标签:23 etc 查找 usr conf Linux txt root rocky8
1.文件查找
在文件系统上查找符合条件的文件
文件查找:locate, find
- 非实时查找(数据库查找):locate
- 实时查找:find
1.1 locate
locate 查询系统上预建的文件索引数据库 /var/lib/mlocate/mlocate.db
索引的构建是在系统较为空闲时自动进行(周期性任务),执行updatedb可以更新数据库
索引构建过程需要遍历整个根文件系统,很消耗资源
来自于mlocate包
工作特点:
- 查找速度快
- 模糊查找
- 非实时查找
- 搜索的是文件的全路径,不仅仅是文件名
- 可能只搜索用户具备读取和执行权限的目录
格式:
locate [OPTION]... [PATTERN]...
常用选项
-i 不区分大小写的搜索
-n N 只列举前N个匹配项目
-r 使用基本正则表达式
范例: locatedb创建数据库
[root@rocky8 ~]# locate passwd
-bash: locate: command not found
[root@rocky8 ~]# dnf provides locate
Last metadata expiration check: 18:19:06 ago on Sun 10 Oct 2021 06:59:53 PM CST.
mlocate-0.26-20.el8.x86_64 : An utility for finding files by name
Repo : BaseOS
Matched from:
Filename : /usr/bin/locate
[root@rocky8 ~]# dnf -y install mlocate
[root@rocky8 ~]# locate passwd
locate: can not stat () `/var/lib/mlocate/mlocate.db': No such file or directory
[root@rocky8 ~]# ll /var/lib/mlocate/mlocate.db
ls: cannot access '/var/lib/mlocate/mlocate.db': No such file or directory
[root@rocky8 ~]# updatedb
[root@rocky8 ~]# ll /var/lib/mlocate/mlocate.db
-rw-r----- 1 root slocate 1039430 Oct 11 13:20 /var/lib/mlocate/mlocate.db
[root@rocky8 ~]# locate passwd
/etc/passwd
/etc/passwd-
/etc/data2021-10-09_14-26-54/passwd
/etc/data2021-10-09_14-26-54/passwd-
/etc/data2021-10-09_14-26-54/pam.d/passwd
/etc/data2021-10-09_14-26-54/security/opasswd
/etc/data2021-10-09_14-27-19/security/opasswd
/etc/pam.d/passwd
/etc/security/opasswd
/usr/bin/gpasswd
/usr/bin/grub2-mkpasswd-pbkdf2
/usr/bin/htpasswd
/usr/bin/passwd
/usr/lib/firewalld/services/kpasswd.xml
/usr/lib64/security/pam_unix_passwd.so
/usr/sbin/chgpasswd
/usr/sbin/chpasswd
/usr/sbin/lpasswd
/usr/sbin/saslpasswd2
/usr/share/awk/passwd.awk
/usr/share/doc/passwd
/usr/share/doc/passwd/AUTHORS
/usr/share/doc/passwd/ChangeLog
/usr/share/doc/passwd/NEWS
/usr/share/licenses/passwd
/usr/share/licenses/passwd/COPYING
/usr/share/locale/ar/LC_MESSAGES/passwd.mo
/usr/share/locale/as/LC_MESSAGES/passwd.mo
/usr/share/locale/ast/LC_MESSAGES/passwd.mo
/usr/share/locale/bg/LC_MESSAGES/passwd.mo
/usr/share/locale/bn/LC_MESSAGES/passwd.mo
/usr/share/locale/bn_IN/LC_MESSAGES/passwd.mo
/usr/share/locale/bs/LC_MESSAGES/passwd.mo
/usr/share/locale/ca/LC_MESSAGES/passwd.mo
/usr/share/locale/cs/LC_MESSAGES/passwd.mo
/usr/share/locale/cy/LC_MESSAGES/passwd.mo
/usr/share/locale/da/LC_MESSAGES/passwd.mo
/usr/share/locale/de/LC_MESSAGES/passwd.mo
/usr/share/locale/el/LC_MESSAGES/passwd.mo
/usr/share/locale/en_GB/LC_MESSAGES/passwd.mo
/usr/share/locale/es/LC_MESSAGES/passwd.mo
/usr/share/locale/et/LC_MESSAGES/passwd.mo
/usr/share/locale/eu/LC_MESSAGES/passwd.mo
/usr/share/locale/fa/LC_MESSAGES/passwd.mo
/usr/share/locale/fi/LC_MESSAGES/passwd.mo
/usr/share/locale/fr/LC_MESSAGES/passwd.mo
/usr/share/locale/gl/LC_MESSAGES/passwd.mo
/usr/share/locale/gu/LC_MESSAGES/passwd.mo
/usr/share/locale/he/LC_MESSAGES/passwd.mo
/usr/share/locale/hi/LC_MESSAGES/passwd.mo
/usr/share/locale/hr/LC_MESSAGES/passwd.mo
/usr/share/locale/hu/LC_MESSAGES/passwd.mo
/usr/share/locale/hy/LC_MESSAGES/passwd.mo
/usr/share/locale/id/LC_MESSAGES/passwd.mo
/usr/share/locale/is/LC_MESSAGES/passwd.mo
/usr/share/locale/it/LC_MESSAGES/passwd.mo
/usr/share/locale/ja/LC_MESSAGES/passwd.mo
/usr/share/locale/ka/LC_MESSAGES/passwd.mo
/usr/share/locale/kn/LC_MESSAGES/passwd.mo
/usr/share/locale/ko/LC_MESSAGES/passwd.mo
/usr/share/locale/ku/LC_MESSAGES/passwd.mo
/usr/share/locale/lo/LC_MESSAGES/passwd.mo
