Initially, Unix / Linux operating systems did not have a graphical interface, as they were focused on server use. Today, in this regard, they are not much inferior to Windows, which is why users using this OS rarely know the syntax and purpose of the main Linux commands. Meanwhile, this is a very powerful tool that allows you to quickly perform operations that are problematic or impossible to perform using the basic OS tools. Today you will be introduced to the find and grep statements, which are the basis for the filesystem of all Linux distributions.
Contents
Find and grep statements
The find command in Linux is a command line operator for working with files, bypassing the existing hierarchy. It allows you to search for files using a variety of filters, as well as perform some actions on files after successful search. Among the search criteria for files are almost all available attributes, from creation date to resolution.
The grep command in Linux also refers to search, but inside files. The literal translation of the command is “global printing of regular expressions”, but printing here means the output of the work results to the device by default, which is usually the monitor. Possessing great potential, the operator is used quite often and allows you to search within one or several files by specified fragments (patterns). Since the terminology in Linux differs significantly from that in the Windows environment, many users have significant difficulties using these commands. We will try to eliminate this drawback.
Grep and find syntax
Let’s start with the find statement. The syntax for a file search command looks like this:
find [где искать] [параметры] [-опции] [действия]
Some useful parameters:
- -depth: search in the current folder and subdirectories;
- -version: display the version of the command;
- -print: show full filenames (on Linux they can be arbitrarily large);
- -type f: search exclusively for files;
- -type d – search only directories (folders).
The list of available options (indicated by a hyphen):
- name: file search by name;
- user: search by the name of the owner of the file;
- perm: by attribute “access mode”;
- mtime: by the time the file was last modified (edited);
- group: by group;
- atime: by the date of the last opening of the file;
- newer: search for a file with a date newer than the specified in the directive template;
- size: by the size of the file in bytes;
- nouser: Search for files that do not have the entered owner attribute.
Grep syntax:
grep [опции] шаблон [где искать]
Options should be understood as additional specifying parameters, for example, using inverse mode or searching for a specified number of lines.
The pattern specifies what to look for using the directly specified string or regular expression.
The ability to use regular expressions allows you to significantly expand the search capabilities. Specifying standard output can be useful if you want to filter out errors written to the logs, or to find the PID of a process in ps command results, which can be multipage.
Let’s take a look at the most common grep options:
- -b: print the block number before issuing the resulting string;
- -c: it is necessary to count the number of occurrences of the desired fragment;
- -i: case insensitive search;
- -n: output to standard output the line number in which the desired fragment or pattern was found;
- – l: the output should contain only the names of the files with the found search fragment;
- -s: ignore error output;
- -w: search for a fragment surrounded by spaces on both sides;
- -v: inverted search, that is, display all lines that do not contain the given fragment;
- -e: the parameter specifies that a regular expression with its own syntax follows;
- -An: output the desired fragment and the previous n lines;
- -Bn: the same, but with the lines following the pattern.
Now it makes sense to move from theoretical to practical.
Examples of using the utilities
If you know what combinatorics is, then you should represent the true number of possible combinations of search commands. We will limit ourselves only to the most useful examples that may be useful to you while working.
Search for text in files
Even if we have administrator rights and we are tasked with finding a specific user in a huge password file. We need a fairly simple command indicating the file location path:
grep NameUser /etc/passwd
If the search result is positive, we get a result string similar to the following:
NameUser:x:1021:1021: NameUser,,,:/home/User:/bin/bash
If you need to search for a piece of text case-insensitively, the command will look like this:
grep -i "nameuser" /etc/passwd
In this case, both the user NameUser and his “namesake” nameuser will be found, as well as all other possible combinations.
Multiple line output
Let’s say we need to log all errors from the Xorg.log shell window. The task is complicated by the fact that after the erroneous one there may be a line containing valuable information. It is solved if we force the command to display multiple lines using the string “PP” as a template:
grep –A5 "РР" /var/log/xorg.0.log
Let’s get a line containing the template and 5 lines after it.
grep –C3 "РР" /var/log/xorg.0.log
Output a line with a snippet of text and three lines before and after.
Using regular expressions in grep
It is one of the most powerful Linux tools, significantly expanding the possibilities of generating a search template. Regular expressions have their own syntax, which is quite complex. We will not delve into it, limiting ourselves to an example of the use of RT. As you already know, the -e option is used to indicate that a regular expression is used next.
Let us in the messages.2 file need to catch all the lines for September:
grep "^Sep 09"
The result will be something like this:
Sep 09 01:11:45 gs124 ntpd[2243]: time reset +0.197579 s
Sep 09 01:19:10 gs124 ntpd[2243]: time reset +0.203484 s
To search for a template located at the end of the file line, use the “$” symbol:
grep "term.$" messages
Result:
Jun 17 19:01:19 cloneme kernel: Log daemon term.
Sep 11 06:30:54 cloneme kernel: Log daemon term.
