在文件系统上查找符合条件的文件
文件查找:locate, find
locate 查询系统上预建的文件索引数据库 /var/lib/mlocate/mlocate.db
索引的构建是在系统较为空闲时自动进行(周期性任务),执行updatedb可以更新数据库
索引构建过程需要遍历整个根文件系统,很消耗资源
来自于mlocate包
工作特点:
格式:
locate [OPTION]... [PATTERN]...
常用选项
-i 不区分大小写的搜索 -n N 只列举前N个匹配项目 -r 使用基本正则表达式
范例: locatedb创建数据库
[root@rocky8 ~]# locate passwd -bash: locate: command not found [root@rocky8 ~]# dnf provides locate Last metadata expiration check: 18:19:06 ago on Sun 10 Oct 2021 06:59:53 PM CST. mlocate-0.26-20.el8.x86_64 : An utility for finding files by name Repo : BaseOS Matched from: Filename : /usr/bin/locate [root@rocky8 ~]# dnf -y install mlocate [root@rocky8 ~]# locate passwd locate: can not stat () `/var/lib/mlocate/mlocate.db': No such file or directory [root@rocky8 ~]# ll /var/lib/mlocate/mlocate.db ls: cannot access '/var/lib/mlocate/mlocate.db': No such file or directory [root@rocky8 ~]# updatedb [root@rocky8 ~]# ll /var/lib/mlocate/mlocate.db -rw-r----- 1 root slocate 1039430 Oct 11 13:20 /var/lib/mlocate/mlocate.db [root@rocky8 ~]# locate passwd /etc/passwd /etc/passwd- /etc/data2021-10-09_14-26-54/passwd /etc/data2021-10-09_14-26-54/passwd- /etc/data2021-10-09_14-26-54/pam.d/passwd /etc/data2021-10-09_14-26-54/security/opasswd /etc/data2021-10-09_14-27-19/security/opasswd /etc/pam.d/passwd /etc/security/opasswd /usr/bin/gpasswd /usr/bin/grub2-mkpasswd-pbkdf2 /usr/bin/htpasswd /usr/bin/passwd /usr/lib/firewalld/services/kpasswd.xml /usr/lib64/security/pam_unix_passwd.so /usr/sbin/chgpasswd /usr/sbin/chpasswd /usr/sbin/lpasswd /usr/sbin/saslpasswd2 /usr/share/awk/passwd.awk /usr/share/doc/passwd /usr/share/doc/passwd/AUTHORS /usr/share/doc/passwd/ChangeLog /usr/share/doc/passwd/NEWS /usr/share/licenses/passwd /usr/share/licenses/passwd/COPYING /usr/share/locale/ar/LC_MESSAGES/passwd.mo /usr/share/locale/as/LC_MESSAGES/passwd.mo /usr/share/locale/ast/LC_MESSAGES/passwd.mo /usr/share/locale/bg/LC_MESSAGES/passwd.mo /usr/share/locale/bn/LC_MESSAGES/passwd.mo /usr/share/locale/bn_IN/LC_MESSAGES/passwd.mo /usr/share/locale/bs/LC_MESSAGES/passwd.mo /usr/share/locale/ca/LC_MESSAGES/passwd.mo /usr/share/locale/cs/LC_MESSAGES/passwd.mo /usr/share/locale/cy/LC_MESSAGES/passwd.mo /usr/share/locale/da/LC_MESSAGES/passwd.mo /usr/share/locale/de/LC_MESSAGES/passwd.mo /usr/share/locale/el/LC_MESSAGES/passwd.mo /usr/share/locale/en_GB/LC_MESSAGES/passwd.mo /usr/share/locale/es/LC_MESSAGES/passwd.mo /usr/share/locale/et/LC_MESSAGES/passwd.mo /usr/share/locale/eu/LC_MESSAGES/passwd.mo /usr/share/locale/fa/LC_MESSAGES/passwd.mo /usr/share/locale/fi/LC_MESSAGES/passwd.mo /usr/share/locale/fr/LC_MESSAGES/passwd.mo /usr/share/locale/gl/LC_MESSAGES/passwd.mo /usr/share/locale/gu/LC_MESSAGES/passwd.mo /usr/share/locale/he/LC_MESSAGES/passwd.mo /usr/share/locale/hi/LC_MESSAGES/passwd.mo /usr/share/locale/hr/LC_MESSAGES/passwd.mo /usr/share/locale/hu/LC_MESSAGES/passwd.mo /usr/share/locale/hy/LC_MESSAGES/passwd.mo /usr/share/locale/id/LC_MESSAGES/passwd.mo /usr/share/locale/is/LC_MESSAGES/passwd.mo /usr/share/locale/it/LC_MESSAGES/passwd.mo /usr/share/locale/ja/LC_MESSAGES/passwd.mo /usr/share/locale/ka/LC_MESSAGES/passwd.mo /usr/share/locale/kn/LC_MESSAGES/passwd.mo /usr/share/locale/ko/LC_MESSAGES/passwd.mo /usr/share/locale/ku/LC_MESSAGES/passwd.mo /usr/share/locale/lo/LC_MESSAGES/passwd.mo /usr/share/locale/mk/LC_MESSAGES/passwd.mo /usr/share/locale/ml/LC_MESSAGES/passwd.mo /usr/share/locale/mr/LC_MESSAGES/passwd.mo /usr/share/locale/ms/LC_MESSAGES/passwd.mo /usr/share/locale/my/LC_MESSAGES/passwd.mo /usr/share/locale/nb/LC_MESSAGES/passwd.mo /usr/share/locale/nds/LC_MESSAGES/passwd.mo /usr/share/locale/nl/LC_MESSAGES/passwd.mo /usr/share/locale/nn/LC_MESSAGES/passwd.mo /usr/share/locale/or/LC_MESSAGES/passwd.mo /usr/share/locale/pa/LC_MESSAGES/passwd.mo /usr/share/locale/pl/LC_MESSAGES/passwd.mo /usr/share/locale/pt/LC_MESSAGES/passwd.mo /usr/share/locale/pt_BR/LC_MESSAGES/passwd.mo /usr/share/locale/ro/LC_MESSAGES/passwd.mo /usr/share/locale/ru/LC_MESSAGES/passwd.mo /usr/share/locale/si/LC_MESSAGES/passwd.mo /usr/share/locale/sk/LC_MESSAGES/passwd.mo /usr/share/locale/sl/LC_MESSAGES/passwd.mo /usr/share/locale/sq/LC_MESSAGES/passwd.mo /usr/share/locale/sr/LC_MESSAGES/passwd.mo /usr/share/locale/sr@latin/LC_MESSAGES/passwd.mo /usr/share/locale/sv/LC_MESSAGES/passwd.mo /usr/share/locale/ta/LC_MESSAGES/passwd.mo /usr/share/locale/te/LC_MESSAGES/passwd.mo /usr/share/locale/tr/LC_MESSAGES/passwd.mo /usr/share/locale/uk/LC_MESSAGES/passwd.mo /usr/share/locale/ur/LC_MESSAGES/passwd.mo /usr/share/locale/vi/LC_MESSAGES/passwd.mo /usr/share/locale/wa/LC_MESSAGES/passwd.mo /usr/share/locale/zh_CN/LC_MESSAGES/passwd.mo /usr/share/locale/zh_TW/LC_MESSAGES/passwd.mo /usr/share/man/cs/man1/gpasswd.1.gz /usr/share/man/de/man1/gpasswd.1.gz /usr/share/man/de/man8/chgpasswd.8.gz /usr/share/man/de/man8/chpasswd.8.gz /usr/share/man/fr/man1/gpasswd.1.gz /usr/share/man/fr/man8/chgpasswd.8.gz /usr/share/man/fr/man8/chpasswd.8.gz /usr/share/man/hu/man1/gpasswd.1.gz /usr/share/man/it/man1/gpasswd.1.gz /usr/share/man/it/man8/chgpasswd.8.gz /usr/share/man/it/man8/chpasswd.8.gz /usr/share/man/ja/man1/gpasswd.1.gz /usr/share/man/ja/man1/passwd.1.gz /usr/share/man/ja/man8/chpasswd.8.gz /usr/share/man/man1/gpasswd.1.gz /usr/share/man/man1/grub2-mkpasswd-pbkdf2.1.gz /usr/share/man/man1/htpasswd.1.gz /usr/share/man/man1/lpasswd.1.gz /usr/share/man/man1/openssl-passwd.1ssl.gz /usr/share/man/man1/passwd.1.gz /usr/share/man/man1/sslpasswd.1ssl.gz /usr/share/man/man8/chgpasswd.8.gz /usr/share/man/man8/chpasswd.8.gz /usr/share/man/pt_BR/man1/gpasswd.1.gz /usr/share/man/ru/man1/gpasswd.1.gz /usr/share/man/ru/man8/chgpasswd.8.gz /usr/share/man/ru/man8/chpasswd.8.gz /usr/share/man/zh_CN/man1/gpasswd.1.gz /usr/share/man/zh_CN/man8/chgpasswd.8.gz /usr/share/man/zh_CN/man8/chpasswd.8.gz /usr/share/man/zh_TW/man8/chpasswd.8.gz /usr/share/vim/vim80/ftplugin/passwd.vim /usr/share/vim/vim80/syntax/passwd.vim /var/lib/sss/mc/passwd
范例:
#搜索名称或路径中包含“conf”的文件 locate conf #使用Regex来搜索以“.conf”结尾的文件 locate -r '\.conf$'
范例:
[root@rocky8 ~]# locate -n 10 -ir '\.conf$' /boot/loader/entries/ad9d4d0a9e7a41c6ba47c505d1172547-0-rescue.conf /boot/loader/entries/ad9d4d0a9e7a41c6ba47c505d1172547-4.18.0-305.3.1.el8_4.x86_64.conf /etc/dracut.conf /etc/fuse.conf /etc/host.conf /etc/idmapd.conf /etc/kdump.conf /etc/krb5.conf /etc/ld.so.conf /etc/libaudit.conf [root@rocky8 ~]# touch test.log [root@rocky8 ~]# locate test.log [root@rocky8 ~]# updatedb [root@rocky8 ~]# locate test.log /root/test.log
find 是实时查找工具,通过遍历指定路径完成文件查找
工作特点:
格式:
find [OPTION]... [查找路径] [查找条件] [处理动作]
查找路径:指定具体目标路径;默认为当前目录
查找条件:指定的查找标准,可以文件名、大小、类型、权限等标准进行;默认为找出指定路径下的所有文件
处理动作:对符合条件的文件做操作,默认输出至屏幕
范例:
[root@rocky8 ~]# find . ./.cshrc ./.tcshrc ./anaconda-screenshots ./anaconda-screenshots/screenshot-0000.png ./anaconda-screenshots/screenshot-0001.png ./anaconda-screenshots/screenshot-0002.png ./anaconda-ks.cfg ./.bash_history ./.bash_profile ./.vimrc ./.bash_logout ./.lesshst ./.bashrc ./.viminfo ./test.log #默认在当前目录下查找 [root@rocky8 ~]# mkdir -p d1/d2/d3 [root@rocky8 ~]# touch d1/d2/d3/a.txt [root@rocky8 ~]# find . ./.cshrc ./.tcshrc ./anaconda-screenshots ./anaconda-screenshots/screenshot-0000.png ./anaconda-screenshots/screenshot-0001.png ./anaconda-screenshots/screenshot-0002.png ./anaconda-ks.cfg ./.bash_history ./.bash_profile ./.vimrc ./.bash_logout ./.lesshst ./.bashrc ./.viminfo ./test.log ./d1 ./d1/d2 ./d1/d2/d3 ./d1/d2/d3/a.txt #默认递归查找
