介紹如何在 Linux 系統上結合 find 與 grep 指令,列出含有關鍵字內容的檔案。
若要列出含有關鍵字的檔案,可以使用 find 尋找指定的檔案後,再搭配 grep 指令與 -l 參數列出檔案名稱,篩選出含有關鍵字的檔案。
例如列出 /etc/ 目錄之下,內容含有 adm 這個關鍵字的 *.conf 設定檔,可以執行以下指令:
# 列出 /etc/ 目錄之下含有 adm 這個關鍵字的 *.conf 檔案 find /etc/ -name "*.conf" -exec grep -l adm {} \;
/etc/sysctl.d/10-ptrace.conf /etc/adduser.conf /etc/php/7.2/fpm/pool.d/www.conf /etc/cups/cups-files.conf /etc/cups/cupsd.conf /etc/cups/cups-browsed.conf /etc/postgresql/10/main/pg_hba.conf /etc/security/namespace.conf /etc/security/pam_env.conf /etc/security/group.conf /etc/rsyslog.conf /etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf /etc/sensors3.conf /etc/gai.conf /etc/fonts/conf.d/65-nonlatin.conf /etc/fonts/conf.avail/65-nonlatin.conf /etc/PackageKit/PackageKit.conf /etc/debconf.conf
如果希望在使用 grep 搜尋關鍵字時僅匹配完整的單字,排除部分匹配的單字,可以在呼叫 grep 時加上 -w 參數。
例如若想要搜尋 adm 這個單字,排除 admin 這類僅有部分符合的字眼,就可以執行以下指令:
# 列出 /etc/ 目錄之下含有 adm 這個單字的 *.conf 檔案 find /etc/ -name "*.conf" -exec grep -lw adm {} \;
/etc/security/namespace.conf /etc/rsyslog.conf
若要顯示各個符合搜尋條件的檔案名稱,並且搭配實際匹配的檔案內容,可以在呼叫 grep 時加上 -n(顯示行號)與 -H(顯示匹配的檔案名稱)參數。
# 輸出匹配行 find /etc/ -name "*.conf" -exec grep -wnH adm {} \;
/etc/security/namespace.conf:8:# name, Polyinstantion will not be performed for user root and adm for directories /etc/security/namespace.conf:26:#/tmp /tmp-inst/ level root,adm /etc/security/namespace.conf:27:#/var/tmp /var/tmp/tmp-inst/ level root,adm /etc/rsyslog.conf:44:$FileGroup adm
若要顯示匹配行附近幾行的內容,可以搭配以下幾種參數:
-A3:顯示匹配行之後的 3 行內容,數字可自由調整。-B3:顯示匹配行之前的 3 行內容,數字可自由調整。-C3:顯示匹配行前後的 3 行內容,數字可自由調整。# 輸出匹配行,以及隨後的 3 行內容 find /etc/ -name "*.conf" -exec grep -wnHA3 adm {} \;
/etc/security/namespace.conf:8:# name, Polyinstantion will not be performed for user root and adm for directories /etc/security/namespace.conf-9-# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users. /etc/security/namespace.conf-10-# The user name and context is appended to the instance prefix. /etc/security/namespace.conf-11-# -- /etc/security/namespace.conf:26:#/tmp /tmp-inst/ level root,adm /etc/security/namespace.conf:27:#/var/tmp /var/tmp/tmp-inst/ level root,adm /etc/security/namespace.conf-28-#$HOME $HOME/$USER.inst/ level /etc/rsyslog.conf:44:$FileGroup adm /etc/rsyslog.conf-45-$FileCreateMode 0640 /etc/rsyslog.conf-46-$DirCreateMode 0755 /etc/rsyslog.conf-47-$Umask 0022
# 輸出匹配行,以及之前的 3 行內容 find /etc/ -name "*.conf" -exec grep -wnHB3 adm {} \;
/etc/security/namespace.conf-5-# Uncommenting the following three lines will polyinstantiate /etc/security/namespace.conf-6-# /tmp, /var/tmp and user's home directories. /tmp and /var/tmp will /etc/security/namespace.conf-7-# be polyinstantiated based on the MLS level part of the security context as well as user /etc/security/namespace.conf:8:# name, Polyinstantion will not be performed for user root and adm for directories -- /etc/security/namespace.conf-23-# caution, as it will reduce security and isolation achieved by /etc/security/namespace.conf-24-# polyinstantiation. /etc/security/namespace.conf-25-# /etc/security/namespace.conf:26:#/tmp /tmp-inst/ level root,adm /etc/security/namespace.conf:27:#/var/tmp /var/tmp/tmp-inst/ level root,adm /etc/rsyslog.conf-41-# Set the default permissions for all log files. /etc/rsyslog.conf-42-# /etc/rsyslog.conf-43-$FileOwner syslog /etc/rsyslog.conf:44:$FileGroup adm
# 輸出匹配行,以及前後各 3 行內容 find /etc/ -name "*.conf" -exec grep -wnHC3 adm {} \;
/etc/security/namespace.conf-5-# Uncommenting the following three lines will polyinstantiate /etc/security/namespace.conf-6-# /tmp, /var/tmp and user's home directories. /tmp and /var/tmp will /etc/security/namespace.conf-7-# be polyinstantiated based on the MLS level part of the security context as well as user /etc/security/namespace.conf:8:# name, Polyinstantion will not be performed for user root and adm for directories /etc/security/namespace.conf-9-# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users. /etc/security/namespace.conf-10-# The user name and context is appended to the instance prefix. /etc/security/namespace.conf-11-# -- /etc/security/namespace.conf-23-# caution, as it will reduce security and isolation achieved by /etc/security/namespace.conf-24-# polyinstantiation. /etc/security/namespace.conf-25-# /etc/security/namespace.conf:26:#/tmp /tmp-inst/ level root,adm /etc/security/namespace.conf:27:#/var/tmp /var/tmp/tmp-inst/ level root,adm /etc/security/namespace.conf-28-#$HOME $HOME/$USER.inst/ level /etc/rsyslog.conf-41-# Set the default permissions for all log files. /etc/rsyslog.conf-42-# /etc/rsyslog.conf-43-$FileOwner syslog /etc/rsyslog.conf:44:$FileGroup adm /etc/rsyslog.conf-45-$FileCreateMode 0640 /etc/rsyslog.conf-46-$DirCreateMode 0755 /etc/rsyslog.conf-47-$Umask 0022
若希望 grep 在搜尋時可以不區分英文大小寫,可以加上 -i 參數:
# 列出有 adm 這個關鍵字的檔案,不分大小寫 find /etc/ -name "*.conf" -exec grep -li adm {} \;
/etc/sysctl.d/10-ptrace.conf /etc/adduser.conf /etc/php/7.2/fpm/pool.d/www.conf /etc/cups/cups-files.conf /etc/cups/cupsd.conf /etc/cups/cups-browsed.conf /etc/postgresql/10/main/pg_hba.conf /etc/security/namespace.conf /etc/security/pam_env.conf /etc/security/group.conf /etc/rsyslog.conf /etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf /etc/polkit-1/localauthority.conf.d/50-localauthority.conf /etc/sensors3.conf /etc/gai.conf /etc/fonts/conf.d/65-nonlatin.conf /etc/fonts/conf.avail/65-nonlatin.conf /etc/PackageKit/PackageKit.conf /etc/debconf.conf /etc/hdparm.conf