Page tree
Skip to end of metadata
Go to start of metadata


Do wyszukiwania plików i katalogów w podkatalogach z wykorzystaniem wielu kryteriów niezawodnym narzędziem jest find.

nazwa kryteriumopis
namenazwa pliku
inamenazwa pliku z ignorowaniem wielkości liter
groupprzypisana grupa
linksliczba linków do pliku
permprawa dostępu
typetyp pliku (plik zwykły, katalog, urządzenie znakowe itp.)
maxdepthgłębokość poszukiwań (liczba przeszukiwanych poziomów podkatalogów)


Znajdź w katalogu /etc wszystkie pliki i katalogi, które kończą się frazą „.conf”:

find /etc -name '*.conf'

Znajdź w katalogu /home pliki, które należą do użytkownika o loginie monika:

find /home -user monika

Znajdź w katalogu /home wszystkie pliki i katalogi, których właścicielem grupą jest grupa „wscibscy”:

find /home -group wscibscy

Znajdź w katalogu /etc wszystkie pliki i katalogi, które mają więcej niż 5 dowiązań symbolicznych:

find /etc -links +5

Znajdź w katalogu /etc pliki i katalogi, do których pełny dostęp mają tylko właściciele tych plików:

find /etc -perm 700

Znajdź w systemie pliki, które zajmują ponad 10MB:

find / -size +10M

Znajdź w katalogu /etc wszystkie katalogi (ang. directory):

find /etc -type d

Znajdź w katalogu /etc pliki (nie katalogi), których nazwy zaczynają się małą literą „x”:

find /etc -type f -name 'x*'

Znajdź w katalogu /etc pliki lub katalogi, których nazwy zaczynają się frazą „conf”. Ogranicz przeszukiwanie do jednego poziomu (nie przeszukuj podkatalogów znajdujących się w /etc):

find /etc -name '*conf' -maxdepth 1

Znajdź w katalogu /etc pliki lub katalogi, które zaczynają się frazą „ftp” LUB frazą „ly” (lub – ang. or):

find /etc -name 'ftp*' -or -name 'ly*'

Znajdź stare pliki z katalogu /var/log, które modyfikowane były ponad rok temu i skasuj je

find /var/log -type f -mtime +365 -delete

Znajdź pliki w całym systemie, których rozmiar przekracza 100MB; wszystkie znalezione pliki wyświetl tak, aby był widocznych ich rozmiar i uprawnienia; nie wyświetlaj błędów komendy find na ekranie:

find / -type f -size +3M -exec ls -lh {} \; 2> /dev/null

Przykłady z oficjalnej dokumentacji

man find - EXAMPLES
       find /tmp -name core -type f -print | xargs /bin/rm -f

       Find files named core in or below the directory /tmp and delete them.  Note that this will work incorrectly if  there
       are any filenames containing newlines, single or double quotes, or spaces.

       find /tmp -name core -type f -print0 | xargs -0 /bin/rm -f

       Find files named core in or below the directory /tmp and delete them, processing filenames in such a way that file or
       directory names containing single or double quotes, spaces or newlines are correctly handled.  The -name  test  comes
       before the -type test in order to avoid having to call stat(2) on every file.

       find . -type f -exec file '{}' \;

       Runs  `file'  on  every  file in or below the current directory.  Notice that the braces are enclosed in single quote
       marks to protect them from interpretation as shell script punctuation.  The semicolon is similarly protected  by  the
       use of a backslash, though single quotes could have been used in that case also.

       find / \
       \( -perm -4000 -fprintf /root/suid.txt %#m %u %p\n \) , \
       \( -size +100M -fprintf /root/big.txt %-10s %p\n \)

       Traverse  the  filesystem  just  once,  listing setuid files and directories into /root/suid.txt and large files into

       find $HOME -mtime 0

       Search for files in your home directory which have been modified in the last twenty-four hours.  This  command  works
       this  way  because  the time since each file was last modified is divided by 24 hours and any remainder is discarded.
       That means that to match -mtime 0, a file will have to have a modification in the past which is less  than  24  hours

       find /sbin /usr/sbin -executable \! -readable -print

       Search for files which are executable but not readable.

       find . -perm 664

       Search  for files which have read and write permission for their owner, and group, but which other users can read but
       not write to.  Files which meet these criteria but have other permissions bits set (for example if someone  can  exe‐
       cute the file) will not be matched.

       find . -perm -664

       Search  for  files  which  have  read and write permission for their owner and group, and which other users can read,
       without regard to the presence of any extra permission bits (for example the executable bit).  This will match a file
       which has mode 0777, for example.

       find . -perm /222

       Search for files which are writable by somebody (their owner, or their group, or anybody else).

       find . -perm /220
       find . -perm /u+w,g+w
       find . -perm /u=w,g=w

       All  three of these commands do the same thing, but the first one uses the octal representation of the file mode, and
       the other two use the symbolic form.  These commands all search for files which are writable by either their owner or
       their group.  The files don't have to be writable by both the owner and group to be matched; either will do.

       find . -perm -220
       find . -perm -g+w,u+w

       Both these commands do the same thing; search for files which are writable by both their owner and their group.

       find . -perm -444 -perm /222 ! -perm /111
       find . -perm -a+r -perm /a+w ! -perm /a+x

       These  two  commands both search for files that are readable for everybody ( -perm -444 or -perm -a+r), have at least
       one write bit set ( -perm /222 or -perm /a+w) but are not executable for anybody ( ! -perm  /111  and  !  -perm  /a+x

       cd /source-dir
       find . -name .snapshot -prune -o \( \! -name *~ -print0 \)|
       cpio -pmd0 /dest-dir

       This  command  copies  the contents of /source-dir to /dest-dir, but omits files and directories named .snapshot (and
       anything in them).  It also omits files or directories whose name ends in ~, but not their contents.   The  construct
       -prune -o \( ... -print0 \) is quite common.  The idea here is that the expression before -prune matches things which
       are to be pruned.  However, the -prune action itself returns true, so the following -o ensures that  the  right  hand
       side  is evaluated only for those directories which didn't get pruned (the contents of the pruned directories are not
       even visited, so their contents are irrelevant).  The expression on the right hand side of the -o is  in  parentheses
       only  for clarity.  It emphasises that the -print0 action takes place only for things that didn't have -prune applied
       to them.  Because the default `and' condition between tests binds more tightly than -o, this is the  default  anyway,
       but the parentheses help to show what is going on.

       find repo/ -exec test -d {}/.svn -o -d {}/.git -o -d {}/CVS ; \
       -print -prune

       Given  the  following directory of projects and their associated SCM administrative directories, perform an efficient
       search for the projects' roots:


       In this example, -prune prevents unnecessary descent into directories that have already been discovered (for  example
       we  do not search project3/src because we already found project3/.svn), but ensures sibling directories (project2 and
       project3) are found.

Patrz także

TODO na tej stronie

Write a comment…