/usr/share/locale/mk/LC_MESSAGES/passwd.mo
/usr/share/locale/ml/LC_MESSAGES/passwd.mo
/usr/share/locale/mr/LC_MESSAGES/passwd.mo
/usr/share/locale/ms/LC_MESSAGES/passwd.mo
/usr/share/locale/my/LC_MESSAGES/passwd.mo
/usr/share/locale/nb/LC_MESSAGES/passwd.mo
/usr/share/locale/nds/LC_MESSAGES/passwd.mo
/usr/share/locale/nl/LC_MESSAGES/passwd.mo
/usr/share/locale/nn/LC_MESSAGES/passwd.mo
/usr/share/locale/or/LC_MESSAGES/passwd.mo
/usr/share/locale/pa/LC_MESSAGES/passwd.mo
/usr/share/locale/pl/LC_MESSAGES/passwd.mo
/usr/share/locale/pt/LC_MESSAGES/passwd.mo
/usr/share/locale/pt_BR/LC_MESSAGES/passwd.mo
/usr/share/locale/ro/LC_MESSAGES/passwd.mo
/usr/share/locale/ru/LC_MESSAGES/passwd.mo
/usr/share/locale/si/LC_MESSAGES/passwd.mo
/usr/share/locale/sk/LC_MESSAGES/passwd.mo
/usr/share/locale/sl/LC_MESSAGES/passwd.mo
/usr/share/locale/sq/LC_MESSAGES/passwd.mo
/usr/share/locale/sr/LC_MESSAGES/passwd.mo
/usr/share/locale/sr@latin/LC_MESSAGES/passwd.mo
/usr/share/locale/sv/LC_MESSAGES/passwd.mo
/usr/share/locale/ta/LC_MESSAGES/passwd.mo
/usr/share/locale/te/LC_MESSAGES/passwd.mo
/usr/share/locale/tr/LC_MESSAGES/passwd.mo
/usr/share/locale/uk/LC_MESSAGES/passwd.mo
/usr/share/locale/ur/LC_MESSAGES/passwd.mo
/usr/share/locale/vi/LC_MESSAGES/passwd.mo
/usr/share/locale/wa/LC_MESSAGES/passwd.mo
/usr/share/locale/zh_CN/LC_MESSAGES/passwd.mo
/usr/share/locale/zh_TW/LC_MESSAGES/passwd.mo
/usr/share/man/cs/man1/gpasswd.1.gz
/usr/share/man/de/man1/gpasswd.1.gz
/usr/share/man/de/man8/chgpasswd.8.gz
/usr/share/man/de/man8/chpasswd.8.gz
/usr/share/man/fr/man1/gpasswd.1.gz
/usr/share/man/fr/man8/chgpasswd.8.gz
/usr/share/man/fr/man8/chpasswd.8.gz
/usr/share/man/hu/man1/gpasswd.1.gz
/usr/share/man/it/man1/gpasswd.1.gz
/usr/share/man/it/man8/chgpasswd.8.gz
/usr/share/man/it/man8/chpasswd.8.gz
/usr/share/man/ja/man1/gpasswd.1.gz
/usr/share/man/ja/man1/passwd.1.gz
/usr/share/man/ja/man8/chpasswd.8.gz
/usr/share/man/man1/gpasswd.1.gz
/usr/share/man/man1/grub2-mkpasswd-pbkdf2.1.gz
/usr/share/man/man1/htpasswd.1.gz
/usr/share/man/man1/lpasswd.1.gz
/usr/share/man/man1/openssl-passwd.1ssl.gz
/usr/share/man/man1/passwd.1.gz
/usr/share/man/man1/sslpasswd.1ssl.gz
/usr/share/man/man8/chgpasswd.8.gz
/usr/share/man/man8/chpasswd.8.gz
/usr/share/man/pt_BR/man1/gpasswd.1.gz
/usr/share/man/ru/man1/gpasswd.1.gz
/usr/share/man/ru/man8/chgpasswd.8.gz
/usr/share/man/ru/man8/chpasswd.8.gz
/usr/share/man/zh_CN/man1/gpasswd.1.gz
/usr/share/man/zh_CN/man8/chgpasswd.8.gz
/usr/share/man/zh_CN/man8/chpasswd.8.gz
/usr/share/man/zh_TW/man8/chpasswd.8.gz
/usr/share/vim/vim80/ftplugin/passwd.vim
/usr/share/vim/vim80/syntax/passwd.vim
/var/lib/sss/mc/passwd
范例:
#搜索名称或路径中包含“conf”的文件
locate conf
#使用Regex来搜索以“.conf”结尾的文件
locate -r '\.conf$'
范例:
[root@rocky8 ~]# locate -n 10 -ir '\.conf$'
/boot/loader/entries/ad9d4d0a9e7a41c6ba47c505d1172547-0-rescue.conf
/boot/loader/entries/ad9d4d0a9e7a41c6ba47c505d1172547-4.18.0-305.3.1.el8_4.x86_64.conf
/etc/dracut.conf
/etc/fuse.conf
/etc/host.conf
/etc/idmapd.conf
/etc/kdump.conf
/etc/krb5.conf
/etc/ld.so.conf
/etc/libaudit.conf
[root@rocky8 ~]# touch test.log
[root@rocky8 ~]# locate test.log
[root@rocky8 ~]# updatedb
[root@rocky8 ~]# locate test.log
/root/test.log
1.2 find
find 是实时查找工具,通过遍历指定路径完成文件查找
工作特点:
- 查找速度略慢
- 精确查找
- 实时查找
- 查找条件丰富
- 可能只搜索用户具备读取和执行权限的目录
格式:
find [OPTION]... [查找路径] [查找条件] [处理动作]
查找路径:指定具体目标路径;默认为当前目录
查找条件:指定的查找标准,可以文件名、大小、类型、权限等标准进行;默认为找出指定路径下的所有文件
处理动作:对符合条件的文件做操作,默认输出至屏幕
范例:
[root@rocky8 ~]# find
.
