The find command is used to locate files on a Unix or Linux system.  find will search any set of directories you specify for files that match the supplied search criteria.  You can search for files by name, owner, group, type, permissions, date, and other criteria.  The search is recursive in that it will search all subdirectories too.  The syntax looks like this:

find   where-to-look     criteria       what-to-do

All arguments to find are optional, and there are defaults for all parts.  (This may depend on which version of find is used. Here we discuss the freely available GNU version of find. For example where-to-look defaults to (.) (that is, the current working directory), criteria defaults to none (that is, show all files), and what-to-do (known as the find action) defaults to -print (that is, display the names of found files to standard output).  Technically the criteria and actions are all known as find primaries.

For example:


will display the pathnames of all files in the current directory and all subdirectories.  The commands

find . -print
find -print
find .

do the exact same thing.  Here's an example find command using a search criterion and the default action:

find / -name foo

This will search the whole system for any files named foo and display their pathnames.  Here we are using the criterion -name with the argument foo to tell find to perform a name search for the filename foo.  The output might look like this:


If find doesn't locate any matching files, it produces no output.

The above example said to search the whole system, by specifying the root directory ("/") to search.  If you don't run this command as root, find will display a error message for each directory on which you don't have read permission.  This can be a lot of messages, and the matching files that are found may scroll right off your screen.  A good way to deal with this problem is to redirect the error messages so you don't have to see them at all:

find / -name foo 2>/dev/null

You can specify as many places to search as you wish:

find /tmp /var/tmp . $HOME -name foo

Another common use is to locate all files owned by a given user ("-user username").  This is useful when deleting user accounts.

A few days back, I have to find in my machine files that belong to a user or to a group. The general form are like below:

# find location -user username -group groupname

To find files in / directory owned by user foo:

# find / -user bolt

To find files in / directory owned by user in group bar:

# find / -group bolt

To find files in directory / owned by user foo and group bar:

# find / -user bolt -group sales

You can also use uid or gid
To find files belong to uid 500:

# find / -uid 500

To find files that belong to gid 500

# find / -gid 500

You can also find files with various permissions set.  "-perm /permissions" means to find files with any of the specified permissions on, "-perm -permissions" means to find files with all of the specified permissions on, and "-perm permissions" means to find files with exactly permissions.  Permissions can be specified either symbolically (preferred) or with an octal number.  The following will locate files that are writeable by "others" (including symlinks, which should be writeable by all):

find . -perm -o=w


The locate command is often the simplest and quickest way to find the locations of files and directories on Linux and other Unix-like operating systems.
The basic syntax for locate is:

locate         [options]   name(s)

When used without any options, locate displays every absolute pathname for which the user has access permission that contains any of the names of files and/or directories that are provided to it as arguments (i.e., input data).

The absolute pathname, also referred to as the absolute path or the full path, is the hierarchy of directories from the root directory to the designated file or directory. The root directory is the directory at the very top of the filesystem (i.e., hierarchy of files) that contains all other directories and files on the system and which is designated by a forward slash (/). It is important that the absolute pathname is returned both because it tells the exact locations on the system and because it makes it possible to indicate the locations of files or directories that have the same name but different absolute paths.

Thus, for example, the following would list the absolute paths of all files named file1 and all directories named dir1 for which the user had access permission:

locate file1 dir1

It would also list any other absolute pathnames that contained these strings (i.e., sequences of characters), for example /home/john/file123 or /usr/local/mydir1/index.html.

The specificity of locate can be increased by using it together with wildcards or other regular expressions. Wildcards are characters that can be used to substitute for any other character or characters. For example, the star character (*) is a wildcard that can represent any single character or any string containing any number of characters. Regular expressions are a string that describes or matches a set of strings, according to certain syntax rules. For example, the following command uses the star wildcard to display all files on the system that have the .png filename extension:

locate "*.png"

The -q option is used to suppress error messages, such as those that might be returned in the event that the user does not have permission to access designated files or directories. Thus, the following would suppress any error messages in the above example:

locate "*.png" -q

It is often the case that a large number of results will be returned for any query. The -n option followed by an integer limits the results to a specific number. For example, the following command would display only 15 results in a search for files that have an .html extension:

locate -n 15 "*.html"

An alternative is to use a pipe (represented by the vertical bar character) to redirect the output of locate from the display screen to a pager such as more or less, which presents only one screenful of output at a time, for example,

locate "*.html" | less

The -i option performs a case-insensitive search. That is, it will return any results that match the arguments regardless of whether individual letters are lower case or upper case. For example, the following would return all files with the extension .html, .HTML, or some combination thereof:

locate -i "*.HtmL"

On some systems, such as Red Hat, the program slocate is installed by default instead of locate, and entering the locate command activates a script (i.e., a short program) that causes slocate to be launched. slocate provides a secure way to index and quickly search for files on a system by storing file permissions and ownership data so that users will not see files for which they do not have access.

The -V option can be used to show which version of locate is used, including whether it is locate or slocate. Another way to determine whether slocate is being used is to see if an absolute pathname such as /usr/bin/slocate is returned when the following command is issued:

locate locate

locate and slocate actually search a built-in database, named locate.db or slocate.db, respectively, rather than the entire hard disk drive itself, in order to provide a much shorter searching time. This database is automatically updated on a regular basis by cron, a small program that runs in the background, performing various tasks at regularly scheduled intervals. The updating is performed each night if the computer is on continuously.

Because the database is not updated immediately, recently created files and directories might not show up when searching for them with locate or slocate. Fortunately, however, it is a simple matter to update the database manually, although it might take a few minutes. Manual updating can be accomplished by logging in as the root user (i.e., administrative user), such as by using the su (i.e., substitute user) command, and then issuing the following command:


The same thing can be accomplished by the root user by using locate with its -u (i.e., update) option, i.e.,

locate -u

For the curious, the database is located at /var/lib/slocate/slocate.db on some systems, such as Red Hat. Its exact location on any particular system can be found by the root user (because ordinary users will not have access permission on most systems) with the locate command as follows:

locate locate.db

The database is a binary file (i.e., a non-text file). However, for the really curious user who has root permission, the human-readable portion of its contents can be viewed by first using the strings command to extract all the plain text and by then piping the output to less for displaying one screen full at a time as follows:

strings /var/lib/slocate/slocate.db | less

If it is desired to perform a more sophisticated search, including searching by attributes other than name (e.g., by size, creation date or location), the find command should be used.

To know about the courses CLICK HERE..!!

Contact US CLICK HERE..!!


  1. Hi everyone i am rahul verma from new delhi, I complete my red hat linux training and certification from techgrills

  2. Thanks for one marvelous posting! I enjoyed reading it; you are a great author. I have read your blog its very attractive and impressive. I like it your blog. linux training in delhi Thanks for sharing nice post..