-maxdepth level 最大搜索目录深度,指定目录下的文件为第1级 -mindepth level 最小搜索目录深度
范例:
[root@rocky8 ~]# find /etc -maxdepth 1 #-maxdepth 1 最大一层 [root@rocky8 ~]# find /etc -maxdepth 3 -mindepth 2 #最大3层,最小2层 [root@rocky8 ~]# find /etc -maxdepth 2 -mindepth 2 #查看第2层,最大和最小都是2层
-depth -d
范例:
[root@rocky8 ~]# mkdir /data/test/test2/test3 -p [root@rocky8 ~]# touch /data/test/f{1..2}.txt [root@rocky8 ~]# touch /data/test/test2/test3/f{3..4}.txt [root@rocky8 ~]# tree /data/test /data/test ├── f1.txt ├── f2.txt └── test2 └── test3 ├── f3.txt └── f4.txt 2 directories, 4 files [root@rocky8 ~]# find /data/test /data/test /data/test/test2 /data/test/test2/test3 /data/test/test2/test3/f3.txt /data/test/test2/test3/f4.txt /data/test/f1.txt /data/test/f2.txt [root@rocky8 ~]# find /data/test -depth /data/test/test2/test3/f3.txt /data/test/test2/test3/f4.txt /data/test/test2/test3 /data/test/test2 /data/test/f1.txt /data/test/f2.txt /data/test
-name "文件名称":支持使用glob,如:*, ?, [], [^],通配符要加双引号引起来 -iname "文件名称":不区分字母大小写 -inum n 按inode号查找 -samefile name 相同inode号的文件 -links n 链接数为n的文件 -regex “PATTERN”:以PATTERN匹配整个文件路径,而非文件名称
范例:
[root@rocky8 ~]# find /etc/ -name *.conf [root@rocky8 ~]# touch a.conf [root@rocky8 ~]# find /etc/ -name *.conf [root@rocky8 ~]# find /etc/ -name "*.conf" #一定要加双引号,不然如果当前目录下有.conf结尾的文件,就找不到了 [root@rocky8 ~]# find /etc/ -regex ".*\.txt$" /etc/pki/nssdb/pkcs11.txt /etc/data2021-10-09_14-26-54/pki/nssdb/pkcs11.txt /etc/data2021-10-09_14-27-19/pki/nssdb/pkcs11.txt #用正则表达式,要全部表示出来 [root@rocky8 ~]# find /etc/ -regex "\.txt$" #如果不写全路径,是搜不出来的
-user USERNAME:查找属主为指定用户(UID)的文件 -group GRPNAME: 查找属组为指定组(GID)的文件 -uid UserID:查找属主为指定的UID号的文件 -gid GroupID:查找属组为指定的GID号的文件 -nouser:查找没有属主的文件 -nogroup:查找没有属组的文件
范例:
[root@rocky8 ~]# find /home -nouser [root@rocky8 ~]# useradd tom [root@rocky8 ~]# ll /home total 0 drwx------ 2 raymond raymond 62 Oct 11 13:53 raymond drwx------ 2 tom tom 62 Oct 11 13:53 tom [root@rocky8 ~]# userdel tom [root@rocky8 ~]# ll /home total 0 drwx------ 2 raymond raymond 62 Oct 11 13:53 raymond drwx------ 2 1001 1001 62 Oct 11 13:53 tom [root@rocky8 ~]# find /home -nouser /home/tom /home/tom/.bash_logout /home/tom/.bash_profile /home/tom/.bashrc [root@rocky8 ~]# find /home -nogroup /home/tom /home/tom/.bash_logout /home/tom/.bash_profile /home/tom/.bashrc [root@rocky8 ~]# useradd -u 1001 jack [root@rocky8 ~]# find /home -nouser [root@rocky8 ~]# ll /home total 0 drwx------ 2 jack jack 62 Oct 11 13:55 jack drwx------ 2 raymond raymond 62 Oct 11 13:53 raymond drwx------ 2 jack jack 62 Oct 11 13:53 tom #系统是根据ID来判断身份的 [root@rocky8 ~]# id jack uid=1001(jack) gid=1001(jack) groups=1001(jack)
-type TYPE TYPE可以是以下形式: f: 普通文件 d: 目录文件 l: 符号链接文件 s:套接字文件 b: 块设备文件 c: 字符设备文件 p: 管道文件
范例:
[root@rocky8 ~]# find / -type s /run/vmware/guestServicePipe /run/dbus/system_bus_socket /run/.heim_org.h5l.kcm-socket /run/user/0/bus /run/user/0/systemd/private /run/user/0/systemd/notify /run/udev/control /run/systemd/coredump /run/systemd/private /run/systemd/journal/dev-log /run/systemd/journal/socket /run/systemd/journal/stdout /run/systemd/cgroups-agent /run/systemd/notify /run/systemd/inaccessible/sock /var/lib/sss/pipes/private/sbus-monitor /var/lib/sss/pipes/private/sbus-dp_implicit_files.778 /var/lib/sss/pipes/nss [root@rocky8 ~]# find / -type s -ls 25848 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/vmware/guestServicePipe 24295 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/dbus/system_bus_socket 24291 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/.heim_org.h5l.kcm-socket 