./.cshrc
./.tcshrc
./anaconda-screenshots
./anaconda-screenshots/screenshot-0000.png
./anaconda-screenshots/screenshot-0001.png
./anaconda-screenshots/screenshot-0002.png
./anaconda-ks.cfg
./.bash_history
./.bash_profile
./.vimrc
./.bash_logout
./.lesshst
./.bashrc
./.viminfo
./test.log
#默认在当前目录下查找
[root@rocky8 ~]# mkdir -p d1/d2/d3
[root@rocky8 ~]# touch d1/d2/d3/a.txt
[root@rocky8 ~]# find
.
./.cshrc
./.tcshrc
./anaconda-screenshots
./anaconda-screenshots/screenshot-0000.png
./anaconda-screenshots/screenshot-0001.png
./anaconda-screenshots/screenshot-0002.png
./anaconda-ks.cfg
./.bash_history
./.bash_profile
./.vimrc
./.bash_logout
./.lesshst
./.bashrc
./.viminfo
./test.log
./d1
./d1/d2
./d1/d2/d3
./d1/d2/d3/a.txt
#默认递归查找
1.2.1 指定搜索目录层级
-maxdepth level 最大搜索目录深度,指定目录下的文件为第1级
-mindepth level 最小搜索目录深度
范例:
[root@rocky8 ~]# find /etc -maxdepth 1
#-maxdepth 1 最大一层
[root@rocky8 ~]# find /etc -maxdepth 3 -mindepth 2
#最大3层,最小2层
[root@rocky8 ~]# find /etc -maxdepth 2 -mindepth 2
#查看第2层,最大和最小都是2层
1.2.2 对每个目录先处理目录内的文件,再处理目录本身
-depth -d
范例:
[root@rocky8 ~]# mkdir /data/test/test2/test3 -p
[root@rocky8 ~]# touch /data/test/f{1..2}.txt
[root@rocky8 ~]# touch /data/test/test2/test3/f{3..4}.txt
[root@rocky8 ~]# tree /data/test
/data/test
├── f1.txt
├── f2.txt
└── test2
└── test3
├── f3.txt
└── f4.txt
2 directories, 4 files
[root@rocky8 ~]# find /data/test
/data/test
/data/test/test2
/data/test/test2/test3
/data/test/test2/test3/f3.txt
/data/test/test2/test3/f4.txt
/data/test/f1.txt
/data/test/f2.txt
[root@rocky8 ~]# find /data/test -depth
/data/test/test2/test3/f3.txt
/data/test/test2/test3/f4.txt
/data/test/test2/test3
/data/test/test2
/data/test/f1.txt
/data/test/f2.txt
/data/test
1.2.3 根据文件名和inode查找
-name "文件名称":支持使用glob,如:*, ?, [], [^],通配符要加双引号引起来
-iname "文件名称":不区分字母大小写
-inum n 按inode号查找
-samefile name 相同inode号的文件
-links n 链接数为n的文件
-regex “PATTERN”:以PATTERN匹配整个文件路径,而非文件名称
范例:
[root@rocky8 ~]# find /etc/ -name *.conf
[root@rocky8 ~]# touch a.conf
[root@rocky8 ~]# find /etc/ -name *.conf
[root@rocky8 ~]# find /etc/ -name "*.conf"
#一定要加双引号,不然如果当前目录下有.conf结尾的文件,就找不到了
[root@rocky8 ~]# find /etc/ -regex ".*\.txt$"
/etc/pki/nssdb/pkcs11.txt
/etc/data2021-10-09_14-26-54/pki/nssdb/pkcs11.txt
/etc/data2021-10-09_14-27-19/pki/nssdb/pkcs11.txt
#用正则表达式,要全部表示出来
[root@rocky8 ~]# find /etc/ -regex "\.txt$"
#如果不写全路径,是搜不出来的
1.2.4 根据属主、属组查找
-user USERNAME:查找属主为指定用户(UID)的文件
-group GRPNAME: 查找属组为指定组(GID)的文件
-uid UserID:查找属主为指定的UID号的文件
-gid GroupID:查找属组为指定的GID号的文件
-nouser:查找没有属主的文件
-nogroup:查找没有属组的文件
范例:
[root@rocky8 ~]# find /home -nouser
[root@rocky8 ~]# useradd tom
[root@rocky8 ~]# ll /home
total 0
drwx------ 2 raymond raymond 62 Oct 11 13:53 raymond
drwx------ 2 tom tom 62 Oct 11 13:53 tom
[root@rocky8 ~]# userdel tom
[root@rocky8 ~]# ll /home
total 0
drwx------ 2 raymond raymond 62 Oct 11 13:53 raymond
drwx------ 2 1001 1001 62 Oct 11 13:53 tom
[root@rocky8 ~]# find /home -nouser
/home/tom
/home/tom/.bash_logout
/home/tom/.bash_profile
/home/tom/.bashrc
[root@rocky8 ~]# find /home -nogroup
/home/tom
/home/tom/.bash_logout
/home/tom/.bash_profile
/home/tom/.bashrc
[root@rocky8 ~]# useradd -u 1001 jack
[root@rocky8 ~]# find /home -nouser
[root@rocky8 ~]# ll /home
total 0
drwx------ 2 jack jack 62 Oct 11 13:55 jack
drwx------ 2 raymond raymond 62 Oct 11 13:53 raymond
drwx------ 2 jack jack 62 Oct 11 13:53 tom
#系统是根据ID来判断身份的
[root@rocky8 ~]# id jack
uid=1001(jack) gid=1001(jack) groups=1001(jack)
1.2.5 根据文件类型查找
-type TYPE
TYPE可以是以下形式:
f: 普通文件
d: 目录文件
l: 符号链接文件
s:套接字文件
b: 块设备文件
c: 字符设备文件
p: 管道文件
范例:
[root@rocky8 ~]# find / -type s
/run/vmware/guestServicePipe
/run/dbus/system_bus_socket
/run/.heim_org.h5l.kcm-socket
/run/user/0/bus
/run/user/0/systemd/private
/run/user/0/systemd/notify
/run/udev/control
/run/systemd/coredump
/run/systemd/private
/run/systemd/journal/dev-log
/run/systemd/journal/socket
/run/systemd/journal/stdout
/run/systemd/cgroups-agent
/run/systemd/notify
/run/systemd/inaccessible/sock
/var/lib/sss/pipes/private/sbus-monitor
