What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Universal configuration monitoring and system of record for IT.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:



May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!

Top Tags



Psst. Open beta.

Wow, didn't really expect you to read this far down. The latest iteration of the site is in open beta. It's a gentle open beta-- not in prime-time just yet. It's being hosted over at UpGuard (link) and you are more than welcome to give it a shot. Couple things:

  • » The open beta is running a copy of the database that will not carry over to the final version. Don't post anything you don't mind losing.
  • » If you wish to use your user account, you will probably need to reset your password.
Your feedback is appreciated via the form on the beta page. Thanks! -Jon & CLFU Team

Commands using find from sorted by
Terminal - Commands using find - 1,075 results
find . -type f ! -path \*CVS\* -exec rm {} \; -exec cvs remove {} \;
2013-06-28 20:17:40
User: jasonsydes
Functions: cvs find rm
Tags: bash cvs delete rm

This command removes and then cvs removes all files in the current directory recursively.

find . -type d -print0 | xargs -0 du -s | sort -n | tail -10 | cut -f2 | xargs -I{} du -sh {} | sort -rn
find . -name '*.[Jj][Pp][Gg]' -exec mogrify -resize 1024">" -quality 40 {} \;
2013-06-21 13:27:25
User: hugme
Functions: find

The find command can do this on it's own. This is a shorter faster version, it also includes more advanced regex (it will find .Jpg etc). Find doesn't need a pipe, you can run it directly from the command.

find . -name '*.jpg' -o -name '*.JPG' -print0 | xargs -0 mogrify -resize 1024">" -quality 40
2013-06-20 16:09:41
User: minnmass
Functions: find xargs

The "find $stuff -print0 | xargs -0 $command" pattern causes both find and xargs to use null-delineated paths, greatly reducing the probability of either hiccuping on even the weirdest of file/path names.

It's also not strictly necessary to add the {} at the end of the xargs command line, as it'll put the files there automatically.

Mind, in most environments, you could use find's "-exec" option to bypass xargs entirely:

find . -name '*.jpg' -o -name '*.JPG' -exec mogrify -resize 1024">" -quality 40 {} +

will use xargs-like "make sure the command line isn't too long" logic to run the mogrify command as few times as necessary (to run once per file, use a ';' instead of a '+' - just be sure to escape it properly).

find . -name '*.jpg' -o -name '*.JPG' | xargs -I{} mogrify -resize 1024">" -quality 40 {}
2013-06-20 15:20:29
Functions: find xargs

First use find to find all the images that end with jpg or JPG in the current dir and all its children.

Then pipe that to xargs. The -I{} makes it so spaces in filenames don't matter.

The 1024">" makes it so it takes any image greater in dimension than 1024 and resizes them to 1024 width, but keeping aspect ratio on height.

Then it sets the image quality to 40.

Piping it through xargs means you avoid the file count limit, and you could run this on your entire file system if you wanted.

find -printf "%C@ %p\n"|sort
2013-06-19 10:42:49
User: oivvio
Functions: find
Tags: sort find

This uses the ability of find (at least the one from GNU findutils that is shiped with most linux distros) to display change time as part of its output. No xargs needed.

find /usr/include/ -name '*.[c|h]pp' -o -name '*.[ch]' -print0 | xargs -0 cat | grep -v "^ *$" | grep -v "^ *//" | grep -v "^ */\*.*\*/" | wc -l
2013-06-17 08:37:37
Functions: cat find grep wc xargs

Count your source and header file's line numbers. This ignores blank lines, C++ style comments, single line C style comments.

This will not ignore blank lines with tabs or multiline C style comments.

find -name '*.mp3' -exec mp3info {} -p "%F: %r kbps\n" \; | sort | sed '/320 kbps/d'
find . -type f -name filename.exe -exec sed -i "s/oldstring/oldstring/g" {} +;
find -iname "MyCProgram.c" -exec md5sum {} \;
find . -name .git -print0 | while read -d $'\0' g; do echo "$g"; cd "$g"; git gc --aggressive; cd -; done
2013-05-09 08:03:23
User: Tungmar
Functions: cd echo find read

git gc should be run on all git repositories every 100 commits. This will help do do so if you have many git repositories ;-)

find . -type f -a \! -links 1
2013-05-06 20:44:08
User: malathion
Functions: find
Tags: find links

