounters a symbolic link files, just follow the link
points to a file.
-cpio: for files that match the use cpio command to back up these files to tape
devices.
In addition, the following three differences:
naomychan

Page 6

May 27,
2015

LINUX FIND COMMAND

-amin n
Find system files accessed last N minutes
-atime n
Find the last n * file system accessible 24 hours
-cmin n
Find the system was changed last minute N files file status
-ctime n
Find system last changed n * 24 file status file
-mmin n
The last N minutes to find the system to be changed file data file
-mtime n
Find system last changed n * 24 file data file

4. Use exec to execute shell commands or ok

When using the find, as long as the desired operation written in a document, you can
use exec to match the find to find, very convenient
In some operating systems only allow -exec option such as ls or ls -l execute such
orders. Most users use this option in order to find old files and delete them.
Recommend execution before actually rm command to delete a file, it is best to look
at with the ls command, confirmed that they are files you want to delete.
Options followed behind exec command or script to be executed, and then a pair of
children {}, a space and a \, and finally a semicolon. To use the exec option, you must
use print options. If you verify the find command, you will find only the output of the
command from the current path of the relative path and file name.
For example: To list files match with the ls -l command, you can put on the -exec ls -l
command option of the find command
. # Find -type f -exec ls -l {} \;
-rw-r-r- 1 root root 34928 2003-02-25 ./conf/httpd.conf
-rw-r-r- 1 root root 12959 2003-02-25 ./conf/magic
-rw-r-r- 1 root root 180 2003-02-25 ./conf.d/README
The example above, find the command to match all the common files in the current
directory, and use the -exec ls -l command option will list them.
Change the time to find the file in the previous 5 / logs directory and delete them:
$ Find logs -type f -mtime 5 -exec rm {} \;
naomychan

Page 7

May 27,
2015

LINUX FIND COMMAND

Remember: Before you shell used in any way to delete a file, it should first check the
appropriate files, be careful! When used, such as mv or rm commands, you can use
safe mode -exec option. It will operate on the file before each match to prompt you.
In the following example, find command to find all the file names in the current
directory with .LOG ending time of the file changes in more than five days, and
delete them, but prompt before deleting.
. $ Find -name "* .conf" -mtime 5 -ok rm {} \;
?N
Press y to delete the file, press n is not deleted.
Any form of commands can be used in the -exec option.
In the following example, we use the grep command. find command first match all
files named "passwd *" files, such as passwd, passwd.old, passwd.bak, then execute
grep command to see if there is a user sam in these documents.
# Find / etc -name "passwd *" -exec grep "sam" {} \;
sam: x: 501: 501 :: / usr / sam: / bin / bash
Two, find examples of command;
1, to find all files in the current user's home directory:
The following two methods can be used
$ Find $ HOME -print
$ Find ~ -print
2, so that the current directory the file owner has read and write permissions, and
the file owning group and other users have read access to the file;
$ Find -type f -perm 644 -exec ls -l {} \.;
3, in order to find all files in the system's normal file length of 0, and lists the full
path;
$ Find / -type f -size 0 -exec ls -l {} \;
4. Find / var / logs directory, change the time before the 7th ordinary file and ask
them before deleting;
$ Find / var / logs -type f -mtime 7 -ok rm {} \;
5, in order to find the system root of all belong to the group of documents;
. $ Find -group root -exec ls -l {} \;
-rw-r-r- 1 root root 595 10 31 01:09 ./fie1
naomychan

Page 8

May 27,
2015

LINUX FIND COMMAND

6, find the command to delete the directory when access time since the 7th of
admin.log file containing a numeric suffix.
This command checks only three digits, so the corresponding file extension should
not exceed 999. To build several admin.log * files, you can use the following
command
$ Find. -name "Admin.log [0-9] [0-9] [0-9]" -atime -7 -ok
rm {} \;
?N
?N
?N
?N
7, in order to find the current file system directory and all sort;
. $ Find -type d | sort
8, in order to find the system all the rmt tape devices;
$ Find / dev / rmt -print
Three, xargs
xargs - build and execute command lines from standard input
When the file using the find command -exec option handling to match, find the
command will be passed along to all matching files to the exec execution. However,
some systems can be passed to the exec command length is limited, so that after the
find command to run a few minutes, there will be an overflow error. Error message is
usually "parameter column too long" or "parameter column overflow." This is useful
where xargs command, especially for use with the find command.
find command to pass the file to xargs command match, and xargs command each
get only part of the file, but not all, unlike the -exec option that. So that it can be
processed to obtain the first part of the file, then the next batch, and so continue.
In some systems, the use of -exec option to process each file matching to initiate an
appropriate process, not all the files that match the first performance as an
argument; so that in some cases there will be too many processes, system
performance degradation, thus efficiency is not high;
Xargs command using only one process. In addition, when using the xargs command,
what is the first to get all of the arguments, or arguments made in batches, and each
takes parameters will be determined according to the number of options for the
naomychan

Page 9

May 27,
2015

LINUX FIND COMMAND

command and the corresponding system kernel tunable parameters.

