Tag Archives: mtime

Useful GNU/Linux search commands

These will work on any GNU/Linux system.

Find the email address someone@example.com within the path /etc recursively

grep -H -r "someone@example.com" /etc

-H, –with-filename
Print the file name for each match.
-R, -r, –recursive
Read all files under each directory, recursively

Find every file under the directory /home owned by the user john

find /home -user john

Find every file under the directory /usr ending in ”log”

find /usr -name *log

Find every file under the directory /etc that was modified more than 60 days ago

find /etc -mtime +60

Runs `file’ on every file in or below the current directory

find . -type f -exec file '{}' \;

Search for files in your home directory which have been modified in the last twenty-four hours. This command works this way because the time since each file was last modified is divided by 24 hours and any remainder is discarded. That means that to match -mtime

find $HOME -mtime 0

Search for files which have read and write permission for their owner, and group, but which other users can read but not write to. Files which meet these criteria but have other permissions bits set (for example if someone can execute the file) will not be matched

find . -perm 664

Search for files which have read and write permission for their owner and group, and which other users can read, without regard to the presence of any extra permission bits (for example the executable bit)

find . -perm -664

Search for files which are writable by somebody (their owner, or their group, or anybody else)

find . -perm /222

All three of these commands do the same thing, but the first one uses the octal representation of the file mode, and the other two use the symbolic form. These commands all search for files which are writable by either their owner or their group. The files don’t have to be writable by both the owner and group to be matched; either will do

find . -perm /220
find . -perm /u+w,g+w
find . -perm /u=w,g=w

Both these commands do the same thing; search for files which are writable by both their owner and their group

find . -perm -220
find . -perm -g+w,u+w

These two commands both search for files that are readable for everybody (-perm -444 or -perm -a+r), have at least on write bit set (-perm /222 or -perm /a+w) but are not executable for anybody (! -perm /111 and ! -perm /a+x respectively)

find . -perm -444 -perm /222 ! -perm /111
find . -perm -a+r -perm /a+w ! -perm /a+x

// CrashMAG