Find out the files that file length greater than 100M bytes
# find ./* -size +100M
./proc/kcore
[omit]
Some experience
# find . -type f ! -name 'Root' ! -name 'Repository' ! -name 'Entries' -print
// 將目錄下的所有Root 檔案換成新的檔案 (Root.user), 並且將過程log 下來丟到a.log 檔案
# find ./* -name Root -fls a.log -exec cp -f Root.user {} \;
// find 預設所有的condition 都是and, 除非你指定用or 來做logic adjudgement
# find . -type f | egrep 'data|temp' > exclude
// Find all the files and folders below the specified directory and print the specified data of column
# find ./* -name CVS -exec "rm -rf {}" \; 2>&1 | gawk -F"[ ]" '{print $2" "$3" "$4}'
# find ./* -name Makefile -exec grep -R -H "export" {} \;
# find the files below the current working directory that is modified not greater than 1 min.
find ./* -mtime -1 -exec ls -la {} \;
# find the desired file only in the current directory (no any underly directory is needed, sub-directory is 0)
find ./* -maxdepth 0 -size +100M -exec ls -l -h {} \;
EX. 1
Example:
Find all files with the txt extension in your home directory:
find ~ -name"*.txt" -print
Find all files with at least one upper casecharacter in your current directory:
find . -name "[A-Z]*"-print
Find all files that begin with two lower case characters, followed by.txt:
find . -name "[a-z][a-z][0--9][0--9].txt" -print
EX. 2
Description:
Lets say your system had 200GB of empty hard drive space yesterday, and suddenly you have none. Someone has uploaded created a very large file, and we need to find it!
Example:
find / -mtime -1 -size +150000000 -print
This finds all files created in the last day that are larger than 150GB.
EX. 3
Description:
suid allows programs to run as other users (usually root). Knowing what files have suid is very important to locking down your system. The file /root/suid.txt is created with the the findings.
Example:
ls -alF `find / -perm -4000` > /root/suid.txt
EX. 4
Description:
Simplify the output of find by sending the \"permission denied\" messages to /dev/null.
Example:
find / -name libib* 2>/dev/null
find can use "operators" include following sign
OPERATORS
Listed in order of decreasing precedence:
( expr )
Force precedence.
! expr True if expr is false.
-not expr
Same as ! expr, but not POSIX compliant.
expr1 expr2
Two expressions in a row are taken to be joined with an implied "and"; expr2 is not
evaluated if expr1 is false.
expr1 -a expr2
Same as expr1 expr2.
expr1 -and expr2
Same as expr1 expr2, but not POSIX compliant.
expr1 -o expr2
Or; expr2 is not evaluated if expr1 is true.
expr1 -or expr2
Same as expr1 -o expr2, but not POSIX compliant.
expr1 , expr2
List; both expr1 and expr2 are always evaluated. The value of expr1 is discarded; the
value of the list is the value of expr2. The comma operator can be useful for
searching for several different types of thing, but traversing the filesystem hierarchy
only once. The -fprintf action can be used to list the various matched items into sev-
eral different output files.
e.g.
// List all the files postfix '*.[ao]' or '*.so'
# find . -name '*.[ao]' -o -name '*.so'
// if you use "operators" in the find command. And you want to process ("-exec") the output of find command, you must add "-print " to redirect the output data to the -exec as "{}" present the output data. Like the following examples
# find ./subFolder -name *.h -print -o -name *.sh -print -o -name *.c -print -exec dos2unix {} \;
很棒的find 說明文件
http://www.linux-mag.com/2002-09/power_01.html
沒有留言:
張貼留言