Using the find Command in Linux and UNIX

The find command allows users to do a comprehensive search spanning the directory tree. find also allows the setting of more specific options to filter the search results and when you’ve found what you’re looking for find even has the option to do some work on those files.

Finding Files by Age

What if a user wants to determine if there are any really old files on their server? There are dozens of options for the find command but the first thing find requires is the path in which to look.

In this example we will change our working directory to the / (root) directory and run the find command on the working directory by giving . as the path argument. The following command sequence looks for any files that are more than 20 years, 7300 days, old.

Finding files older than 20 years

# cd /
# find ./ -mtime +7300
# cd /tmp
# ls -ld orbit-root
drwx------ 2 root root 8192 Dec 31 1969 orbit-root

By default find prints the name and path to any files which match the criteria listed. In this case it has found a file in ./tmp/orbit-root which has not been modified in more than 7300 days.

You’ve probably noticed that the date on this file is a bit suspect. While the details are unimportant it is worth understanding that anything on a Linux system with a date of December 31, 1969 or January 1, 1970 has probably lost its date and time attributes somehow. It may have also been created at some time when the system’s clock was horribly wrong.

If we wanted to search the root directory without changing our working directory we could have specified the directory in the find command like this:

# find / -mtime +7300

The command found the same file in this case but has now described it starting with / instead of ./ because that is what was used in the find command.

The following command sequence will look for some newer files. The process starts in the user’s home directory and looks for files less than three days old.

Finding Any Files Modified in the Past 3 Days

$ cd ~
$ find . -mtime -3.

Now we start to really see the power of the find command. It has identified files not only in the working directory but in a subdirectory as well! Let’s verify the findings with some ls commands:

$ ls –alt
total 56
drwxrwxr-x 2 tclark authors 4096 Feb 3 17:45 examples
-rw------- 1 tclark tclark 8793 Feb 3 14:04 .bash_history
drwx------ 4 tclark tclark 4096 Feb 3 11:17 .
-rw------- 1 tclark tclark 1066 Feb 3 11:17 .viminfo
-rw-rw-r-- 1 tclark tclark 0 Feb 3 09:00 example1.fil
-rw-r--r-- 1 tclark authors 0 Jan 27 00:22 umask_example.fil
drwxr-xr-x 8 root root 4096 Jan 25 22:16 ..
-rw-rw-r-- 1 tclark tclark 0 Jan 13 21:13
-rw-r--r-- 1 tclark tclark 120 Aug 24 06:44 .gtkrc
-rw-r--r-- 1 tclark tclark 24 Aug 18 11:23 .bash_logout
-rw-r--r-- 1 tclark tclark 191 Aug 18 11:23 .bash_profile
-rw-r--r-- 1 tclark tclark 124 Aug 18 11:23 .bashrc
-rw-r--r-- 1 tclark tclark 237 May 22 2003 .emacs
-rw-r--r-- 1 tclark tclark 220 Nov 27 2002 .zshrc
drwxr-xr-x 3 tclark tclark 4096 Aug 12 2002 .kde
$ cd examples
$ ls -alt
total 20
drwxrwxr-x 2 tclark authors 4096 Feb 3 17:45 .
-rw-rw-r-- 1 tclark tclark 0 Feb 3 17:45 other.txt
-rw-rw-r-- 1 tclark authors 360 Feb 3 17:44 preamble.txt
drwx------ 4 tclark tclark 4096 Feb 3 11:17 ..
-rw-r--r-- 1 tclark authors 2229 Jan 13 21:35 declaration.txt
-rw-rw-r-- 1 tclark presidents 1310 Jan 13 17:48 gettysburg.txt

So we see that find has turned up what we were looking for. Now we will refine our search even further.

Finding .txt Files Modified in the Past 3 Days

Sometimes we are only concerned specific files in the directory. For example, say you wrote a text file sometime in the past couple days and now you can’t remember what you called it or where you put it. Here’s one way you could find that text file without having to go through your entire system:

$ find . -name '*.txt' -mtime -3

Now you’ve got even fewer files than in the last search and you could easily identify the one you’re looking for.

Find files by size

If a user is running short of disk space, they may want to find some large files and compress them to recover space. The following will search from the current directory and find all files larger than 10,000KB. The output has been abbreviated.

Finding Files Larger than 10,000k

# find . -size +10000k

Similarly a – could be used in this example to find all files smaller than 10,000KB. Of course there would be quite a few of those on a Linux system.

The find command is quite flexible and accepts numerous options. We have only covered a couple of the options here but if you want to check out more of them take a look at find’s man page.

Most of find’s options can be combined to find files which meet several criteria. To do this we can just continue to list criteria like we did when finding .txt files which had been modified in the past three days.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!

Easy Linux Commands: Book Review 3

Robert Vollman has now posted a review of my book Easy Linux Commands on Amazon.

He makes many good points but one I keep hearing from just about everyone is that almost all of the content of Easy Linux Commands can be applied on other UNIX and UNIX-like systems.