libpurple likes to hardlink files repeatedly. To ignore libpurple, use sed: | sed '/\.\/\.purple/d'

find /etc -type f -print0 | xargs -r0 grep --color ''
2013-04-30 15:03:20
User: jakezp
Functions: find grep xargs

find ip address in all files in /etc directory. can be used to find any string in any directory really

find -maxdepth 1 -type d | while read dir; do echo $dir; echo cmd2; done
find /etc -exec grep '[0-9][0-9]*[.][0-9][0-9]*[.][0-9][0-9]*[.][0-9][0-9]*' {} \;
ls -lahS $(find / -type f -size +10000k)
find . -type f -name "*.gz" | while read line ; do gunzip --to-stdout "$line" | bzip2 > "$(echo $line | sed 's/gz$/bz2/g')" ; done
2013-04-12 19:18:21
User: Kaurin
Functions: bzip2 find gunzip read

Find all .gz files and recompress them to bz2 on the fly. No temp files.

edit: forgot the double quotes! jeez!

find . -type f -name '*.gz'|awk '{print "zcat", $1, "| bzip2 -c >", $0.".tmp", "&& rename", "s/.gz.tmp/.bz2/", "*.gz.tmp", "&& rm", $0}'|bash
2013-04-11 10:17:57
User: Ztyx
Functions: awk find

This solution is similar to [1] except that it does not have any dependency on GNU Parallel. Also, it tries to minimize the impact on the running system (using ionice and nice).

[1] http://www.commandlinefu.com/commands/view/7009/recompress-all-.gz-files-in-current-directory-using-bzip2-running-1-job-per-cpu-core-in-parallel

find . -name *js -type f | xargs yardstick | sort -k6 -n
2013-04-06 00:19:46
User: noah
Functions: find sort xargs

The number on the far right is ratio of comments to code, expressed as a percentage. For the rest of the Yardstick documentation see https://github.com/calmh/yardstick/blob/master/README.md#reported-metrics

for ii in $(find /path/to/docroot -type f -name \*.php); do echo $ii; wc -lc $ii | awk '{ nr=$2/($1 + 1); printf("%d\n",nr); }'; done
2013-04-05 19:06:17
Functions: awk echo find wc

I have found that base64 encoded webshells and the like contain lots of data but hardly any newlines due to the formatting of their payloads. Checking the "width" will not catch everything, but then again, this is a fuzzy problem that relies on broad generalizations and heuristics that are never going to be perfect.

What I have done is set an arbitrary threshold (200 for example) and compare the values that are produced by this script, only displaying those above the threshold. One webshell I tested this on scored 5000+ so I know it works for at least one piece of malware.

find ./public_html/ -name \*.php -exec grep -HRnDskip "\(passthru\|shell_exec\|system\|phpinfo\|base64_decode\|chmod\|mkdir\|fopen\|fclose\|readfile\) *(" {} \;
2013-04-03 12:42:19
User: lpanebr
Functions: find grep

Searched strings:

passthru, shell_exec, system, phpinfo, base64_decode, chmod, mkdir, fopen, fclose, readfile

Since some of the strings may occur in normal text or legitimately you will need to adjust the command or the entire regex to suit your needs.

find /Applications -type d -maxdepth 1 -exec sh -c 'echo "{}"; (plutil -convert xml1 -o - "{}/Contents/Info.plist" | xpath /dev/stdin "concat(\"v\", /plist/dict/string[preceding-sibling::key[1]=\"CFBundleShortVersionString\"]/node())" 2>/dev/null)' \;
2013-03-29 14:01:23
User: darkfader
Functions: find sh
Tags: osx

Uses find, plutil and xpath.

Note: Some applications don't have proper information. system_profiler might be better to use.

It's a bit slow query.

Due to command length limit, I removed -name "*.app" and CFBundleName.

find /var/www/ -type f -print0 | xargs -0 chmod 644
find /var/www/ -type f -print0 | xargs -0 chmod 644
2013-03-28 11:10:30
User: FiloSottile
Functions: chmod find xargs
Tags: find xargs chmod

xargs is a more elegant approach to executing a command on find results then -exec as -exec is meant as a filtering flag.

sudo -u apache find . -not -perm /o+r