/var/lib/sss/pipes/private/sbus-dp_implicit_files.778
/var/lib/sss/pipes/nss
[root@rocky8 ~]# find / -type s -ls
25848 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/vmware/guestServicePipe
24295 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/dbus/system_bus_socket
24291 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/.heim_org.h5l.kcm-socket
28702 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/user/0/bus
28695 0 srwxr-xr-x 1 root root 0 Oct 11 13:47 /run/user/0/systemd/private
28691 0 srwxr-xr-x 1 root root 0 Oct 11 13:47 /run/user/0/systemd/notify
22130 0 srw------- 1 root root 0 Oct 11 13:47 /run/udev/control
22127 0 srw------- 1 root root 0 Oct 11 13:47 /run/systemd/coredump
22116 0 srwxrwxrwx 1 root root 0 Oct 11 13:47 /run/systemd/private
13288 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/systemd/journal/dev-log
13170 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/systemd/journal/socket
13167 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /run/systemd/journal/stdout
13150 0 srwx------ 1 root root 0 Oct 11 13:47 /run/systemd/cgroups-agent
13148 0 srwxrwxrwx 1 root root 0 Oct 11 13:47 /run/systemd/notify
12887 0 s--------- 1 root root 0 Oct 11 13:47 /run/systemd/inaccessible/sock
67632837 0 srw------- 1 root root 0 Oct 11 13:47 /var/lib/sss/pipes/private/sbus-monitor
67632839 0 srw------- 1 root root 0 Oct 11 13:47 /var/lib/sss/pipes/private/sbus-dp_implicit_files.778
505672 0 srw-rw-rw- 1 root root 0 Oct 11 13:47 /var/lib/sss/pipes/nss
1.2.6 空文件或目录
-empty
范例:
[root@rocky8 ~]# find /data -type d -empty
/data
1.2.7 组合条件
与:-a ,默认多个条件是与关系
或:-o
非:-not !
范例:
[root@rocky8 ~]# find /home -type f -user raymond
/home/raymond/.bash_logout
/home/raymond/.bash_profile
/home/raymond/.bashrc
[root@rocky8 ~]# find /home -type f -a -user raymond
/home/raymond/.bash_logout
/home/raymond/.bash_profile
/home/raymond/.bashrc
[root@rocky8 ~]# find /home -type f -a -user raymond -ls
202128611 4 -rw-r--r-- 1 raymond raymond 18 Jun 17 07:42 /home/raymond/.bash_logout
202128612 4 -rw-r--r-- 1 raymond raymond 141 Jun 17 07:42 /home/raymond/.bash_profile
202128613 4 -rw-r--r-- 1 raymond raymond 376 Jun 17 07:42 /home/raymond/.bashrc
[root@rocky8 ~]# find /home -type f -o -user raymond
/home/raymond
/home/raymond/.bash_logout
/home/raymond/.bash_profile
/home/raymond/.bashrc
/home/tom/.bash_logout
/home/tom/.bash_profile
/home/tom/.bashrc
/home/jack/.bash_logout
/home/jack/.bash_profile
/home/jack/.bashrc
[root@rocky8 ~]# find /home -type f -o -user raymond -ls
202128610 0 drwx------ 2 raymond raymond 62 Oct 11 13:53 /home/raymond
[root@rocky8 ~]# find /home \( -type f -o -user raymond \) -ls
202128610 0 drwx------ 2 raymond raymond 62 Oct 11 13:53 /home/raymond
202128611 4 -rw-r--r-- 1 raymond raymond 18 Jun 17 07:42 /home/raymond/.bash_logout
202128612 4 -rw-r--r-- 1 raymond raymond 141 Jun 17 07:42 /home/raymond/.bash_profile
202128613 4 -rw-r--r-- 1 raymond raymond 376 Jun 17 07:42 /home/raymond/.bashrc
505677 4 -rw-r--r-- 1 jack jack 18 Jun 17 07:42 /home/tom/.bash_logout
505678 4 -rw-r--r-- 1 jack jack 141 Jun 17 07:42 /home/tom/.bash_profile
505679 4 -rw-r--r-- 1 jack jack 376 Jun 17 07:42 /home/tom/.bashrc
67632516 4 -rw-r--r-- 1 jack jack 18 Jun 17 07:42 /home/jack/.bash_logout
67632843 4 -rw-r--r-- 1 jack jack 141 Jun 17 07:42 /home/jack/.bash_profile
67632844 4 -rw-r--r-- 1 jack jack 376 Jun 17 07:42 /home/jack/.bashrc
#用()小括号 ,在find 里要用斜线
德·摩根定律:
- (非 A) 或 (非 B) = 非(A 且 B)
- (非 A) 且 (非 B) = 非(A 或 B)
示例:
!A -a !B = !(A -o B)
!A -o !B = !(A -a B)
(非A)或(非B) =非(A且B) 非A :1、4 非B:1、3 结果:1、3、4
非(A且B) 既是A、又是B:2,非(A且B):1、3、4
范例:
[root@rocky8 ~]# find /home ! -user raymond ! -user jack
/home
[root@rocky8 ~]# find /home ! \( -user raymond -o -user jack \)
/home
范例:
[root@rocky8 ~]# find -user jack -group jack
[root@rocky8 ~]# find -user jack -not -group jack
[root@rocky8 ~]# find -user jack -o -user raymond
[root@rocky8 ~]# find -not \( -user jack -o -user raymond \)
.
