Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
In Linux Last updated: November 22, 2022
Share on:
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

In its basic form, find is easy.  At the same time, it can be complex with the number of options, tests, and actions available.

The find command is an incredibly powerful tool, and putting effort into learning it can be rewarding. It will help you in performing various system administration tasks efficiently, like disk space management, recursive file operations, and backups.

Linux find command searches for files and folders based on the criteria you define and allows you to perform an action on the search results. The syntax of find is like this:

$ find directory-to-search criteria action


  • directory-to-search is the starting point from where find starts looking for files. The search includes all subdirectories under this directory.
  • criteria (test) tells which files to search for
  • action tells what to do with each file found matching the criteria.


Search by name

Here is a simple example. The following command searches for the file a.txt in the current directory:

$ find . -name "a.txt"


  • . refers to the current directory
  • -name test specifies the criteria to be matched

This search with -name test is case-sensitive and would ignore file A.txt. To ensure that your search is case-insensitive use -iname test:

$ find . -iname "a.txt"

To search for all .jpg image files in the current directory, use the wildcard pattern *.jpg:

$ find . -name "*.jpg"

You can use the directory name in which to search. For example, to search for all .jpg images in /home directory:

$ find /home -name "*.jpg"
find: `/home/ubuntu/.ssh': Permission denied
find: `/home/me/testfiles': Permission denied
find: `/home/me/data': Permission denied
find: `/home/me/.cache': Permission denied

If you see too many permissions denied errors, you can add 2>/dev/null at the end of the command. This redirects error messages to /dev/null device, and gives a cleaner output:

find /home -name "*.jpg" 2>/dev/null

Search by file type

Using the -type test you can search files by type. File types can be:

f plain files
d directories
l symbolic links
b block devices
c character devices
p named pipes
s sockets

For example, using the test -type d will list only directories:

$ find . -type d

Search by file size

You may need to search for large files and delete them. In the following example, the test -size is followed by the string +1G. This would search for all files larger than 1 GB.

$ find . -size +1G 

The + sign means search files larger than the following number. A minus symbol (-) can be used to indicate smaller than. Using no sign would mean match size exactly.

The number is followed by the file size unit. Units can be:

Character Fine size unit
b 521 bye blocks
c Bytes
k Kilobytes
M Megabytes
G Gigabytes

Search empty directories and files

Use -empty test to find empty directories and files like this:

$ find . -empty

Search by file modification time

You can search for all files and directories based on create or modification time with -cmin test. To search for all files modified in the last 60 minutes (less than 60) use -60 like this:

$ find . -cmin -60

For files modified anytime prior to the last 60 minutes, use +60.

Search by access time

You can search for files by last access time, with -atime test. For example, the following command searches for files not accessed in the last 180 days:

$ find . -atime +180

These could be moved to a backup device if disk space is running short.

Search by user name

With -user username test you can search all files and directories belonging to a user. For example, the following command searches for all files and directories owned by user ubuntu in /home directory:

$ find /home -user ubuntu 2>/dev/null

Search by mode

Wish to search files set to a specific mode, that is, have a specific set of permissions? Use -perm test. The following example searches for files with permissions set to 777:

$ find /home -perm 777


You can use the following three logical operators to combine multiple tests in a single find command:

  • -and
  • -or
  • -not

For example, the following command searches for files larger than 100MB owned by user me:

$ find /home  -user me  -and  -size +100M  2>/dev/null

The following command looks for files larger than 100MB owned by user me or by user vagrant:

$ find /home \( -user vagrant -or -user me \)  -and  -size +100M  2>/dev/null

You need to place a backslash character in front of the parentheses so as to prevent the shell from trying to interpret them.


find gives you the search results and then the choice to perform an action on them. Here are some predefined actions:

Action Description
-delete Deletes files which match the search criteria
-ls Shows a detailed ls output with file sizes and inode count
-print Shows the full pathname of the matching files. It’s the default action if no other action is specified
-exec Executes the command which follows, on each line of the search output

So, if you wish to search for all empty files and delete them, this is how you can do it:

$ find . -empty -delete

Caution: Before you use the delete action it is always safe to run the command once with -print action and confirm the results.

The -exec action is special. It allows you to execute a command of your choice on the search results.  It’s like this:

-exec <em>command</em> {} \;


  • command is the command you want to execute on the search results, like rm, mv or cp.
  • {} represents the search results.
  • The command ends with a semicolon escaped with a backslash.

So, the command to search and delete all empty files can be written like this:

$ find . -empty -exec rm {} \;

Here is another example using -exec action. The following command copies all .png image files to backup/images directory:

$ find . -name "*.png" -exec cp {} /backups/images \;


You can use the Linux find command to search for files based on name, last access date, last modification date, user(owner) name, group name, size, permissions, and various other criteria. With these search results, you can perform actions on them like deleting, copying, or moving them to a different location.

Once you master the find command, it can be of great help and can simplify system administration tasks for you. And the key to mastering it is practicing it and using it!

  • Vijay Khurana
Thanks to our Sponsors
More great readings on Linux
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.
    Try Monday
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder