首页 > 代码库 > 文件查找 find命令

文件查找 find命令

文件查找

    locate    非实时,查找是根据全系统文件数据库进行;模糊匹配;速度快;

                # updatedb, 手动生成文件数据库

         

    find        实时;精确;支持众多查找标准(文件名,文件类型,文件权限查找,正则表达式匹配查找);遍历指定目录中的所有文件完成查找,速度慢;

   

     # find 查找路径 查找标准 查找到以后的处理运作

                查找路径,默认为当前目录

                查找标准,默认为指定路径下的所有文件

                处理动作,默认为显示到屏幕

 

              查找标准,匹配标准:

                -name ‘FILENAME‘  对文件名做精确匹配

                        # find /etc -name ‘passwd‘ 查找/etc 目录下passwd的文件

                            [root@localhost ~]# find /etc -name ‘passwd‘
                            /etc/passwd
                            /etc/pam.d/passwd

                       文件名通配:* ? [ ] 等

                            # find /etc -name ‘*passwd*‘

                            [root@localhost ~]# find /etc -name ‘*passwd*‘
                            /etc/passwd.OLD
                            /etc/security/opasswd
                            /etc/passwd
                            /etc/pam.d/passwd
                            /etc/passwd-

                -iname 文件名匹配不区分大小写

                -regex PATTERN 

                -user USERNAME

                -uid UID  系统的某个用户被删,所有此前此用户文件属主为此前的用户id号

                -gid GID 同上

                -nouser   查找没有属主的文件,工作中要经常查找此类文件并将属主指定给管理员,以免被其他用户篡改。

                -type 根据文件类型

                        f 普通文件

                        d 目录

                        c 字符设备

                        b 块设备

                         l 链接

                        p 管道

                        s 套接字

                             /tmp 目录下类型不是目录的文件

                                [root@localhost ~]# find /tmp -not -type d
                                /tmp/vmware-root-860070256/vmware-apploader-1294.log
                                /tmp/vmware-root-860070256/vmware-apploader-1844.log
                                /tmp/vmware-root-860070256/vmware-apploader-1838.log
                                /tmp/vmware-root-860070256/vmware-apploader-1300.log

                            

                            /tmp 目录下,不是目录,并且还不能套接字类型的文件

                                #

 

                            /tmp 目录下,属主不是user1,也不是user2的文件

                                # find /tmp -not -user -a -not -user2

                                # find /tmp -not \( -user user1 -o -user user2 \)

        

 

 

               -size

                        #k  #M #G

                        [ + | - ]#k               

                 组合条件

                        -a

                        -o

                        -not

                根据时间查找                

                        -atime

                        -ctime

                        -mtime

                                 # find /tmp -atime +30 30天内没访问过

                -perm MODE 根据权限查找

                    #man perm

                            -MODE 每一位权限都必须精确匹配

                            /MODE 有一位被匹配

                    # find ./ -perm 644 精确匹配 

                                            /644 只要有一位被匹配都可以查到

                                            -644 每一位都必须匹配 对应的位完全包含  755能被匹配到 而750不能够

                    # find ./ -perm -007

 

        运作:

                -print  显示

                -ls  类似ls -l 的行驶显示每个文件详细

                        

                -ok COMMAND {} \;      \;重要

                -exec COMMAND {} \;

 

                      # find ./ -perm -006 -exec chmod o-w {} \;

                      

                      # find ./ -type d -ok chmod +x {} \;

                          用ok 时,交互,每个操作都需要用户确认。

                           exec 无交互

 

                     找到目录下属主有写的权限,并将它名字改为FILENAME.nw

                        # find ./ -perm 020 -exec mv {} {}.new \;

                     找文件名.sh 结尾的文件 并将所有用户都有执行权限的文件其它用户的执行权限去掉;

                        # find ./ -name ‘*.sh‘ -a -perm -111 -exec chmod o-x {} \;

    作业:

    1、查找/var 目录下属主为root并且属组为mail的所有文件

            # find /var -user root -group mail

 

    2、查找/usr目录下不属于root,bin或student的文件

            # find /usr -not -user root -a -not -user bin -a -not -user student

            # find /usr -not \( -user root -o -user bin -o -user student \)

 

    3、查找/etc目录下最近一周内内容修改过且不属于root及student用户的文件;

            # find /etc -mtime -7 -not -user root -a -not -user student

            # find /etc -mtime -7 -not \( -user root -o -user student \)

                           

    4、查找当前系统上没有属主或属组且最近1天内曾被访问过的文件,并将其属主属组均修改为root;

            # find ./ \( -nouser -o -nogroup \) -a -atime -1 -exec chown root:root {} \;

  

    5、查找/etc目录下大于1M的文件,并将其文件名写入/tmp/etc/largefiles文件中

            # find /etc -size +1M -exec >> /tmp/etc/largefiles

            # find /etc -size +1M -exec echo {} >> /tmp/etc/largefiles \;

            # find /etc -size +1M | xargs echo >> /tmp/etc/largefiles 内容为使用空格隔开的一行文本

 

 

    6、查找/etc目录下所有用户都没有写权限的文件,显示出其详细信息;

            # find /etc -not -perm /222 -ls

 

 

 

 

文件查找 find命令