./.bash_logout
./.bash_profile
./.bashrc
./.cshrc
./.tcshrc
./anaconda-screenshots
./anaconda-screenshots/screenshot-0000.png
./anaconda-screenshots/screenshot-0001.png
./anaconda-screenshots/screenshot-0002.png
./anaconda-ks.cfg
./.vimrc
./.bash_history
[root@rocky8 ~]# find / -user jack -o -uid 500
find: ‘/proc/1467/task/1467/fd/7’: No such file or directory
find: ‘/proc/1467/task/1467/fdinfo/7’: No such file or directory
find: ‘/proc/1467/fd/6’: No such file or directory
find: ‘/proc/1467/fdinfo/6’: No such file or directory
/var/spool/mail/tom
/var/spool/mail/jack
/home/tom
/home/tom/.bash_logout
/home/tom/.bash_profile
/home/tom/.bashrc
/home/jack
/home/jack/.bash_logout
/home/jack/.bash_profile
/home/jack/.bashrc
[root@rocky8 ~]# find ! \( -type d -a -empty \)| wc -l
13
[root@rocky8 ~]# find ! -type d -o ! -empty |wc -l
13
[root@rocky8 ~]# find ! -user raymond ! -user jack
.
./.bash_logout
./.bash_profile
./.bashrc
./.cshrc
./.tcshrc
./anaconda-screenshots
./anaconda-screenshots/screenshot-0000.png
./anaconda-screenshots/screenshot-0001.png
./anaconda-screenshots/screenshot-0002.png
./anaconda-ks.cfg
./.vimrc
./.bash_history
[root@rocky8 ~]# find /home ! \( -user raymond -o -user jack \)
/home
[root@rocky8 ~]# find ! -user raymond -a ! -user jack
.
./.bash_logout
./.bash_profile
./.bashrc
./.cshrc
./.tcshrc
./anaconda-screenshots
./anaconda-screenshots/screenshot-0000.png
./anaconda-screenshots/screenshot-0001.png
./anaconda-screenshots/screenshot-0002.png
./anaconda-ks.cfg
./.vimrc
./.bash_history
#找出/tmp目录下,属主不是root,且文件名不以f开头的文件
[root@rocky8 ~]# find /tmp \( -not -user root -a -not -name 'f*' \) -ls
[root@rocky8 ~]# find /tmp -not \( -user root -o -name 'f*' \) –ls
find: paths must precede expression: –ls
Usage: find [-H] [-L] [-P] [-Olevel] [-D help|tree|search|stat|rates|opt|exec] [path...] [expression]
1.2.8 排除目录
范例:
#查找/etc/下,除/etc/security目录的其它所有.conf后缀的文件
[root@rocky8 ~]# find /etc -path '/etc/security' -a -prune -o -name "*.conf"
/etc/resolv.conf
/etc/dnf/protected.d/setup.conf
/etc/dnf/protected.d/dnf.conf
/etc/dnf/protected.d/systemd.conf
/etc/dnf/protected.d/yum.conf
/etc/dnf/protected.d/sudo.conf
/etc/dnf/dnf.conf
/etc/dnf/plugins/copr.conf
/etc/dnf/plugins/debuginfo-install.conf
/etc/pki/ca-trust/ca-legacy.conf
/etc/security
/etc/depmod.d/dist.conf
/etc/selinux/semanage.conf
/etc/selinux/targeted/setrans.conf
/etc/plymouth/plymouthd.conf
/etc/dracut.conf
/etc/sysctl.conf
/etc/host.conf
/etc/systemd/coredump.conf
/etc/systemd/journald.conf
/etc/systemd/logind.conf
/etc/systemd/resolved.conf
/etc/systemd/system.conf
/etc/systemd/user.conf
/etc/sysctl.d/99-sysctl.conf
/etc/tcsd.conf
/etc/X11/xorg.conf.d/00-keyboard.conf
/etc/sysconfig/nftables.conf
/etc/ld.so.conf
/etc/ld.so.conf.d/kernel-4.18.0-305.3.1.el8_4.x86_64.conf
/etc/nsswitch.conf
/etc/idmapd.conf
/etc/gcrypt/random.conf
/etc/NetworkManager/NetworkManager.conf
/etc/sestatus.conf
/etc/ssh/ssh_config.d/05-redhat.conf
/etc/logrotate.conf
/etc/libaudit.conf
/etc/xattr.conf
/etc/libreport/events.d/collect_dnf.conf
/etc/authselect/user-nsswitch.conf
/etc/fuse.conf
/etc/dbus-1/session.conf
/etc/dbus-1/system.conf
/etc/dbus-1/system.d/nm-dispatcher.conf
/etc/dbus-1/system.d/nm-ifcfg-rh.conf
/etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf
/etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf
/etc/dbus-1/system.d/teamd.conf
/etc/dbus-1/system.d/com.redhat.tuned.conf
/etc/sasl2/smtpd.conf
/etc/prelink.conf.d/grub2.conf
/etc/rdma/modules/infiniband.conf
/etc/rdma/modules/iwarp.conf
/etc/rdma/modules/opa.conf
/etc/rdma/modules/rdma.conf
/etc/rdma/modules/roce.conf