Take a look at how the xargs command used in conjunction with the find command,
and give some examples.
The following example to find a common system for each file, and then use the xargs
command to test what kind of file they belong
#find -type f -print |. xargs file
./.kde/Autostart/Autorun.desktop: UTF-8 Unicode English text
./.kde/Autostart/.directory: ISO-8859 text \
......
Find a memory dump file (core dump) throughout the system, and then save the
results to /tmp/core.log file:
$ Find / -name "core" -print | xargs echo ""> /tmp/core.log
The slow implementation of the above, I changed in the current directory to find
#find -name "file *" -print |. xargs echo ""> /temp/core.log
# Cat /temp/core.log
./file6

Look under the current directory of all users have the file read, write, and execute
permissions, and recover the corresponding write permissions:
# Ls -l
drwxrwxrwx 2 sam adm 4096 10 30 20:14 file6
-rwxrwxrwx 2 sam adm 0 10 31 01:01 http3.conf
-rwxrwxrwx 2 sam adm 0 10 31 01:01 httpd.conf
# Find -perm -7 -print |. Xargs chmod o-w
# Ls -l
drwxrwxr-x 2 sam adm 4096 10 30 20:14 file6
-rwxrwxr-x 2 sam adm 0 10 31 01:01 http3.conf
-rwxrwxr-x 2 sam adm 0 10 31 01:01 httpd.conf

naomychan

Page 10

May 27,
2015

LINUX FIND COMMAND

With the grep command to search for all common file hostname of the word:
# Find -type f -print |. Xargs grep "hostname"
./httpd1.conf:# different IP addresses or hostnames and have them handled by the
./httpd1.conf:# VirtualHost: If you want to maintain multiple domains / hostnames
on your
With the grep command to search the current directory of all common file
hostnames word:
# Find -name \ * -type f -print |. Xargs grep "hostnames"
./httpd1.conf:# different IP addresses or hostnames and have them handled by the
./httpd1.conf:# VirtualHost: If you want to maintain multiple domains / hostnames

Note that in the above example, \ to cancel the find command * special meaning in
the shell.
with the use of the find command exec and xargs allows users to perform almost all
of the command files to match.
Four parameters, find the command

Here are some common parameters find examples of useful time to look on the line,
like the front of a few posts, have used some of the parameters of which can also be
used to view the man or forum postings find other commands manual

1, using the name option

Filename option is find command most commonly used options, either use this
option alone or with other option.
You can use a certain file name pattern to match files, remember to quote the file
name pattern quotes.

naomychan

Page 11

May 27,
2015

LINUX FIND COMMAND

No matter what the current path is, if you want to find the file name in the root
directory of your $ HOME that match * .txt files, use ~ as "pathname" argument, the
tilde ~ represents your $ HOME directory.
$ Find ~ -name "* .txt" -print
Want to find all the '* .txt' file in the current directory and subdirectories, you can
use:
$ Find. -name "* .txt" -print
The current directory and subdirectories to find the desired file name with a capital
letter at the beginning of the file, you can use:
$ Find. -name "[A-Z] *" -print
Want to find the file name starts with the host file in / etc directory, you can use:
$ Find / etc -name "host *" -print
Want to find $ HOME directory of files, you can use:
$ Find ~ -name "*" -print or find. -print
To get the system high load running, starting from the root directory to find all the
files.
$ Find / -name "*" -print
If you want to find the file in the current directory name starts with two lowercase
letters, followed by two digits, and finally .txt files, the following command will be
able to return to a file named ax37.txt of:
$ Find. -name "[Az] [az] [0--9] [0--9] .txt" -print