Here is Robert’s full review:

My shelf is full of technical books on a variety of topics, including Linux. But there have been times when someone new to the IT world will ask me for a book to get them started in a particular area. Alas, most of my books are thousand-page, exhaustively-detailed volumes that would be so inaccessible that the only use a beginner could get out of it would be to kill a few spiders.

But now, thanks to Jon Emmons and Terry Clark, I finally have a book I can give a young student, or a previously “Windows-only” PC user. “Easy Linux Commands” is just what it claims to be: an easy introduction to the command-line world.

Being easy to read and accessible is this book’s chief selling point. The book is not only under 200 pages, with lots of pictures, big text and barely 30 lines per page, but it’s also structured in the exact same familiar fashion as countless other books. Furthermore, I don’t find the author’s style overly technical. His writing style is very informal and almost conversational. Judge for yourself by visiting his blog “Life After Coffee,” where he occasionally includes excerpts from the book. In fact, if something is not clear, Jon Emmons is very accessible and answers questions quickly and happily.

Also notice that I said this books introduces you to the command-line world, not Linux. I said that for two reasons:
1. Almost everything in this books applies equally well to Unix. Very little in this book is actually Linux-specific.
2. Even though Linux has graphical user interfaces, like Gnome and KDE, this book covers command-line Linux only.

One word of caution. Don’t be thrown by the “Become a Linux Command Guru” picture stamped on the front cover. You won’t be a guru. This covers the basics, and only a little more. But this book will get you past square one and allow you to use some of those big books for becoming a guru (instead of an exterminator).

Easy Linux CommandsCheck out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!

linux, book

Setting Default Permissions Using a File Mask

By default, Linux and UNIX permissions for new directories are typically set to 755 allowing read, write, and execute permissions to user and only read and execute to group and other users. Conversely, file permissions default to 644 allowing read and write access to user but only read to group and others. These defaults are controlled by the user file-creation mask or umask.

A user or administrator may want to change the Linux default permissions by using the umask command in a login script. The umask command can be used without specifying any arguments to determine what the current default permissions are. The value displayed by umask must be subtracted from the defaults of 777 for directories and 666 for files to determine the current defaults. A typical umask which will generate the permissions listed in the previous paragraph would be 0022. The first digit pertains to the sticky bit which will be explained further later.

The –S option can be used to see the current default permissions displayed in the alpha symbolic format. Default permissions can be changed by specifying the mode argument to umask within the user’s shell profile (.bash_profile for the bash) script.

The following are some examples.

Using umask to Set Default Permissions

$ umask

$ umask -S

$ umask 033

$ umask

$ umask -S

The default umask will cause users to create files which any user can read. In many instances where you have a multi-user system this is not desirable and a more appropriate umask may be 077. That umask will enforce the default permissions to be read, write and execute for the owner and no permissions for the group and other users.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!

unix, linux, umask, shell, bash, sysadmin, system administration

Easy Linux Commands – Another Review on Amazon

My book Easy Linux Commands: Working Examples of Linux Command Syntax has received another 5-star review on Amazon. Here’s what reviewer Ben Prusinski has to say:

After wading through a maze of complex Linux tomes that are geared toward experienced Unix administrators, I finally found an excellent tips and tricks guide that can walk a novice through the maze of Unix commands. This book is easy to follow and makes using Linux operating system a breeze rather than a painful austerity. Highly recommended!

I’m glad people are finding the book useful! Thanks for the feedback Ben.

Easy Linux CommandsCheck out Easy Linux Commands for yourself, only $19.95 from Rampant TechPress.

Buy it now!

linux, unix, linux commands, command line, redhat, ubuntu, book, technology, information technology, system administration, sysadmin

Linux and UNIX Permissions on Directories

The read, write and execute permissions apply slightly differently to directories than they do to files. The read permission on a directory controls the ability to list the contents of that directory. In this example we’ll create a directory and place a blank file in it. We’ll then modify the permissions on the directory so the owner cannot see the contents.

$ mkdir secret_dir
$ touch secret_dir/my_secret.txt
$ ls secret_dir/
$ chmod u-r secret_dir/
$ ls secret_dir/
ls: secret_dir/: Permission denied
$ cd secret_dir/
$ ls
ls: .: Permission denied
$ cd ../

We see that we get a Permission denied error when trying to view the contents of the directory when the read permission has been revoked. Despite not being able to see what is in the directory we can still change our working directory to that directory.

The write permission on a directory behaves somewhat as expected. If a user has write on a directory they can create or remove files from that directory even if they are not the owner of the files. This is important to note as giving a user, group or other users write on a directory with other user’s files in it will allow them to delete other users files.

Now we’ll give read permissions back to the owner and revoke the execute permission:

$ chmod u+r secret_dir/
$ chmod u-x secret_dir/
$ ls secret_dir/
$ cd secret_dir/
-bash: cd: secret_dir/: Permission denied

We can now view the contents of the directory again but look at what happened when we tried to cd into it! Not having the execute permission on a directory will prevent you from changing into that directory even though you can view the contents. It is understandable how this can cause some confusion.

Easy Linux CommandsFor more tips like this check out my book Easy Linux Commands, only $19.95 from Rampant TechPress.

Buy it now!

unix, linux, system administration, sysadmin, security, file security, permissions, owner, group