Finding/locating files with find command
UNIX/Linux system administrator can use nifty find utility to gain lots of useful information. This will help to monitor and enhance the security of system.
(A) Finding all set user id files
# find / -perm +u=s
OR
# find / -perm +4000
See also, shell script to find all programs and scripts with setuid set on.
(B) Finding all set group id files
# find / -perm +g=s
OR
# find / -perm +2000
See also, shell script to find all programs and scripts with setgid bit set on.
(C)Finding all large directories – For example find all directories taking 40k (kilobytes) blocks of space. This is useful to find out which directories on system taking lot of space.
# find / -type d -size +40k
/var/lib/dpkg/info
/var/log/ksymoops
/usr/share/doc/HOWTO/en-html
/usr/share/man/man3
(D) Finding all large files on a Linux
# find / -type f -size +10000k
/var/log/kern.log
/sys/devices/pci0000:00/0000:00:02.0/resource0
/sys/devices/pci0000:00/0000:00:00.0/resource0
/opt/03Jun05/firefox-1.0.4-source.tar.bz2
However my favorite hack to above command is as follows:
find / -type f -size +10000k -exec ls -lh {} \; | awk ‘{ print $8 “: ” $5 }’
/var/log/kern.log: 22M
/sys/devices/pci0000:00/0000:00:02.0/resource0: 128M
Above command will find all files block size greater than 10000k and print filename followed by file size. Now this is more informative than the normal output .