10 ways to finding things in linux


Basically i am talking about Linux terminal and without installing any new programs. I will also not use any programming languages. I am not digging into regexp details, please refer to their documentations. Many programs have their own regexp and syntax so I usually pipe the output to the input of egrep or such to satisfy my needs. This document is for reference and only states how i use them. These are obviously not the only ways.

1. ls (dir also does things similar) : List the contents. Ls is the first command I use to search in Linux. Obviously the very basic but also, very useful if you know in which directory your file is. This command was written partly by Richard stallman himself. To do a simple search just type ls followed by the file name. Other examples:

    # To search file names with a fixed file-type (Using Wildcard)
    # Here I am searching for mp3 files in my current directory
    ls -C *.mp3
   
    * this matches everything that has a ‘.mp3’ anywhere in the filename and puts it in a column (-C).
   
    # To search for file whose filetype and first starting character I remember
    # I am searching for mp3 files whose first character is y
    ls | egrep ‘^[Yy].*.mp3$’
   
    * this matches everything starting(‘^’ for starting character) with a ‘Y or y’ and any number (here ‘*’ for any number of times) of character (here ‘.’ for any character) following it which ends in “.mp3” (here $ as end of line).
   
2. locate : Locate is a command line file search utility which finds file by it’s name until regexp is used. Unlike ls, locate searches for files in all directories. But it has a major drawback. It uses a database(‘/var/lib/mlocate/mlocate.db’) to search from, which might not be updated all the time.

    # To update the database use
    updatedb

3. who (also, finger and w) : While a little different, it searches for users who are logged into the computer right now. Finger provides a little more detail
    # To find out who logged into the system after the computer booted type:
    who -a -H
   
4. whatis (apropos and man) : These commands searches for discription about some binaries, files whose manual pages are available. It is very useful to find out if an application is installed which additionally displays descriptions (short description in whatis and broader and long description in apropos and a complete manual with man) of the application. whatis and apropos supports regex and wildcards.

    # To find out if ls is installed in your system with whatis type:
    whatis ls
   
    # To do the same with apropos
    apropos -e ls

5. whereis : Whereis searches for binary files, source files and manual pages about the binary or source.
It is useful to find out where a binary is located and where is it executed from. It doesnot support regex and wildcards.
    # To find out where ls is located type
    whereis ls

6. find: The most advance tool to search from command line installed by default is find. It searches for files in a directory hierarchy.

    # Ls like command from Find
    find Desktop/ -print

    # Starting from root Find file with filename
    find / -name fname
   
    # Starting from root find string ‘fname’ in a filename
    find / -name “*fname*”
   
    # To Find all setuid and setgid programs on your host
    sudo find / -type f -perm +6000 -ls 2>/dev/null

    * “Set-user-ID root” programs run as the root user, regardless of who is executing them,
    and are a frequent cause of buffer overflows. So, I’ll find them to remove selected ones.

   
    # Find all world-writable files on your system
    sudo find / -perm -2 ! -type l -ls 2>/dev/null
   
    * The stderr (here ‘2’) is sent to (with ‘>’) /dev/null (a null file in linux).

    # Identify all files that do not have an owner or belong to a group
    sudo find / -nouser -o -nogroup
   
    # Suppose that, I want to find out a file whose name I don’t remember but could decide which file it is by viewing     the first line

    find Desktop/ -print0 | xargs -0 head –lines 1 2>/dev/null
   
    * Find prints full filenames of Desktop to stdout followed by null character. Which is piped to xargs which manages spaces and characters and blissfully redirects the output to child processes that prints 1 line from it’s start which are created every-time a filename is encountered.
   
7. ps:ps displays information about a selection of the active processes. If
       you want a repetitive update of the selection and the displayed
       information, use top instead. Other ps like commands are (top,pgrep and pstree)
      
       # To see every process in the system
       ps -ef
      
       # To print a process tree
       ps -ejH or a beautiful one with ps -ef –forest
      
       # To see every process running as root
       ps -U root -u root u
      
       # Send Termination signal to Process ‘MySql’ after finding it’s id
       sudo kill -s TERM ‘ps -C mysqld -o pid=’
      
       # Sort according to cpu usage
       ps u -e –sort cp
      
       # Sort according to memory uses
       ps u -e –sort pmem

8. netstat: Netstat  prints  information about the Linux networking subsystem.

    # To display a complete information
    netstat
   
    # To display information interface wise
    netstat -i
   
    # To display information about routing
    netstat -r

    # Show network statistics
    netstat -s
   
    # Display lsof type result
    netstat -p
   
9. proc: Proc file system is a pseudo-file system which is a kernel and process information gathering virtual filesystem. To access a process and it’s information use syntax: “/proc/[pid]/…”

    # To Find a processes status
    cat /proc/[pid]/stat
   
    # To find the command line for a process
    cat /proc/[pid]/cmdline
   
    # To find the environment variable of the process
    (cat /proc/1/environ; echo) | tr ’00’ ‘\n’
   
    # To fetch information about your battery where BAT0 is battery id
    cat /proc/acpi/battery/BAT0/info
   
    # To fetch information about your cpu
    cat /proc/cpuinfo
   
    # To fetch information about filesystems in your computer
    cat /proc/filesystems
   
    # An alternative to fstab
    cat /proc/mounts
   
10. lsof :
   
    # List open files used by internet
    lsof -i
   
    # List files opened by internet and used by example.com and port 20
    lsof -i @example.com:20
   
    # List all open files on device sda1
    lsof /dev/sda1