There's no doubt that searching files is a primary need on every system, whether is a website ,a storage, a database or the entire internet. Linux OS provides several very useful tools for the user to perform detailed and effective search operation against the entire filesystem and beyond.
Linux Find
"find" command is the main Linux filesystem search tool. The structure of the command is the following:
#find |directory| |-switch1| |-switch2|.... |-switchN|
So the first part is just the command find, on the second part is declared the directory where the search will be performed .Then on the third part consists of one ore more switches according to the search terms such as filename, filetype, creation time etc. On the last command switch the N switch, there's an option to execute commands over the search results.
A few examples
#find /home/user1/bucket -name tool
This is a simple search over the folder bucket under user1 home directory, searching for the item (file or folder) named "tool".
#find /home/user1/bucket -name tool -type f
Now the system will search only for files named tool. If we change the "type f" to "type d" then it will search for directories named tool.
#find /home/user1/bucket -name *.conf -type f
Of course there's also a wildcard option, which in this case we search for all the .conf files in the bucket directory.
#find /home/user1/bucket -name *.conf -type f -mtime 7
Here again the system will search only for .conf files but only .conf files that have been modified 7 days ago.
#find /home/user1/bucket -name *.conf -type f -mtime 7 -exec cp {} /home/user2/ \;
At last we can take the above search and perform a copy over the detected .conf files modified 7 days ago, with destination the home directory of user2 user.
Locate
Mlocate is an ultra fast utility which can help the user to easily find any file on the system without even having a clue in which directory it may reside. It achieves that by indexing all files with corresponding paths on a single database. Although it lacks the capabilities of find command, it surpasses it in speed and simplicity. So let's start by installing this utility.
#yum install mlocate for CentOS , RHEL, Amazon Linux
#apt install mlocate for Ubuntu and Debian based
#dnf install mlocate for Fedora
After the installation we need to force a database indexing by giving:
#updatedb
The update of the database has to be manually always. The only way that is performed automatically is only during a system reboot.
Now lets say that I need to change my DNS resolver. I just remember that the name of the conf file is resolv.conf but I don't have a clue where this file is so I can just give:
#locate resolv.conf
and within fractions of seconds I got the result which of course is: /etc/resolv.conf
Now let's assume that I've installed apache, but this is my first time with this program and I don't even know where are the related directories have been installed. After updating the database with the updatedb command I can give
#locate -i apache
And I got all the files and directories , with full path, containing the word :apache". Switch -i is for ignoring case.
Grep
Grep is a very powerful command to search inside files. It is very using for log reading, scripting even manipulating the contents of a file. The basic syntax is the following:
#grep nameserver resolv.conf
This command will search inside resolv.conf file for the word nameserver and it will return the entire line of each finding. eg the output will be something like:
nameserver 1.1.1.1
nameserver 8.8.8.8
#grep -v nameserver resolv.conf
Will return the exact opposite of the match, so it will hide the above result and display all the rest of the file.
#grep -o nameserver resolv.conf
Will return only the matching words so in our case the output result will be:
nameserver
nameserver
#grep -A 1 1.1.1.1 resolv.conf
Will return one line after the specified match "nameserver 8.8.8.8" and
#grep -B 8.8.8.8 resolv.conf
Will return one line before the match, thus "nameserver 1.1.1.1"
Last, but not least a very powerful option is :
#grep -r nameserver /etc
This command will search recursively the entire /etc/ directory for the string "nameserver" and it will return the full path of each file along with the line containing that string eg in the resolv.conf case the output will be:
/etc/resolv.conf:nameserver 1.1.1.1
/etc/resolv.conf:nameserver 8.8.8.8