/etc/rdma/mlx4.conf
/etc/udev/udev.conf
/etc/modprobe.d/mlx4.conf
/etc/modprobe.d/truescale.conf
/etc/modprobe.d/firewalld-sysctls.conf
/etc/modprobe.d/tuned.conf
/etc/openldap/ldap.conf
/etc/libuser.conf
/etc/krb5.conf
/etc/firewalld/firewalld.conf
/etc/tuned/tuned-main.conf
/etc/yum.conf
/etc/vmware-tools/vgauth.conf
/etc/kdump.conf
/etc/audit/auditd.conf
/etc/audit/plugins.d/af_unix.conf
/etc/rsyslog.conf
/etc/sudo-ldap.conf
/etc/sudo.conf
/etc/mke2fs.conf
/etc/man_db.conf
/etc/locale.conf
/etc/vconsole.conf
#查找/etc/下,除/etc/security和/etc/systemd两个目录的所有.conf后缀的文件
[root@rocky8 ~]# find /etc \( -path "/etc/security" -o -path "/etc/systemd" \) -a -prune -o -name "*.conf"
/etc/resolv.conf
/etc/dnf/protected.d/setup.conf
/etc/dnf/protected.d/dnf.conf
/etc/dnf/protected.d/systemd.conf
/etc/dnf/protected.d/yum.conf
/etc/dnf/protected.d/sudo.conf
/etc/dnf/dnf.conf
/etc/dnf/plugins/copr.conf
/etc/dnf/plugins/debuginfo-install.conf
/etc/pki/ca-trust/ca-legacy.conf
/etc/security
/etc/depmod.d/dist.conf
/etc/selinux/semanage.conf
/etc/selinux/targeted/setrans.conf
/etc/plymouth/plymouthd.conf
/etc/dracut.conf
/etc/sysctl.conf
/etc/host.conf
/etc/systemd
/etc/sysctl.d/99-sysctl.conf
/etc/tcsd.conf
/etc/X11/xorg.conf.d/00-keyboard.conf
/etc/sysconfig/nftables.conf
/etc/ld.so.conf
/etc/ld.so.conf.d/kernel-4.18.0-305.3.1.el8_4.x86_64.conf
/etc/nsswitch.conf
/etc/idmapd.conf
/etc/gcrypt/random.conf
/etc/NetworkManager/NetworkManager.conf
/etc/sestatus.conf
/etc/ssh/ssh_config.d/05-redhat.conf
/etc/logrotate.conf
/etc/libaudit.conf
/etc/xattr.conf
/etc/libreport/events.d/collect_dnf.conf
/etc/authselect/user-nsswitch.conf
/etc/fuse.conf
/etc/dbus-1/session.conf
/etc/dbus-1/system.conf
/etc/dbus-1/system.d/nm-dispatcher.conf
/etc/dbus-1/system.d/nm-ifcfg-rh.conf
/etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf
/etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf
/etc/dbus-1/system.d/teamd.conf
/etc/dbus-1/system.d/com.redhat.tuned.conf
/etc/sasl2/smtpd.conf
/etc/prelink.conf.d/grub2.conf
/etc/rdma/modules/infiniband.conf
/etc/rdma/modules/iwarp.conf
/etc/rdma/modules/opa.conf
/etc/rdma/modules/rdma.conf
/etc/rdma/modules/roce.conf
/etc/rdma/mlx4.conf
/etc/udev/udev.conf
/etc/modprobe.d/mlx4.conf
/etc/modprobe.d/truescale.conf
/etc/modprobe.d/firewalld-sysctls.conf
/etc/modprobe.d/tuned.conf
/etc/openldap/ldap.conf
/etc/libuser.conf
/etc/krb5.conf
/etc/firewalld/firewalld.conf
/etc/tuned/tuned-main.conf
/etc/yum.conf
/etc/vmware-tools/vgauth.conf
/etc/kdump.conf
/etc/audit/auditd.conf
/etc/audit/plugins.d/af_unix.conf
/etc/rsyslog.conf
/etc/sudo-ldap.conf
/etc/sudo.conf
/etc/mke2fs.conf
/etc/man_db.conf
/etc/locale.conf
[root@rocky8 ~]# find /etc -name "*.conf"
/etc/resolv.conf
/etc/dnf/protected.d/setup.conf
/etc/dnf/protected.d/dnf.conf
/etc/dnf/protected.d/systemd.conf
/etc/dnf/protected.d/yum.conf
/etc/dnf/protected.d/sudo.conf
/etc/dnf/dnf.conf
/etc/dnf/plugins/copr.conf
/etc/dnf/plugins/debuginfo-install.conf
/etc/pki/ca-trust/ca-legacy.conf
/etc/security/pwquality.conf
/etc/security/access.conf
/etc/security/chroot.conf
/etc/security/faillock.conf
/etc/security/group.conf
/etc/security/limits.conf
/etc/security/namespace.conf
/etc/security/pam_env.conf
/etc/security/sepermit.conf
/etc/security/time.conf
/etc/depmod.d/dist.conf
/etc/selinux/semanage.conf
/etc/selinux/targeted/setrans.conf
/etc/plymouth/plymouthd.conf
/etc/dracut.conf
/etc/sysctl.conf
/etc/host.conf
/etc/systemd/coredump.conf
/etc/systemd/journald.conf
/etc/systemd/logind.conf
/etc/systemd/resolved.conf
/etc/systemd/system.conf
/etc/systemd/user.conf
/etc/sysctl.d/99-sysctl.conf