28702 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/user/0/bus 28695 0 srwxr-xr-x 1 root root 0 Oct 11 13:47 /run/user/0/systemd/private 28691 0 srwxr-xr-x 1 root root 0 Oct 11 13:47 /run/user/0/systemd/notify 22130 0 srw------- 1 root root 0 Oct 11 13:47 /run/udev/control 22127 0 srw------- 1 root root 0 Oct 11 13:47 /run/systemd/coredump 22116 0 srwxrwxrwx 1 root root 0 Oct 11 13:47 /run/systemd/private 13288 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/systemd/journal/dev-log 13170 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/systemd/journal/socket 13167 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/systemd/journal/stdout 13150 0 srwx------ 1 root root 0 Oct 11 13:47 /run/systemd/cgroups-agent 13148 0 srwxrwxrwx 1 root root 0 Oct 11 13:47 /run/systemd/notify 12887 0 s--------- 1 root root 0 Oct 11 13:47 /run/systemd/inaccessible/sock 67632837 0 srw------- 1 root root 0 Oct 11 13:47 /var/lib/sss/pipes/private/sbus-monitor 67632839 0 srw------- 1 root root 0 Oct 11 13:47 /var/lib/sss/pipes/private/sbus-dp_implicit_files.778 505672 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /var/lib/sss/pipes/nss
-empty
范例:
[root@rocky8 ~]# find /data -type d -empty /data
与:-a ,默认多个条件是与关系 或:-o 非:-not !
范例:
[root@rocky8 ~]# find /home -type f -user raymond /home/raymond/.bash_logout /home/raymond/.bash_profile /home/raymond/.bashrc [root@rocky8 ~]# find /home -type f -a -user raymond /home/raymond/.bash_logout /home/raymond/.bash_profile /home/raymond/.bashrc [root@rocky8 ~]# find /home -type f -a -user raymond -ls 202128611 4 -rw-r--r-- 1 raymond raymond 18 Jun 17 07:42 /home/raymond/.bash_logout 202128612 4 -rw-r--r-- 1 raymond raymond 141 Jun 17 07:42 /home/raymond/.bash_profile 202128613 4 -rw-r--r-- 1 raymond raymond 376 Jun 17 07:42 /home/raymond/.bashrc [root@rocky8 ~]# find /home -type f -o -user raymond /home/raymond /home/raymond/.bash_logout /home/raymond/.bash_profile /home/raymond/.bashrc /home/tom/.bash_logout /home/tom/.bash_profile /home/tom/.bashrc /home/jack/.bash_logout /home/jack/.bash_profile /home/jack/.bashrc [root@rocky8 ~]# find /home -type f -o -user raymond -ls 202128610 0 drwx------ 2 raymond raymond 62 Oct 11 13:53 /home/raymond [root@rocky8 ~]# find /home \( -type f -o -user raymond \) -ls 202128610 0 drwx------ 2 raymond raymond 62 Oct 11 13:53 /home/raymond 202128611 4 -rw-r--r-- 1 raymond raymond 18 Jun 17 07:42 /home/raymond/.bash_logout 202128612 4 -rw-r--r-- 1 raymond raymond 141 Jun 17 07:42 /home/raymond/.bash_profile 202128613 4 -rw-r--r-- 1 raymond raymond 376 Jun 17 07:42 /home/raymond/.bashrc 505677 4 -rw-r--r-- 1 jack jack 18 Jun 17 07:42 /home/tom/.bash_logout 505678 4 -rw-r--r-- 1 jack jack 141 Jun 17 07:42 /home/tom/.bash_profile 505679 4 -rw-r--r-- 1 jack jack 376 Jun 17 07:42 /home/tom/.bashrc 67632516 4 -rw-r--r-- 1 jack jack 18 Jun 17 07:42 /home/jack/.bash_logout 67632843 4 -rw-r--r-- 1 jack jack 141 Jun 17 07:42 /home/jack/.bash_profile 67632844 4 -rw-r--r-- 1 jack jack 376 Jun 17 07:42 /home/jack/.bashrc #用()小括号 ,在find 里要用斜线
德·摩根定律:
示例:
!A -a !B = !(A -o B) !A -o !B = !(A -a B)
(非A)或(非B) =非(A且B) 非A :1、4 非B:1、3 结果:1、3、4
非(A且B) 既是A、又是B:2,非(A且B):1、3、4
范例:
[root@rocky8 ~]# find /home ! -user raymond ! -user jack /home [root@rocky8 ~]# find /home ! \( -user raymond -o -user jack \) /home
范例:
[root@rocky8 ~]# find -user jack -group jack [root@rocky8 ~]# find -user jack -not -group jack [root@rocky8 ~]# find -user jack -o -user raymond [root@rocky8 ~]# find -not \( -user jack -o -user raymond \) . ./.bash_logout ./.bash_profile ./.bashrc ./.cshrc ./.tcshrc ./anaconda-screenshots ./anaconda-screenshots/screenshot-0000.png ./anaconda-screenshots/screenshot-0001.png ./anaconda-screenshots/screenshot-0002.png ./anaconda-ks.cfg ./.vimrc ./.bash_history [root@rocky8 ~]# find / -user jack -o -uid 500 find: ‘/proc/1467/task/1467/fd/7’: No such file or directory find: ‘/proc/1467/task/1467/fdinfo/7’: No such file or directory find: ‘/proc/1467/fd/6’: No such file or directory find: ‘/proc/1467/fdinfo/6’: No such file or directory /var/spool/mail/tom /var/spool/mail/jack /home/tom /home/tom/.bash_logout /home/tom/.bash_profile /home/tom/.bashrc /home/jack /home/jack/.bash_logout /home/jack/.bash_profile /home/jack/.bashrc [root@rocky8 ~]# find ! \( -type d -a -empty \)| wc -l 13 [root@rocky8 ~]# find ! -type d -o ! -empty |wc -l 13 [root@rocky8 ~]# find ! -user raymond ! -user jack . ./.bash_logout ./.bash_profile ./.bashrc ./.cshrc ./.tcshrc ./anaconda-screenshots ./anaconda-screenshots/screenshot-0000.png ./anaconda-screenshots/screenshot-0001.png ./anaconda-screenshots/screenshot-0002.png ./anaconda-ks.cfg ./.vimrc ./.bash_history [root@rocky8 ~]# find /home ! \( -user raymond -o -user jack \) /home [root@rocky8 ~]# find ! -user raymond -a ! -user jack . ./.bash_logout ./.bash_profile ./.bashrc ./.cshrc ./.tcshrc ./anaconda-screenshots ./anaconda-screenshots/screenshot-0000.png ./anaconda-screenshots/screenshot-0001.png ./anaconda-screenshots/screenshot-0002.png ./anaconda-ks.cfg ./.vimrc ./.bash_history #找出/tmp目录下,属主不是root,且文件名不以f开头的文件 [root@rocky8 ~]# find /tmp \( -not -user root -a -not -name 'f*' \) -ls [root@rocky8 ~]# find /tmp -not \( -user root -o -name 'f*' \) –ls find: paths must precede expression: –ls Usage: find [-H] [-L] [-P] [-Olevel] [-D help|tree|search|stat|rates|opt|exec] [path...] [expression]
范例:
#查找/etc/下,除/etc/security目录的其它所有.conf后缀的文件 [root@rocky8 ~]# find /etc -path '/etc/security' -a -prune -o -name "*.conf" /etc/resolv.conf /etc/dnf/protected.d/setup.conf /etc/dnf/protected.d/dnf.conf /etc/dnf/protected.d/systemd.conf /etc/dnf/protected.d/yum.conf /etc/dnf/protected.d/sudo.conf /etc/dnf/dnf.conf /etc/dnf/plugins/copr.conf /etc/dnf/plugins/debuginfo-install.conf /etc/pki/ca-trust/ca-legacy.conf /etc/security /etc/depmod.d/dist.conf /etc/selinux/semanage.conf /etc/selinux/targeted/setrans.conf /etc/plymouth/plymouthd.conf /etc/dracut.conf /etc/sysctl.conf /etc/host.conf /etc/systemd/coredump.conf /etc/systemd/journald.conf /etc/systemd/logind.conf /etc/systemd/resolved.conf /etc/systemd/system.conf /etc/systemd/user.conf /etc/sysctl.d/99-sysctl.conf /etc/tcsd.conf /etc/X11/xorg.conf.d/00-keyboard.conf /etc/sysconfig/nftables.conf /etc/ld.so.conf /etc/ld.so.conf.d/kernel-4.18.0-305.3.1.el8_4.x86_64.conf /etc/nsswitch.conf /etc/idmapd.conf /etc/gcrypt/random.conf /etc/NetworkManager/NetworkManager.conf /etc/sestatus.conf /etc/ssh/ssh_config.d/05-redhat.conf /etc/logrotate.conf /etc/libaudit.conf /etc/xattr.conf /etc/libreport/events.d/collect_dnf.conf /etc/authselect/user-nsswitch.conf /etc/fuse.conf /etc/dbus-1/session.conf /etc/dbus-1/system.conf /etc/dbus-1/system.d/nm-dispatcher.conf /etc/dbus-1/system.d/nm-ifcfg-rh.conf /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf /etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf /etc/dbus-1/system.d/teamd.conf /etc/dbus-1/system.d/com.redhat.tuned.conf /etc/sasl2/smtpd.conf /etc/prelink.conf.d/grub2.conf /etc/rdma/modules/infiniband.conf /etc/rdma/modules/iwarp.conf /etc/rdma/modules/opa.conf /etc/rdma/modules/rdma.conf /etc/rdma/modules/roce.conf /etc/rdma/mlx4.conf /etc/udev/udev.conf /etc/modprobe.d/mlx4.conf /etc/modprobe.d/truescale.conf /etc/modprobe.d/firewalld-sysctls.conf /etc/modprobe.d/tuned.conf /etc/openldap/ldap.conf /etc/libuser.conf /etc/krb5.conf /etc/firewalld/firewalld.conf /etc/tuned/tuned-main.conf /etc/yum.conf /etc/vmware-tools/vgauth.conf /etc/kdump.conf /etc/audit/auditd.conf /etc/audit/plugins.d/af_unix.conf /etc/rsyslog.conf /etc/sudo-ldap.conf /etc/sudo.conf /etc/mke2fs.conf /etc/man_db.conf /etc/locale.conf /etc/vconsole.conf #查找/etc/下,除/etc/security和/etc/systemd两个目录的所有.conf后缀的文件 [root@rocky8 ~]# find /etc \( -path "/etc/security" -o -path "/etc/systemd" \) -a -prune -o -name "*.conf" /etc/resolv.conf /etc/dnf/protected.d/setup.conf /etc/dnf/protected.d/dnf.conf /etc/dnf/protected.d/systemd.conf /etc/dnf/protected.d/yum.conf /etc/dnf/protected.d/sudo.conf /etc/dnf/dnf.conf /etc/dnf/plugins/copr.conf /etc/dnf/plugins/debuginfo-install.conf /etc/pki/ca-trust/ca-legacy.conf /etc/security /etc/depmod.d/dist.conf /etc/selinux/semanage.conf /etc/selinux/targeted/setrans.conf /etc/plymouth/plymouthd.conf /etc/dracut.conf /etc/sysctl.conf /etc/host.conf /etc/systemd /etc/sysctl.d/99-sysctl.conf /etc/tcsd.conf /etc/X11/xorg.conf.d/00-keyboard.conf /etc/sysconfig/nftables.conf /etc/ld.so.conf /etc/ld.so.conf.d/kernel-4.18.0-305.3.1.el8_4.x86_64.conf /etc/nsswitch.conf /etc/idmapd.conf /etc/gcrypt/random.conf /etc/NetworkManager/NetworkManager.conf /etc/sestatus.conf /etc/ssh/ssh_config.d/05-redhat.conf /etc/logrotate.conf /etc/libaudit.conf /etc/xattr.conf /etc/libreport/events.d/collect_dnf.conf /etc/authselect/user-nsswitch.conf /etc/fuse.conf /etc/dbus-1/session.conf /etc/dbus-1/system.conf /etc/dbus-1/system.d/nm-dispatcher.conf /etc/dbus-1/system.d/nm-ifcfg-rh.conf /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf /etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf /etc/dbus-1/system.d/teamd.conf /etc/dbus-1/system.d/com.redhat.tuned.conf /etc/sasl2/smtpd.conf /etc/prelink.conf.d/grub2.conf /etc/rdma/modules/infiniband.conf /etc/rdma/modules/iwarp.conf /etc/rdma/modules/opa.conf /etc/rdma/modules/rdma.conf /etc/rdma/modules/roce.conf /etc/rdma/mlx4.conf /etc/udev/udev.conf /etc/modprobe.d/mlx4.conf /etc/modprobe.d/truescale.conf /etc/modprobe.d/firewalld-sysctls.conf /etc/modprobe.d/tuned.conf /etc/openldap/ldap.conf /etc/libuser.conf /etc/krb5.conf /etc/firewalld/firewalld.conf /etc/tuned/tuned-main.conf /etc/yum.conf /etc/vmware-tools/vgauth.conf /etc/kdump.conf /etc/audit/auditd.conf /etc/audit/plugins.d/af_unix.conf /etc/rsyslog.conf /etc/sudo-ldap.conf /etc/sudo.conf /etc/mke2fs.conf /etc/man_db.conf /etc/locale.conf [root@rocky8 ~]# find /etc -name "*.conf" /etc/resolv.conf /etc/dnf/protected.d/setup.conf /etc/dnf/protected.d/dnf.conf /etc/dnf/protected.d/systemd.conf /etc/dnf/protected.d/yum.conf /etc/dnf/protected.d/sudo.conf /etc/dnf/dnf.conf /etc/dnf/plugins/copr.conf /etc/dnf/plugins/debuginfo-install.conf /etc/pki/ca-trust/ca-legacy.conf /etc/security/pwquality.conf /etc/security/access.conf /etc/security/chroot.conf /etc/security/faillock.conf /etc/security/group.conf /etc/security/limits.conf /etc/security/namespace.conf /etc/security/pam_env.conf /etc/security/sepermit.conf /etc/security/time.conf /etc/depmod.d/dist.conf /etc/selinux/semanage.conf /etc/selinux/targeted/setrans.conf /etc/plymouth/plymouthd.conf /etc/dracut.conf /etc/sysctl.conf /etc/host.conf /etc/systemd/coredump.conf /etc/systemd/journald.conf /etc/systemd/logind.conf /etc/systemd/resolved.conf /etc/systemd/system.conf /etc/systemd/user.conf /etc/sysctl.d/99-sysctl.conf /etc/tcsd.conf /etc/X11/xorg.conf.d/00-keyboard.conf /etc/sysconfig/nftables.conf /etc/ld.so.conf /etc/ld.so.conf.d/kernel-4.18.0-305.3.1.el8_4.x86_64.conf /etc/nsswitch.conf /etc/idmapd.conf /etc/gcrypt/random.conf /etc/NetworkManager/NetworkManager.conf /etc/sestatus.conf /etc/ssh/ssh_config.d/05-redhat.conf /etc/logrotate.conf /etc/libaudit.conf /etc/xattr.conf /etc/libreport/events.d/collect_dnf.conf /etc/authselect/user-nsswitch.conf /etc/fuse.conf /etc/dbus-1/session.conf /etc/dbus-1/system.conf /etc/dbus-1/system.d/nm-dispatcher.conf /etc/dbus-1/system.d/nm-ifcfg-rh.conf /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf /etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf /etc/dbus-1/system.d/teamd.conf /etc/dbus-1/system.d/com.redhat.tuned.conf /etc/sasl2/smtpd.conf /etc/prelink.conf.d/grub2.conf /etc/rdma/modules/infiniband.conf /etc/rdma/modules/iwarp.conf /etc/rdma/modules/opa.conf /etc/rdma/modules/rdma.conf /etc/rdma/modules/roce.conf /etc/rdma/mlx4.conf /etc/udev/udev.conf /etc/modprobe.d/mlx4.conf /etc/modprobe.d/truescale.conf /etc/modprobe.d/firewalld-sysctls.conf /etc/modprobe.d/tuned.conf /etc/openldap/ldap.conf /etc/libuser.conf /etc/krb5.conf /etc/firewalld/firewalld.conf /etc/tuned/tuned-main.conf /etc/yum.conf /etc/vmware-tools/vgauth.conf /etc/kdump.conf /etc/audit/auditd.conf /etc/audit/plugins.d/af_unix.conf /etc/rsyslog.conf /etc/sudo-ldap.conf /etc/sudo.conf /etc/mke2fs.conf /etc/man_db.conf /etc/locale.conf /etc/vconsole.conf #排除/proc和/sys目录 [root@rocky8 ~]# find / \( -path "/sys" -o -path "/proc" \) -a -prune -o -type f -a -mmin -1 /proc /sys
-size [+|-]#UNIT 常用单位:k, M, G,c(byte),注意大小写敏感 #UNIT: (#-1, #] 如:6k 表示(5k,6k] -#UNIT:[0,#-1] 如:-6k 表示[0,5k] +#UNIT:(#,∞) 如:+6k 表示(6k,∞)
范例:
[root@rocky8 ~]# find / -size 10G #是9-10G [root@rocky8 ~]# find / -size -10G #是0-9G [root@rocky8 ~]# find / -size +10G #是10G以上
#以“天”为单位 -atime [+|-]# -mtime -ctime #: [#,#+1) -#: [0,#) +#: [#+1,∞] -mtime 10 -mtime -10 -mtime +10 #以“分钟”为单位 -amin -mmin -cmin
范例:
[root@rocky8 ~]# find / -mtime 10 #是10-11天 [root@rocky8 ~]# find / -mtime -10 #是0-10天 [root@rocky8 ~]# find / -mtime +10 #是11天以上
-perm [/|-]MODE MODE: 精确权限匹配 /MODE:任何一类(u,g,o)对象的权限中只要能一位匹配即可,或关系,+ 从CentOS 7开始淘汰 -MODE:每一类对象都必须同时拥有指定权限,与关系 0 表示不关注
说明:
find -perm 755 会匹配权限模式恰好是755的文件
只要当任意人有写权限时,find -perm /222就会匹配
只有当每个人都有写权限时,find -perm -222才会匹配
只有当其它人(other)有写权限时,find -perm -002才会匹配
范例:
find -perm /222 这里的/ 斜线代表 或的关系, u、g、o 三个只要一个人有w权限就可以 find -perm -222 - 代表并且,就是都有的意思,表示u、g、o ,三个都要有w 权限 [root@rocky8 ~]# find /etc -perm -222 [root@rocky8 ~]# find /etc -perm -222 -ls [root@rocky8 ~]# find /etc -perm -022 -ls #0表示不关心 [root@rocky8 ~]# find /etc -perm -002 [root@rocky8 ~]# find /etc -perm /002 #上面两个命令执行结果是一样的
-print:默认的处理动作,显示至屏幕 -ls:类似于对查找到的文件执行"ls -dils"命令格式输出 -fls file:查找到的所有文件的长格式信息保存至指定文件中,相当于 -ls > file -delete:删除查找到的文件,慎用! -ok COMMAND {} \; 对查找到的每个文件执行由COMMAND指定的命令,对于每个文件执行命令之前,都会交互式要求用户确认 -exec COMMAND {} \; 对查找到的每个文件执行由COMMAND指定的命令 {}: 用于引用查找到的文件名称自身
范例:
[root@rocky8 ~]# touch {a..c}.txt [root@rocky8 ~]# ls *.txt a.txt b.txt c.txt [root@rocky8 ~]# find -name "*.txt" -delete [root@rocky8 ~]# ls *.txt ls: cannot access '*.txt': No such file or directory #-delete 找到文件直接删除 [root@rocky8 ~]# touch {a..z}.txt [root@rocky8 ~]# ls *.txt a.txt c.txt e.txt g.txt i.txt k.txt m.txt o.txt q.txt s.txt u.txt w.txt y.txt b.txt d.txt f.txt h.txt j.txt l.txt n.txt p.txt r.txt t.txt v.txt x.txt z.txt [root@rocky8 ~]# find -name "*.txt" -ok mv {} /opt \; < mv ... ./a.txt > ? y < mv ... ./b.txt > ? y < mv ... ./c.txt > ? < mv ... ./d.txt > ? < mv ... ./e.txt > ? ^C #-ok 会询问 [root@rocky8 ~]# ls /opt a.txt b.txt [root@rocky8 ~]# find -name "*.txt" -exec mv {} /opt \; [root@rocky8 ~]# ls /opt a.txt c.txt e.txt g.txt i.txt k.txt m.txt o.txt q.txt s.txt u.txt w.txt y.txt b.txt d.txt f.txt h.txt j.txt l.txt n.txt p.txt r.txt t.txt v.txt x.txt z.tx #-exec 直接处理 [root@rocky8 ~]# find /opt -name "*.txt" -exec rm {} \; [root@rocky8 ~]# ls /opt #加rm 会直接删除,很危险,小心使用