2, with the perm options

According to the file permissions mode with -perm option, press the file permissions
mode to find the file words. Best octal representation rights.
Such as finding files in the current directory permission bits to 755 files, document
owner can read, write, execute, other users can read and execute the file, you can
use:
$ Find. -perm 755 -print

naomychan

Page 12

May 27,
2015

LINUX FIND COMMAND

There is an expression: In octal front to add a dash - indicates match, as the

equivalent of 777 -007, -006 is equivalent to 666
# Ls -l
-rwxrwxr-x 2 sam adm 0 10 31 01:01 http3.conf
-rw-rw-rw- 1 sam adm 34890 10 31 00:57 httpd1.conf
-rwxrwxr-x 2 sam adm 0 10 31 01:01 httpd.conf
drw-rw-rw- 2 gem group 4096 10 26 19:48 sam
-rw-rw-rw- 1 root root 2792 10 31 20:19 temp
# Find. -perm 006
# Find. -perm -006
./sam
./httpd1.conf
./temp
-perm mode: file permissions fits mode
-perm mode: file permissions partially compliant mode
-perm -mode: file permissions fully compliant mode

3, ignoring a directory
If you want to ignore a directory, because you know that the directory does not find
the file you want, you can use -prune option to indicate the directory to be ignored
when looking for files. When using -prune option to be careful, because if you use
the -depth option, then -prune option will be ignored find command.

If you want to find in the / apps directory file, but do not want to look in the / apps /
bin directory, you can use:
$ Find / apps -path "/ apps / bin" -prune -o -print
4, using the time to find files find how to avoid a file directory
For example, to find all files that are not within dir1 subdirectory under / usr / sam
directory
find / usr / sam -path "/ usr / sam / dir1" -prune -o -print
find [-path ..] [expression] is an expression of the back path list
naomychan

Page 13

May 27,
2015

LINUX FIND COMMAND

-path "/ usr / sam" -prune -o -print is -path "/ usr / sam" -a -prune -o
-print shorthand expression evaluator, -a and -o are short-circuit evaluation in order,
with the shell of && and || similar if -path "/ usr / sam" is true, then evaluated
-prune, -prune Returns true, the logical expression is true; otherwise not evaluated
-prune, and the logical expression is false. If -path "/ usr / sam" -a -prune is false,
then evaluated -print, -print returns true or logical expression is true; otherwise not
evaluated -print, or logical expression is true.
This expression can be used in combination exception pseudo code is written as
if -path "/ usr / sam" then
-prune
else
-print
Avoid multiple folders
find / usr / sam \ (-path / usr / sam / dir1 -o -path / usr / sam / file1 \) -prune -o
-print
Parentheses indicate binding expression.
\ Is a reference that indicates the character after the shell does not make a special
interpretation, and left the find command to explain its significance.
Find a defined file, -name and other options added after -o
#find / usr / sam \ (- path / usr / sam / dir1 -o -path / usr / sam / file1 \) -prune -o
-name "temp" -print

5, using the user and nouser options

Find files by file owner, such as finding files in $ HOME directory is owned by the sam
file, you can use:
$ Find ~ -user sam -print
In the / etc directory to find the file owner to uucp file:
$ Find / etc -user uucp -print
To find the file owner account has been deleted, you can use the -nouser option. This
makes it possible to find that the owner does not file a valid account in / etc / passwd
file. When using -nouser option, do not give the user name; find command can help
you to complete the work.
naomychan

Page 14

May 27,
2015

LINUX FIND COMMAND

For example, you want to find all such files in the / home directory, you can use:
$ Find / home -nouser -print
6, using the group and nogroup options
Like user and nouser options like document for the user group belongs, find
command also has the same option, to look at / apps directory for files that gem user
group, you can use:
$ Find / apps -group gem -print
To find no valid user group of all files, you can use the nogroup option. The following
find command to find this file from the root of the file system
$ Find / -nogroup-print
7. Change the time or access time to find the file
If you want to change the time according to find a file, you can use the mtime, atime
or ctime options. If suddenly there is no available space, and most likely the length of
one file during this period has grown rapidly, then you can use mtime options to find
such files.
A minus sign - to change the time defined in the file n days or less ago, but with a
plus sign to change the time defined in n days ago previous file.
Change the time you want to find the root of the file system within five days, you can
use:
$ Find / -mtime -5 -print

To find in the / var / adm directory to change the time before the 3rd file, you can
use:
$ Find / var / adm -mtime 3 -print

8. Find a file than the new or the old file

If you want to look for changes over time a new file is older than the other, but all
the files, you can use the -newer option. Its general form:
newest_file_name! oldest_file_name
Among them,! It is a non-symbolic logic.
naomychan