/etc/tcsd.conf
/etc/X11/xorg.conf.d/00-keyboard.conf
/etc/sysconfig/nftables.conf
/etc/ld.so.conf
/etc/ld.so.conf.d/kernel-4.18.0-305.3.1.el8_4.x86_64.conf
/etc/nsswitch.conf
/etc/idmapd.conf
/etc/gcrypt/random.conf
/etc/NetworkManager/NetworkManager.conf
/etc/sestatus.conf
/etc/ssh/ssh_config.d/05-redhat.conf
/etc/logrotate.conf
/etc/libaudit.conf
/etc/xattr.conf
/etc/libreport/events.d/collect_dnf.conf
/etc/authselect/user-nsswitch.conf
/etc/fuse.conf
/etc/dbus-1/session.conf
/etc/dbus-1/system.conf
/etc/dbus-1/system.d/nm-dispatcher.conf
/etc/dbus-1/system.d/nm-ifcfg-rh.conf
/etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf
/etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf
/etc/dbus-1/system.d/teamd.conf
/etc/dbus-1/system.d/com.redhat.tuned.conf
/etc/sasl2/smtpd.conf
/etc/prelink.conf.d/grub2.conf
/etc/rdma/modules/infiniband.conf
/etc/rdma/modules/iwarp.conf
/etc/rdma/modules/opa.conf
/etc/rdma/modules/rdma.conf
/etc/rdma/modules/roce.conf
/etc/rdma/mlx4.conf
/etc/udev/udev.conf
/etc/modprobe.d/mlx4.conf
/etc/modprobe.d/truescale.conf
/etc/modprobe.d/firewalld-sysctls.conf
/etc/modprobe.d/tuned.conf
/etc/openldap/ldap.conf
/etc/libuser.conf
/etc/krb5.conf
/etc/firewalld/firewalld.conf
/etc/tuned/tuned-main.conf
/etc/yum.conf
/etc/vmware-tools/vgauth.conf
/etc/kdump.conf
/etc/audit/auditd.conf
/etc/audit/plugins.d/af_unix.conf
/etc/rsyslog.conf
/etc/sudo-ldap.conf
/etc/sudo.conf
/etc/mke2fs.conf
/etc/man_db.conf
/etc/locale.conf
/etc/vconsole.conf
#排除/proc和/sys目录
[root@rocky8 ~]# find / \( -path "/sys" -o -path "/proc" \) -a -prune -o -type f -a -mmin -1
/proc
/sys
1.2.9 根据文件大小来查找
-size [+|-]#UNIT
常用单位:k, M, G,c(byte),注意大小写敏感
#UNIT: (#-1, #]
如:6k 表示(5k,6k]
-#UNIT:[0,#-1]
如:-6k 表示[0,5k]
+#UNIT:(#,∞)
如:+6k 表示(6k,∞)
范例:
[root@rocky8 ~]# find / -size 10G #是9-10G
[root@rocky8 ~]# find / -size -10G #是0-9G
[root@rocky8 ~]# find / -size +10G #是10G以上
1.2.10 根据时间戳
#以“天”为单位
-atime [+|-]#
-mtime
-ctime
#: [#,#+1)
-#: [0,#)
+#: [#+1,∞]
-mtime 10
-mtime -10
-mtime +10
#以“分钟”为单位
-amin
-mmin
-cmin
范例:
[root@rocky8 ~]# find / -mtime 10 #是10-11天
[root@rocky8 ~]# find / -mtime -10 #是0-10天
[root@rocky8 ~]# find / -mtime +10 #是11天以上
1.2.11 根据权限查找
-perm [/|-]MODE
MODE: 精确权限匹配
/MODE:任何一类(u,g,o)对象的权限中只要能一位匹配即可,或关系,+ 从CentOS 7开始淘汰
-MODE:每一类对象都必须同时拥有指定权限,与关系
0 表示不关注
说明:
find -perm 755 会匹配权限模式恰好是755的文件
只要当任意人有写权限时,find -perm /222就会匹配
只有当每个人都有写权限时,find -perm -222才会匹配
只有当其它人(other)有写权限时,find -perm -002才会匹配
范例:
find -perm /222 这里的/ 斜线代表 或的关系, u、g、o 三个只要一个人有w权限就可以
find -perm -222 - 代表并且,就是都有的意思,表示u、g、o ,三个都要有w 权限
[root@rocky8 ~]# find /etc -perm -222
[root@rocky8 ~]# find /etc -perm -222 -ls
[root@rocky8 ~]# find /etc -perm -022 -ls
#0表示不关心
[root@rocky8 ~]# find /etc -perm -002
[root@rocky8 ~]# find /etc -perm /002
#上面两个命令执行结果是一样的
1.2.12 处理动作
-print:默认的处理动作,显示至屏幕
-ls:类似于对查找到的文件执行"ls -dils"命令格式输出
-fls file:查找到的所有文件的长格式信息保存至指定文件中,相当于 -ls > file
-delete:删除查找到的文件,慎用!
-ok COMMAND {} \; 对查找到的每个文件执行由COMMAND指定的命令,对于每个文件执行命令之前,都会交互式要求用户确认
-exec COMMAND {} \; 对查找到的每个文件执行由COMMAND指定的命令
{}: 用于引用查找到的文件名称自身
范例:
[root@rocky8 ~]# touch {a..c}.txt
[root@rocky8 ~]# ls *.txt
a.txt b.txt c.txt
[root@rocky8 ~]# find -name "*.txt" -delete
[root@rocky8 ~]# ls *.txt
ls: cannot access '*.txt': No such file or directory
#-delete 找到文件直接删除
[root@rocky8 ~]# touch {a..z}.txt
[root@rocky8 ~]# ls *.txt
a.txt c.txt e.txt g.txt i.txt k.txt m.txt o.txt q.txt s.txt u.txt w.txt y.txt
b.txt d.txt f.txt h.txt j.txt l.txt n.txt p.txt r.txt t.txt v.txt x.txt z.txt
[root@rocky8 ~]# find -name "*.txt" -ok mv {} /opt \;
< mv ... ./a.txt > ? y
< mv ... ./b.txt > ? y
< mv ... ./c.txt > ?
< mv ... ./d.txt > ?
