Language Selection

English French German Italian Portuguese Spanish

Tutorial: Using the 'find' Command

Filed under
HowTos

GNU find is a powerful command-line utility that lets you search for files and folders in a hierarchical tree directory structure. It is the backend for all those utilities out there like the graphical searching in KDE or GNOME. However, find can be a little hard to handle at first by beginners. In this tutorial I will try to explain some of the capabilities of find, show some useful one-liners and provide more explanations regarding this command.

In this tutorial I will start from the basic ways of using find and head up into showing more complicated (but very useful) ways of getting the most out of it, in order to search and display exactly the results that you are looking for. The version of find that I currently have installed is 4.4.2, as it comes with Ubuntu 12.04 Precise Pangolin, and Bash 4.2.20 (older versions should work without problem too). Special thanks go to http://www.commandlinefu.com/ for some really great one-liners.

If you’re not familiar with the terminal, command-line or Linux in general I suggest you read my introductory tutorial here: Introduction to Linux Command-Line for Beginners.
The Basics

The simplest way of using find is by typying it in a terminal:

find

This will list all the files and folders (including hidden ones and their sub-files and sub-folders) in the current directory, following the whole hierarchical structure. This will usually generate a long list of files and doesn’t seem to give us much. It’s exactly the same as:

find .

Where . is the currently working directory. This will list all the files and folders in the currently working directory.

It’s probably best to use a new folder somewhere in the file system to see this in effect, a folder which doesn’t have many sub-folders and files.

Moving on, let’s search for all the files that include the name profile in their filename:

find . -name *profile*

* is a wildcard that replaces any number of characters or no character. The above command searches in the current folder for the name *profile*.

find /usr/share -name FreeSans*

This will search inside /usr/share for all the files that start with FreeSans (and end in whatever characters e.g. FreeSans.ttf). I recommend using double quotes around the pattern to search for e.g. find . -name “.bash*”.

Another example:

find /usr/share -name FreeSans* | grep Oblique

So now you know how to search for a certain filename in a specific location.
Uppercase/Lowercase

Sometimes you need to ignore uppercase and lowercase and just search for text by ignoring case-sensitive. We’ll to this just by replacing -name with -iname:

find /usr/share -iname FREESANS*

Date

find . -mtime +3 -iname *somefile*

This will search for files that were created earlier than 3 days ago.
Get only the filename instead of whole path to the file

find will return the whole path to the files that match the search pattern, so in order to get only the filename you can use the fprintf argument command:

find /usr/bin -name "alsa*"

To get only the filename, use:

find /usr/bin -name "alsa*" -printf "%f\n"

By size

To search for files by size, use the -size argument, for example:

find /usr -size +500k -name "*png"

This will search inside /usr for files which are equal to or larger than 500 KB and are ending in png. Another example:

find /usr -size +1M -name "*png"

Which will search for files which are bigger than 1 MB in size. Instead of the plus sign, you could use minus in order to search for files that are smaller than a specified size:

find /usr -size -10c -name "*png"

The -10c specifier tells find to only display files which are smaller than 10 bytes. Don’t forget the + or – preceding the desired filesize.
Automatically list details about the found files

You could use a pipe and the xargs command for this:

find /usr/lib -size +2M -name "*.so" | xargs ls -lh

Notice that this will list the files in the current directory if find returns no file.
Searching for files than contain specific text

This is probably one of the most useful ways to search for some file which name you’ve forgot but you know some of the text it contains inside.

find . -name "*bash*" -exec grep -l "aliases" {} +

This will search in all the files that contain the patter bash for the word aliases. Those files that contain this pattern will be printed out.
Some useful one-liners

Find top 20 largest files:

find . -type f -print0 | xargs -0 du -h | sort -hr | head -20

References

Special thanks go to http://www.commandlinefu.com/ and the following articles:

https://www.linux.com/learn/tutorials/316404-10-tips-for-using-gnu-find
http://www.ibm.com/developerworks/aix/library/au-unix-find.html
http://www.linux.ie/newusers/beginners-linux-guide/find.php
http://www.cyberciti.biz/faq/howto-recursively-search-all-files-for-words/

http://www.tuxarena.com/2012/03/tutorial-using-the-find-command

More in Tux Machines

today's leftovers

  • M$ Kicks Second Most Loyal Users In The Teeth [Ed: context below]
  • Windows 10 updates are now ruining pro-gaming streams
    Forcing a gaming PC to update mid-game during a livestream to up to 130,000 followers isn’t best advert for the software
  • Containers Used on over Half of New Apps in Production
    Shippable, the Seattle-based producer of a continuous delivery platform for software developers, recently quizzed 300 coders in the U.S. and found that more than half of them (52 percent) are using Docker or other container technologies to deploy their new applications in production. Fourteen percent are using containers for development and testing purposes. Indicating that 2016 is the year that containers cement their hold on the enterprise, a whopping 89 percent of respondents told the startup that they were very or somewhat likely to increase their use of the DevOps-enabling technology within the next 12 months. Developers are turning to containers when speed is of the essence. Containers have helped a majority of developers (74 percent) ship new software at least 10 percent faster. Eight percent are enjoying a 50-percent boost.
  • Divide et Impera
    But for those committed long term to an on premise model, new tactics are required. In a market that is struggling with fragmentation, solutions must become less fragmented. In some cases this will mean traditional formal partnerships, but these can be difficult to sustain as they require time and capital resource investments from companies that are certain to be short on one if not both. History suggests, however, that informal aggregations can be equally successful: the Linux, Apache, MySQL and PHP combination, as one example, achieved massive success – success that continues to this day.
  • gNewSense 4.0 released
    I hereby announce the release of gNewSense 4, codenamed Ucclia. It's based on a solid Debian, modified to respect the Free Software Foundation's and is available for 3 architectures: i386, amd64 and mipsel (Lemote Yeeloong).
  • IPFire 2.19 Core Update 102 Linux Firewall OS Lands More OpenSSL Security Fixes
    Yesterday we reported news on the release of the IPFire 2.19 Core Update 102 Linux kernel-based firewall distribution, which brought many security patches and improvements, along with updated components. Today, May 5, 2016, we're informing our readers about the immediate availability of IPFire 2.19 Core Update 102, a small maintenance build to the stable IPFire 2.19 distribution that updates the OpenSSL package to version 1.0.2h, fixing a total of six vulnerabilities discovered upstream.
  • Samsung’s Artik 10, starts shipping in the US for $150
    Samsung’s Artik development boards are finally reaching hands of consumers in the US. The Artik development boards which were unveiled back in May 2015 at the IoT World 2015 have taken quite a lot of time to become consumer ready and take over the likes of the new Raspberry Pi 3, Pine 64,etc which have revolutionized the DIY Maker community with the “PC ona board” concept. And now, the Artik 10- the most powerful board from the Artik series is all set to intensify the ongoing competition. Priced at $150, which is more than what one would pay for 4 $35 priced Raspberry Pis, Samsung will sure have to do a lot to of work to impress the buyers and build a community around it.
  • Security advisories for Wednesday
  • ​Why I Hate Security, Computers, and the Entire Modern Banking System
    I woke up yesterday to find that a string of mysterious credit card payments had wiped out my checking account. I spent the next few hours as a prisoner of the phone tree, being interrogated on the transactions that I wanted answers about. No, I did not have a Banana Republic credit card. I didn’t have a Capital One credit card either. And I had no idea who Michael was, or what he was doing with all my money. The woman on the other end of the phone flagged transaction after transaction. For each one, she read me a long, pre-written paragraph of instructions and disclaimers—verbatim, even if she had repeated the same words just before. “Okay, so,” I said, when she was finally done. “It looks like this person is paying off credit cards through the web. What… am I supposed to do about that? What information do they have that lets them do it?” “It looks like they have your routing number and account number,” she told me. “You should close this account and get a new one.” I thanked her and hung up. Then my head exploded.

Leftovers: Software

  • Cockpit 0.105
    Cockpit is the modern Linux admin interface. There’s a new release every week. Here are the highlights from this weeks 0.105 release.
  • Mercurial 3.7 and 3.8
    The Mercurial project continues its fast pace of innovation in version control. Both major releases this year (3.7 and 3.8) have very important new features that promise to improve user experience to a large degree.
  • KDE neon User Edition Testing Survey Results
    We made a tech preview release of KDE neon User Edition 10 days ago and I made up a survey to get results for how people’s experiences were. We got 59 responses, here’s a summary:
  • Blog backlog, Post 1, Emoji
  • Nautilus & Gtk+ status – 1 year of progress
    Today I was having a rough time thinking on how to implement the new GtkPathBar, which is taking more time and frustration than expected given some technological limitations on animations in gtk+ and that responsive design is technologically hard to do.

Red Hat pilots new leadgen program in Canada targeting the mid-to-high market

Fedora: The Latest

  • Fedora’s Love For Python Continues
    In this digital age, there is still some use for having messaging that is easy to distribute and consume. While it may seem quaint and old-fashioned, hard-copy content is a useful way to deliver information at events like conferences and meetups.
  • Fedora account system and FreeIPA
    Over the years, a number of times, people have asked us about migrating from our own custom Fedora Account System (FAS) to FreeIPA.
  • Testing FreeIPA in openQA
    openQA has some integration with Open vSwitch and it’s what the SUSE folks use, so I went with that. You basically have to create a tap device for each worker instance and use something like OVS to connect those devices together with a virtual bridge or whatever so the test VMs can communicate. The VMs also need to access the per-job web server that os-autoinst runs for the worker to upload logs to and download scripts to run from (in some cases), so in the reference set up you have that bind to the bridge interface and ensure the firewalling is set up so the VMs can reach it. And if you need the VMs to have access to the external network, as we do for FreeIPA testing (dnf and rolekit just do not want to work without access to the repositories), you have to basically set up NAT routing for the traffic from the VMs. It’s lots of network configuration fun!