Page 15

May 27,
2015

LINUX FIND COMMAND

Change the time to find than the file sam new but the old file than the file temp:
Example: There are two files
-rw-r-r- 1 sam adm 0 10 31 01:07 fiel
-rw-rw-rw- 1 sam adm 34890 10 31 00:57 httpd1.conf
-rwxrwxr-x 2 sam adm 0 10 31 01:01 httpd.conf
drw-rw-rw- 2 gem group 4096 10 26 19:48 sam
-rw-rw-rw- 1 root root 2792 10 31 20:19 temp
# Find -newer httpd1.conf! -newer Temp -ls
1077669 0 -rwxrwxr-x 2 sam adm 0 10 31 01:01 ./httpd.conf
1077671 4 -rw-rw-rw- 1 root root 2792 10 31 20:19 ./temp
1077673 0 -rw-r-r- 1 sam adm 0 10 31 01:07 ./fiel
Find a temp file modification time than the new file:
$ Find. -newer Temp -print
9. Use the type option
Find all the directories in the / etc directory, you can use:
$ Find / etc -type d -print
Find all types of files except the directories in the current directory, you can use:
$ Find.! -type D -print
Find all symbolic link files in the / etc directory, you can use
$ Find / etc -type l -print

10, using the size option

You can find files by file length, file length may be referred to herein as the metering
block (block), it can also be measured in bytes. To express a byte file length
measurement is N c; to block the file length measurement can only numerically.
When searching file by file length, generally use this file size in bytes, the size of the
view of the file system, because then use blocks to measure more easily converted.
In the current directory to find the file size is greater than 1 M-byte file:
$ Find. -size 1000000c -print
Find the file length in the / home / apache directory exactly 100 bytes of the file:
naomychan

Page 16

May 27,
2015

LINUX FIND COMMAND

$ Find / home / apache -size 100c -print

Find the length of more than 10 files in the current directory (equivalent to a 512
byte):
$ Find. -size 10 -print
11, using the depth options
When you use the find command, you may want to match all files, and then look in
the subdirectory. Use depth options can make the find command to do so. One
reason for doing this is that when the tape backup system to use the find command,
want to first back up all the files, and then followed by the backup files in
subdirectories.
In the following example, find command from the root directory of the file system,
look for a file named CON.FILE of.
All files will first match and then look into the subdirectory.
$ Find / -name casino online "CON.FILE" -depth -print
12, using the mount option
Find the file in the current file system (without access to other file system), you can
use the find command mount option.
Starting from the current directory to find the file is located in this file system file
names ending XC:
$ Find. -name "* .XC" -mount -print
Or dividing line ------- ------

A, Linux find common usage in the sample

Find path -option [-print] [-exec -ok command] {} \;
# -print Will find files to standard output
Space between; and \ will be found in the file execute command operations, {} -; #
-exec command {} \
# -ok And -exec, except that before proceeding to inquire user
= = = = = = = = == = = = = = === = = = = = = = == = = = = = === = = = = = = = == = = = = = === = = = = = =
naomychan

Page 17

May 27,
2015

LINUX FIND COMMAND

-name filename # Find the file called filename

-perm # Press executing authority to find
-user username # Press file owner to find
-group groupname # as a group to find
-mtime -nn # Press file to change the time to find the file, -n means less than n days,
n refers to the n days ago
-atime -nn # Press file access times to check GIN: 0px "> - perm # press execute
permissions to find
-user username # Press file owner to find
-group groupname # as a group to find
-mtime -nn # Press file to change the time to find the file, -n means less than n days,
n refers to the n days ago
-atime -nn # Press file access time to find the file, -n means less than n days, n refers
to the n days ago
-ctime -nn # by file creation time to find the file, -n means less than n days, n refers
to the n days ago
-nogroup # check file without valid genus group is a group that is not present in the
file / etc / groups in
-nouser # search without a valid owner of the file, the owner of a file does not exist
in the / etc / passwd in
-newer f1! f2 find the file, -n means less than n days, n refers to the n days ago
-ctime -nn # by file creation time to find the file, -n means less than n days, n refers
to the n days ago
-nogroup # check file without valid genus group is a group that is not present in the
file / etc / groups in
-nouser # search without a valid owner of the file, the owner of a file does not exist
in the / etc / passwd in
-newer f1! f2 # check changes over time than f1 f2 new but the old files
-type b / d / c / p / l / f # check is a block device, directory, character equipment,
pipes, symbolic links, Trivial File
-size n [c] # check the length of n block [or n bytes] file
-depth # so look before entering a subdirectory complete catalog look-ahead
-fstype # check changes over time than f1 f2 new but the old files
-mount # check file is not cross file system mount points
-follow # If you have a symbolic link file, it referred to the trace file links
-cpio # matching files using cpio command, they backed up to tape devices
-prune # ignore a directory
naomychan