< mv ... ./e.txt > ? ^C
#-ok 会询问
[root@rocky8 ~]# ls /opt
a.txt b.txt
[root@rocky8 ~]# find -name "*.txt" -exec mv {} /opt \;
[root@rocky8 ~]# ls /opt
a.txt c.txt e.txt g.txt i.txt k.txt m.txt o.txt q.txt s.txt u.txt w.txt y.txt
b.txt d.txt f.txt h.txt j.txt l.txt n.txt p.txt r.txt t.txt v.txt x.txt z.tx
#-exec 直接处理
[root@rocky8 ~]# find /opt -name "*.txt" -exec rm {} \;
[root@rocky8 ~]# ls /opt
#加rm 会直接删除,很危险,小心使用
范例:
#备份配置文件,添加.orig这个扩展名
[root@rocky8 ~]# find -name ".conf" -exec cp {} {}.orig \;
#提示删除存在时间超过3天以上的jack的临时文件
[root@rocky8 ~]# find /tmp -ctime +3 -user jack -ok rm {} \;
#在主目录中寻找可被其它用户写入的文件
[root@rocky8 ~]# find ~ -perm -002 -exec chmod o-w {} \;
#查找/data下的权限为644,后缀为sh的普通文件,增加执行权限
[root@rocky8 ~]# find /data –type f -perm 644 -name "*.sh" –exec chmod 755 {} \;
1.3 参数替换 xargs
由于很多命令不支持管道|来传递参数,xargs用于产生某个命令的参数,xargs 可以读入 stdin 的数据,并且以空格符或回车符将 stdin 的数据分隔成为参数,另外,许多命令不能接受过多参数,命令执行可能会失败,xargs 可以解决
注意:文件名或者是其他意义的名词内含有空格符的情况
find 经常和 xargs 命令进行组合,形式如下:
find | xargs COMMAND
范例::
[root@rocky8 ~]# echo {a..z}
a b c d e f g h i j k l m n o p q r s t u v w x y z
[root@rocky8 ~]# echo {a..z} |xargs echo
a b c d e f g h i j k l m n o p q r s t u v w x y z
[root@rocky8 ~]# cd /opt;echo {a..z}.txt |xargs touch
[root@rocky8 opt]# ls
a.txt c.txt e.txt g.txt i.txt k.txt m.txt o.txt q.txt s.txt u.txt w.txt y.txt
b.txt d.txt f.txt h.txt j.txt l.txt n.txt p.txt r.txt t.txt v.txt x.txt z.txt
#xargs 把前一个命令的结果 接收,传给后一个命令当输入
[root@rocky8 opt]# rm -f *
[root@rocky8 opt]# ls
[root@rocky8 opt]# echo {a..z} |xargs -n1 echo
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
#-n1 一个传一个参数
[root@rocky8 opt]# echo {a..z} |xargs -n2 echo
a b
c d
e f
g h
i j
k l
m n
o p
q r
s t
u v
w x
y z
[root@rocky8 opt]# echo {a..z} |xargs -n3 echo
a b c
d e f
g h i
j k l
m n o
p q r
s t u
v w x
y z
[root@rocky8 opt]# echo user{1..100} | xargs -n1 useradd
#批量创建100个账户
[root@rocky8 opt]# echo user{1..100} | xargs -n 1 userdel -r
#批量删除100个账户
范例:
[root@rocky8 opt]# xargs
1
2
3
1 2 3
[root@rocky8 opt]# xargs echo
1
2
3
1 2 3
#显示10个数字
[root@rocky8 opt]# seq 10 | xargs
1 2 3 4 5 6 7 8 9 10
#删除当前目录下的大量文件
[root@rocky8 opt]# ls | xargs rm
#对文件排序显示
[root@rocky8 opt]# find -name "*.sh" | xargs ls -Sl
#这个命令是错误的
[root@rocky8 opt]# find /sbin/ -perm /700 | ls -l
#查找有特殊权限的文件,并排序
[root@rocky8 opt]# find /bin/ -perm /7000 | xargs ls -Sl
---s--x--x. 1 root root 165632 May 19 11:01 /bin/sudo
-rwsr-xr-x. 1 root root 84368 May 19 11:02 /bin/gpasswd
-rwsr-xr-x. 1 root root 79616 May 19 11:02 /bin/chage
-rwsr-xr-x. 1 root root 63368 Mar 15 2021 /bin/crontab
-rwsr-xr-x. 1 root root 58768 Apr 12 08:29 /bin/at
-rwsr-xr-x. 1 root root 50584 May 19 11:01 /bin/mount
-rwsr-xr-x. 1 root root 50464 May 19 11:01 /bin/su
-rwsr-xr-x. 1 root root 43560 May 19 11:02 /bin/newgrp
-rwsr-xr-x. 1 root root 37720 Apr 12 09:30 /bin/fusermount
-rws--x--x. 1 root root 33944 May 19 11:01 /bin/chfn
-rwsr-xr-x. 1 root root 33776 May 19 11:01 /bin/umount
-rwsr-xr-x. 1 root root 33544 Mar 15 2021 /bin/passwd
-rwsr-xr-x. 1 root root 28976 Jun 11 08:16 /bin/pkexec
-rws--x--x. 1 root root 25552 May 19 11:01 /bin/chsh
-rwxr-sr-x. 1 root tty 21368 May 19 11:01 /bin/write
#此命令和上面有何区别?
[root@rocky8 opt]# find /bin/ -perm -7000 | xargs ls -Sl
#以字符nul分隔
[root@rocky8 ~]# touch "a b.txt"
[root@rocky8 ~]# ls *.txt
'a b.txt'
[root@rocky8 ~]# find -name "*.txt" |xargs rm
rm: cannot remove './a': No such file or directory
rm: cannot remove 'b.txt': No such file or directory
[root@rocky8 ~]# find -name "*.txt" -print0 |xargs -0 rm
[root@rocky8 ~]# ls *.txt
ls: cannot access '*.txt': No such file or directory
#并发执行多个进程
[root@rocky8 opt]# seq 100 | xargs -i -P10 wget -P /data http://172.31.1.8/{}.html
1.4 练习
1、查找/var目录下属主为root,且属组为mail的所有文件
2、查找/var目录下不属于root、lp、gdm的所有文件
3、查找/var目录下最近一周内其内容修改过,同时属主不为root,也不是postfix的文件
4、查找当前系统上没有属主或属组,且最近一个周内曾被访问过的文件
5、查找/etc目录下大于1M且类型为普通文件的所有文件
6、查找/etc目录下所有用户都没有写权限的文件
7、查找/etc目录下至少有一类用户没有执行权限的文件
8、查找/etc/init.d目录下,所有用户都有执行权限,且其它用户有写权限的文件
标签:23,etc,查找,usr,conf,Linux,txt,root,rocky8 来源: https://blog.csdn.net/qq_25599925/article/details/120810020
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。