范例:
#备份配置文件,添加.orig这个扩展名 [root@rocky8 ~]# find -name ".conf" -exec cp {} {}.orig \; #提示删除存在时间超过3天以上的jack的临时文件 [root@rocky8 ~]# find /tmp -ctime +3 -user jack -ok rm {} \; #在主目录中寻找可被其它用户写入的文件 [root@rocky8 ~]# find ~ -perm -002 -exec chmod o-w {} \; #查找/data下的权限为644,后缀为sh的普通文件,增加执行权限 [root@rocky8 ~]# find /data –type f -perm 644 -name "*.sh" –exec chmod 755 {} \;
由于很多命令不支持管道|来传递参数,xargs用于产生某个命令的参数,xargs 可以读入 stdin 的数据,并且以空格符或回车符将 stdin 的数据分隔成为参数,另外,许多命令不能接受过多参数,命令执行可能会失败,xargs 可以解决
注意:文件名或者是其他意义的名词内含有空格符的情况
find 经常和 xargs 命令进行组合,形式如下:
find | xargs COMMAND
范例::
[root@rocky8 ~]# echo {a..z} a b c d e f g h i j k l m n o p q r s t u v w x y z [root@rocky8 ~]# echo {a..z} |xargs echo a b c d e f g h i j k l m n o p q r s t u v w x y z [root@rocky8 ~]# cd /opt;echo {a..z}.txt |xargs touch [root@rocky8 opt]# ls a.txt c.txt e.txt g.txt i.txt k.txt m.txt o.txt q.txt s.txt u.txt w.txt y.txt b.txt d.txt f.txt h.txt j.txt l.txt n.txt p.txt r.txt t.txt v.txt x.txt z.txt #xargs 把前一个命令的结果 接收,传给后一个命令当输入 [root@rocky8 opt]# rm -f * [root@rocky8 opt]# ls [root@rocky8 opt]# echo {a..z} |xargs -n1 echo a b c d e f g h i j k l m n o p q r s t u v w x y z #-n1 一个传一个参数 [root@rocky8 opt]# echo {a..z} |xargs -n2 echo a b c d e f g h i j k l m n o p q r s t u v w x y z [root@rocky8 opt]# echo {a..z} |xargs -n3 echo a b c d e f g h i j k l m n o p q r s t u v w x y z [root@rocky8 opt]# echo user{1..100} | xargs -n1 useradd #批量创建100个账户 [root@rocky8 opt]# echo user{1..100} | xargs -n 1 userdel -r #批量删除100个账户
范例:
[root@rocky8 opt]# xargs 1 2 3 1 2 3 [root@rocky8 opt]# xargs echo 1 2 3 1 2 3 #显示10个数字 [root@rocky8 opt]# seq 10 | xargs 1 2 3 4 5 6 7 8 9 10 #删除当前目录下的大量文件 [root@rocky8 opt]# ls | xargs rm #对文件排序显示 [root@rocky8 opt]# find -name "*.sh" | xargs ls -Sl #这个命令是错误的 [root@rocky8 opt]# find /sbin/ -perm /700 | ls -l #查找有特殊权限的文件,并排序 [root@rocky8 opt]# find /bin/ -perm /7000 | xargs ls -Sl ---s--x--x. 1 root root 165632 May 19 11:01 /bin/sudo -rwsr-xr-x. 1 root root 84368 May 19 11:02 /bin/gpasswd -rwsr-xr-x. 1 root root 79616 May 19 11:02 /bin/chage -rwsr-xr-x. 1 root root 63368 Mar 15 2021 /bin/crontab -rwsr-xr-x. 1 root root 58768 Apr 12 08:29 /bin/at -rwsr-xr-x. 1 root root 50584 May 19 11:01 /bin/mount -rwsr-xr-x. 1 root root 50464 May 19 11:01 /bin/su -rwsr-xr-x. 1 root root 43560 May 19 11:02 /bin/newgrp -rwsr-xr-x. 1 root root 37720 Apr 12 09:30 /bin/fusermount -rws--x--x. 1 root root 33944 May 19 11:01 /bin/chfn -rwsr-xr-x. 1 root root 33776 May 19 11:01 /bin/umount -rwsr-xr-x. 1 root root 33544 Mar 15 2021 /bin/passwd -rwsr-xr-x. 1 root root 28976 Jun 11 08:16 /bin/pkexec -rws--x--x. 1 root root 25552 May 19 11:01 /bin/chsh -rwxr-sr-x. 1 root tty 21368 May 19 11:01 /bin/write #此命令和上面有何区别? [root@rocky8 opt]# find /bin/ -perm -7000 | xargs ls -Sl #以字符nul分隔 [root@rocky8 ~]# touch "a b.txt" [root@rocky8 ~]# ls *.txt 'a b.txt' [root@rocky8 ~]# find -name "*.txt" |xargs rm rm: cannot remove './a': No such file or directory rm: cannot remove 'b.txt': No such file or directory [root@rocky8 ~]# find -name "*.txt" -print0 |xargs -0 rm [root@rocky8 ~]# ls *.txt ls: cannot access '*.txt': No such file or directory #并发执行多个进程 [root@rocky8 opt]# seq 100 | xargs -i -P10 wget -P /data http://172.31.1.8/{}.html
1、查找/var目录下属主为root,且属组为mail的所有文件
2、查找/var目录下不属于root、lp、gdm的所有文件
3、查找/var目录下最近一周内其内容修改过,同时属主不为root,也不是postfix的文件
4、查找当前系统上没有属主或属组,且最近一个周内曾被访问过的文件
5、查找/etc目录下大于1M且类型为普通文件的所有文件
6、查找/etc目录下所有用户都没有写权限的文件
7、查找/etc目录下至少有一类用户没有执行权限的文件
8、查找/etc/init.d目录下,所有用户都有执行权限,且其它用户有写权限的文件