Page 18

May 27,
2015

LINUX FIND COMMAND

Examples
===============================================================
$ Find ~ -name "* .txt" -print # in $ HOME in check .txt file and displays
$ Find. -name "* .txt" -print
. $ Find -name "[AZ] *" -pri26nbsp; # matching files using cpio command, they
backed up to tape devices
-prune # ignore a directory
$ Find. -name "[AZ] *" -print # check file begins with an uppercase letter
$ Find / etc -name "host *" -print # Charles beginning to host files
$ Find. -name "[Az] [az] [0--9] [0--9] .txt" -print # check both two lowercase letters
and numbers beginning with the txt file
$ Find. -perm 755 -print
$ Find -perm -007 -exec ls -l {} \;. # Check that all users can read and write files to
perform with -perm 777
$ Find. -type D -print print directory structure
$ Find.! -type D -print print the non-directory files
find / usr / include -name "* .h" -exec grep AF_INEF6 {} \;
Unable because grep recursively search subdirectories, it can be used in combination
find. Find string AF_INEF6 in / usr / include all subdirectories .h file
$ Find. -type L -print
$ Find. -size 1000000c -print # check file length is greater than 1Mb
$ Find. -size 100c -print # check file length 100c
$ Find. -size 10 -print # investigation of obsolete documents longer than 10 in (a =
512 bytes)
$ Cd /
$ Find etc home apps -depth -print | cpio -ivcdC65536 -o / dev / rmt0
$ Find / etc -name "passwd *" -exec grep "cnscn" {} \; # see if there cnscn user
$ Find -name "yao *" |. Xargs file
$ Find -name "yao *" |. Xargs echo ""> /tmp/core.log
$ Find -name "yao *" |. Xargs chmod o-w
================================================== ====

naomychan

Page 19

May 27,
2015

LINUX FIND COMMAND

find -name april * Find files in april begin in the current directory
find -name april * fprint file to find the file in april begin in the current directory, and
outputs the result to file
find -name ap * -o -name may * or may look to the beginning of the file ap
find / mnt -name tom.txt -ftype vfat find the name in the / mnt as tom.txt and the
file system type vfat file
find / mnt -name t.txt! -ftype vfat look for a tom.txt and the file system type vfat file
is not in the / mnt
find / tmp -name wa * -type l look for a file named wa beginning and it's a symbolic
link in the / tmp
find / home -mtime -2 check within the last two days changed files in the / home
find / home -atime -1 investigation file is accessed within one day off
find / home -mmin 60 check 60 minutes before the changed files in the / home
find / home -amin 30 investigation files were accessed in the last 30 minutes ago off
find / home -newer tmp.txt under / home longer than tmp.txt near check update the
file or directory
find / home -anewer tmp.txt under / home check recent access time than tmp.txt file
or directory
find / home -used -2 lists the following file or directory is altered, within 2 days
accessed through a file or directory
find / home -user cnscn listed in the / home directory belongs to the user within a
file or directory cnscn
find / home -uid 501 listed in the / home directory of the user ID is greater than 501
file or directory
find / home -group cnscn lists / home within a group of files or directories cnscn
find / home -gid 501 lists / home within the group id 501 file or directory
find / home -nouser lists are not within / home user's local file or directory
find / home -nogroup listed in the / home does not belong to a local group of files or
directories
find / home -name tmp.txt -maxdepth 4 lists / tmp.txt search Deep inside the home
up to three layers
find / home -name tmp.txt -mindepth 3 from layer 2 start search
find / home -empty lookup file size 0 or empty directories
find / home -size 512k check files larger than 512k
find / home -size -512k check less than 512k file
find / home -links 2 check hard links greater than 2 file or directory
find / home -perm 0700 700 check permissions for the file or directory
naomychan

