-------lsof-------
View deleted files (some deleted files are still occupied by processes)
lsof|grep -i delete
View opened files in the directory
lsof +D /var/ Log
view the file opened by the process, -c specifies the process name
lsof -p 100570
When you want to kill all open files and devices of a certain user, you can do this:
kill -9 `lsof -t -u gateway` where
the function of -t is to list the process id column separately
-i View network files ---
lsof [email protected] #View iP occupancy
lsof -i:80
#View port occupancy lsof [email protected]:22
List all network files opened by a certain process:
lsof -i -a -p4651
or
lsof -i -a -c ssh
-c command
-a and, the default is or
list all network files opened by a certain user:
lsof -i -a -u deploy
lists all tcp and udp connections:
lsof -i tcp
lsof -i udp
lists all NFS files: -N NFS
lsof -N -a -u lakshmanan
Note:
-u specifies the user (lsof -u ^lakshmanan can exclude a user)
-a and conditions, and; only multiple query conditions are met, use the "-a" parameter, the default is -o
----find---
Find by time:
delete files 7 days ago:
find -type f -mtime +7 -exec rm -f {} \;
+7 seven days ago
-7 seven days
-type #type, f file , D directory, l soft connection
-mtime #Last modification time
maximum number of levels search:
find -name startup.sh -exec bash {} \;
-maxdepth levels #maximum search level
-exec #Connect shell command, note: connect echo There will be problems with
regular matching of file names:
find. -Type f! -Regex'.*\.\(py\|sh\)$'
-regex and -iregex #Use regular matching, the latter ignores case
! #Does not match
to search by file size:
find /home/tomcat -type f -name catalina.out -size +1G -exec ls -lh {} \; #Find files larger than 1G and
search by permission:
find -type f- perm 755
change the directory to a tree structure:
find. -exec sh -c'echo -n {}|tr -d -c "/"|tr "/" "";basename {}' \;
Statistics for each folder Number of files:
for d in `find. -Type d`;do echo `find $d -type f|wc -l` files in $d;done
Count the number of files in each folder according to the structure:
find -type d -exec sh -c'echo -n {}|tr -d -c "/"|tr "/" "\-\-";echo `basename {}` has `find {} -type f|wc -l` files '\;
---- ls -----------
ls -R #Recursively view
ls */*2019* #View files containing 2019 in all current subdirectories
ls -t #sort by time
-t sort by modification time, newest first
ls -l --time-style=long- iso #Long format time
---inotify------ #Monitor
system file changes
inotifywait -drq -o /tmp/inotify.log --exclude'up.hostinfo.*' --exclude'^/etc/. java.*' --timefmt'%F %T' --format'%T %w %f %e' -e create -e delete -e close_write -e moved_to /etc /var/spool/cron/ /root/ .ssh/
-d daemon
-r recursive
-q quite
-o output log path
-e Events to be monitored
--exclude files to be excluded, support regular
format:
%T --timefmt specified time format
%w directory
%f file
%e When the event
max_user_watches is insufficient:
modify the parameter
echo 65535 >/proc/sys/ fs/inotify/max_user_watches
configuration file:
vim /etc/sysctl.conf
fs.inotify.max_user_watches=66666
----chmod
chmod 1777 /tmp