And here is an example of using a regular expression to search for strings containing any digits other than zero:
grep "[1-9]" /var/log/Xorg.1.log
Using recursive search in grep
If you are familiar with the term “recursion”, then in Linux this technique is used, in particular, to search for a fragment in several files located in a directory and its subdirectories. The presence of recursion will be indicated by the -r option. Let’s say we need to look for the “namedomain.org” fragment in the files located in the subdirectories of the / etc / apache1 folder:
grep -r "namedomain.org" /etc/apache1/
The result might be something like this:
/etc/apache1/vhosts.d/ namedomain.org
If showing the filename is not required, use the -h option:
grep -h -r "namedomain.org" /etc/apache1/
Search for words
By default, the search for a qwe fragment will end with the output of all words in which this fragment occurs: kbqwe, qwe123, aafrqwe32. To restrict the search to only a given fragment, you need to use the -w parameter:
grep -w "qwe" где_искать
Search for two or more words
Let’s complicate the task: we need to find all the lines where two words occur. The command will be like this:
grep -w "word01|word02" где_искать
Number of occurrences of a string
If you want to count. How many times the required fragment occurs in the file, we use the construction with the -c parameter:
grep -c "'text» где_искать
The -n parameter will help you find out in which line the search pattern is found:
grep -n "nuser" /etc/passwd
Inverted search with grep
Sometimes the task of searching using grep through the contents of files is aimed at finding not the entry itself, but the lines where this fragment is missing. The –v option will help us:
grep -v "txt" где_искать
File name output
Even though you need to find all the files in the specified directory containing the template you are looking for. This can be done using the -l option. So, the complete command to output files containing the string “secondary” in the / etc folder would look like this:
grep -l "secondary" /etc
Colored output using grep
Highlighting with a different color is a great way to visualize the desired occurrence, significantly reducing eye strain if the operation is performed frequently. It turns out that grep has an option for displaying search results like this:
grep --color "secondary" /etc
Let’s move on to examining examples of using the find utility in Linux.
Search all files
To display a list of files located in the current directory, use the command in the following format:
find .
If you need to show the full name of files, use the command
find . -print
Outputting files in a given directory
To search for files in a user-defined folder, use the command
find ./etc
And here is how you can find files containing a given fragment in the name in the current directory:
find . -name "*.gif"
If the search needs to be done case-insensitively, the command needs to be modified:
Ignore case when searching by name:
find . -iname "*.gif"
Limiting search depth
Another fairly typical task is to search for files in a specific folder by a given name:
find . –maxdepth01 1 -name "*.html"
Inverting a template
We have already considered an analogue of the command for searching for strings that do not contain a given fragment. You can do the same with files that do not match the given pattern:
find . -not -name "user*"
Search by multiple criteria
Here is an example of a command line using the find utility to search for two criteria using the not operator (exception):
find . -name "user" -not -name "*.html"
In this case, files will be found whose name includes the user fragment, but whose extension is not html. Instead of the exception operator, you can use the logical “AND” / “OR”:
find -name "*.js" -o -name "*.sql"
In this case, we will get a complete list of files with both extensions located in the current directory.
Search multiple directories
If we need to find files in two directories, we simply specify from, separated by a space:
find -type f ./test01 ./test02 -name "*.sql"
In Linux, as in Windows, there are hidden files that will not be shown when using the find command without a special character. This symbol is a “tilde”, and the directive will look like this:
find ~ -name ".*"
Search files in Linux by permissions
Sometimes there is a need to filter a directory by a certain mask of rights. For example, if we need to find files with the 0661 attribute, we use the command:
find . -perm 0661
The task of filtering files with the “read-only” attribute is solved as follows:
find /etc/user -perm /u=r
And this is what the search for executable files in the etc directory will look like:
find /etc -perm /a=x
Search files by group / user
An administrator often has to face the task of finding files that are the property of a specific user and / or group. Search by user:
find . -user slavko
For user groups, another parameter is used:
find /var -group devs
Search by Last Modified Date
The visible date format of a file in Linux is precisely related to the date of its modification (the same principle is used in Windows). To form a list by date, use the mtime option. Let’s say we want to find files that were changed two months ago:
find /home -mtime 60
The file attributes include the date it was last opened (without any changes). Such files are output by the following command:
find /home -atime 60
You can also set a time span. To search for files modified between four and two months ago, we use the directive:
find /home -mtime +60 –mtime -120
And here’s how to find freshly modified files (two hours old):
find /home -cmin 120
Search files by size
Suspect someone is using the disc to host movies? We are looking for files with a size of 1.4 GB:
find / -size 1400M
Or use a range:
find / -size +1400M -size -2800M
Search for empty files / directories
Yes, don’t be surprised. The task of putting things in order on the media is not unique to the Android OS. In Linux, it is solved with the following directive:
find /var -type f -empty
An example of actions with found files
On Linux, the find command can recursively perform certain actions on the files you are looking for. The exec parameter must be used to execute file commands. So, the directive for displaying information about all files using the ls command would look like this:
find . -exec ls -l {} ;
And here’s how easy it is to delete temporary files with a given mask in the / home / temp directory:
find /tmp -type f -name “*.html” -exec rm -f {} ;
Of course, to a beginner, using the command line with a huge number of options to search for a search will seem a bit fanciful way, but in Linux it is the order of the day. How would you solve the problems described here on Windows? That’s the same. In this aspect, Linux is clearly ahead.