Page 20

May 27,
2015

LINUX FIND COMMAND

find / tmp -name tmp.txt -exec cat {} \;

find / tmp -name tmp.txt -ok rm {} \;
find / -amin -10 # find the last 10 minutes in the system to access files
find / -atime -2 # Find the last 48 hours in the system to access files
find / -empty # look at the system as a file or folder empty
find / -group cat # Find belonging groupcat file in the system
find / -mmin -5 # look at the system in the last five minutes modified file
find / -mtime -1 # find in the system the last 24 hours in modified files
find / -nouser # Find in a system belonging to void the user's file
find / -user fred # find below FRED the users in the system files
Check all current common file directory
--------------------------. # Find -type f -exec ls -l {} \;
-rw-r-r- 1 root root 34928 2003-02-25 ./conf/httpd.conf
-rw-r-r- 1 root root 12959 2003-02-25 ./conf/magic
-rw-r-r- 1 root root 180 2003-02-25 ./conf.d/README
Check all current common file directory, and - using the exec command ls -l option
will list them
=================================================
Change the time to find the file before the 5th in / logs directory and delete them:
$ Find logs -type f -mtime 5 -exec -ok rm {} \;
=================================================
Discover the day changed files
[Root @ book class] # find ./ -mtime -1 -type f -exec ls -l {} \;
=================================================

Discover file and asks whether you want to display

[Root @ book class] # find ./ -mtime -1 -type f -ok ls -l {} \;
<Ls ... ./classDB.inc.php>? Y
-rw-r-r- 1 cnscn cnscn 13709 1 12 12:22 ./classDB.inc.php
[root@book class]# find ./ -mtime -1 -type f -ok ls -l {} \;
< ls ... ./classDB.inc.php > ? n
[root@book class]#
naomychan

Page 21

May 27,
2015

LINUX FIND COMMAND

=================================================
To deal with queries and to awk
[Root @ book class] # who | awk "{print $ 1" \ t "$ 2}"
cnscn pts / 0
=================================================
awk-grep-sed
[Root @ book class] # df -k | awk "{print $ 1}" | grep -v "none" | sed s "/ \ / dev \ ///
g"
File System
sda2
sda1
[Root @ book class] # df -k | awk "{print $ 1}" | grep -v "none"
File System
/ Dev / sda2
/ Dev / sda1
1) Find in / tmp all the * .h, and look for "SYSCALL_VECTOR" In these documents, the
last print out all contain "SYSCALL_VECTOR" file name
A) find / tmp -name "* .h" | xargs -n50 grep SYSCALL_VECTOR
B) grep SYSCALL_VECTOR /tmp/*.h | cut -d ":" -f1 | uniq> filename
C) find / tmp -name "* .h" -exec grep "SYSCALL_VECTOR" {} \; -print
2) find / -name filename -exec rm -rf {} \;
find / -name filename -ok rm -rf {} \;
3) For example, to find the disk file is larger than 3M of:
. find -size 3000k -exec ls -ld {};
4) to find out what put it somewhere else
find * .c -exec cp "{}" / tmp ";"
If you have a special file, you can use cpio, you can also use this syntax:
find dir -name filename -print | cpio -pdv newdir
6) Find files that have changed 2004-11-30 16:36:37 time
# A = `find ./ -name" * php "` | ls -l -full-time $ A 2> / dev / null | grep "2004-11-30
16:36:37
naomychan

Page 22

May 27,
2015

LINUX FIND COMMAND

Second, under linux find command usage

1. Basic usage:
find / -name filename
find ver1.d ver2.d -name "* .c" -print Find ver1.d, ver2.d * .c file and print
find. -type d -print from the current directory to find, only to find directory, find, print
pathname. It can be used to print directory structure.
2. Find error:
find / -name access_log 2> / dev / null
3. Find by size:
find / -size 1500c (1,500 bytes to find the size of the file, c represents bytes)
find / -size 1500c (Find files larger than 1,500 bytes in size, represents more than)
find / -size 1500c (look for files smaller than 1,500 bytes in size, and - represents less
than)
4. Time:
find / -amin n Last n minutes
find / -atime n the last n days
find / -cmin n n the last minute to change state
find / -ctime n the last n days to change state
5. Other:
find / -empty blank document, empty folders, no sub folders
find / -false find the system files are always wrong
find / -fstype type to find the specified file exists in the file system, such as the type
of ext2
find / -gid n group id for the n files
find / -group gname the file named gname
find / -depth n layer in a specified directory to find the file contents priority
find / -maxdepth levels descending in a hierarchical manner directory Find
6. Logic
-and -or conditions or conditions
7. Find string
. find -name "* .html" -exec grep "mailto:" {}

This entry was published by the maker symfony

classified directory.
naomychan

Page 23