一、grep命令使用方法

1.1 grep 命令格式

grep [选项] '关键字' 文件名

1.2 grep命令常用的选项

-i: 不区分大小写
-v: 查找不包含指定内容的行，反向选择
-w: 按单词搜索
-o: 打印匹配关键字
-c: 统计匹配到的次数
-n: 显示行号
-r: 逐层遍历目录查找
-A: 显示匹配行及后面多少行
-B: 显示匹配航及前面多少行
-C: 显示匹配行前后多少行
-l: 值列出匹配的文件名
-L: 列出不匹配的文件名
-e: 使用正则匹配
-E: 使用扩展正则匹配
^key：以关键字开头

二、grep命令使用实例

2.1 从文件中查找指定字符串的行

从 /etc/passwd 文件中查找包含root的行

[root@centos7-1 /]# grep 'root' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
[root@centos7-1 /]#

2.2 从文件中查找指定字符串的行并显示所在行号

从 /etc/passwd 文件中查看包含root的行在第几行

[root@centos7-1 /]# grep -n 'root' /etc/passwd
1:root:x:0:0:root:/root:/bin/bash
10:operator:x:11:0:operator:/root:/sbin/nologin
[root@centos7-1 /]#

2.3 从文件中查找包含指定字符串的行，忽略大小写查找，并显示行号

从 /etc/passwd 文件中找出包含user行并显示行号，忽略大小写

[root@centos7-1 /]# grep -ni 'user' /etc/passwd
12:ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
16:polkitd:x:999:998:User for polkitd:/:/sbin/nologin
24:saslauth:x:994:76:Saslauthd user:/run/saslauthd:/sbin/nologin
25:qemu:x:107:107:qemu user:/:/sbin/nologin
26:radvd:x:75:75:radvd user:/:/sbin/nologin
29:tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
30:usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
32:saned:x:993:987:SANE scanner daemon user:/usr/share/sane:/sbin/nologin
34:colord:x:991:985:User for colord:/var/lib/colord:/sbin/nologin
36:geoclue:x:990:984:User for geoclue:/var/lib/geoclue:/sbin/nologin
38:sssd:x:989:983:User for sssd:/:/sbin/nologin
39:rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
40:nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
[root@centos7-1 /]#

2.4 从文件中查找以指定字符串开头的行

从 /etc/passwd 文件找出以root开头的行

[root@centos7-1 /]# grep '^root' /etc/passwd
root:x:0:0:root:/root:/bin/bash
[root@centos7-1 /]#

2.5 从文件中查找以指定字符串结尾额行

从 /etc/passwd 文件中找出以bash结尾的行

[root@centos7-1 /]# grep 'bash$' /etc/passwd
root:x:0:0:root:/root:/bin/bash
redrose2100:x:1000:1000:redrose2100:/home/redrose2100:/bin/bash
[root@centos7-1 /]#

2.6 从文件中反向查找，即将查找符合条件以外的行

从 /etc/passwd 文件中找出不以root开头的行

[root@centos7-1 /]# grep -v '^root' /etc/passwd
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
gluster:x:997:993:GlusterFS daemons:/run/gluster:/sbin/nologin
libstoragemgmt:x:996:992:daemon account for libstoragemgmt:/var/run/lsm:/sbin/nologin
unbound:x:995:991:Unbound DNS resolver:/etc/unbound:/sbin/nologin
saslauth:x:994:76:Saslauthd user:/run/saslauthd:/sbin/nologin
qemu:x:107:107:qemu user:/:/sbin/nologin
radvd:x:75:75:radvd user:/:/sbin/nologin
rtkit:x:172:172:RealtimeKit:/proc:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
pulse:x:171:171:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
saned:x:993:987:SANE scanner daemon user:/usr/share/sane:/sbin/nologin
setroubleshoot:x:992:986::/var/lib/setroubleshoot:/sbin/nologin
colord:x:991:985:User for colord:/var/lib/colord:/sbin/nologin
abrt:x:173:173::/etc/abrt:/sbin/nologin
geoclue:x:990:984:User for geoclue:/var/lib/geoclue:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
sssd:x:989:983:User for sssd:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
gnome-initial-setup:x:988:982::/run/gnome-initial-setup/:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
redrose2100:x:1000:1000:redrose2100:/home/redrose2100:/bin/bash
[root@centos7-1 /]#

2.7 从文件查找符合条件的行以及之前的N行

从 /etc/passwd 文件中找出以ftp开头的行以及它前面的三行

[root@centos7-1 /]# grep -B 3 '^ftp' /etc/passwd
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
[root@centos7-1 /]#

2.8 从文件中查找符合条件的行以及之后的N行

从 /etc/passwd 文件中找出以ftp开头的行以及它之后的三行

[root@centos7-1 /]# grep -A 3 '^ftp' /etc/passwd
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
[root@centos7-1 /]#

2.9 从文件中查找符合条件的行以及前后N行

从 /etc/passwd 文件中找出以ftp开头的行以及它前后的三行

[root@centos7-1 /]# grep -C 3 '^ftp' /etc/passwd
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
[root@centos7-1 /]#

2.10 从文件中按照单词查找符合条件的行

从 /etc/passwd 文件中找出带user单词的行，注意必须是user单词，如果是单词中含有user是不符合要求的。

如下，可以看出通过-w参数即可以做到按照单词来筛选。

[root@centos7-1 /]# grep 'user' /etc/passwd
saslauth:x:994:76:Saslauthd user:/run/saslauthd:/sbin/nologin
qemu:x:107:107:qemu user:/:/sbin/nologin
radvd:x:75:75:radvd user:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
saned:x:993:987:SANE scanner daemon user:/usr/share/sane:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
[root@centos7-1 /]#
[root@centos7-1 /]# grep -w 'user' /etc/passwd
saslauth:x:994:76:Saslauthd user:/run/saslauthd:/sbin/nologin
qemu:x:107:107:qemu user:/:/sbin/nologin
radvd:x:75:75:radvd user:/:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
saned:x:993:987:SANE scanner daemon user:/usr/share/sane:/sbin/nologin
[root@centos7-1 /]#

2.11 显示查找到的符合条件的行数

从 /etc/passwd 文件中统计出现root的行数,如下，使用-c参数即可

[root@centos7-1 /]# grep 'root' /etc/passwd
root:x:0:0:root:/root:/bin/bash
operator:x:11:0:operator:/root:/sbin/nologin
[root@centos7-1 /]#
[root@centos7-1 /]#
[root@centos7-1 /]# grep -c 'root' /etc/passwd
2
[root@centos7-1 /]#

2.12 从目录下所有文件中查找符合条件的文件以及所在的行的内容

在 /etc 目录下递归的查找所有含有username的文件即所在的行的内容

[root@centos7-1 /]# grep -r 'username' /etc
/etc/security/chroot.conf:# username_regex      chroot_dir
/etc/sasl2/qemu-kvm.conf:# Default to a simple username+password mechanism
/etc/sasl2/qemu-kvm.conf:# If using digest-md5 for username/passwds, then this is the file
/etc/sasl2/qemu-kvm.conf:# containing the passwds. Use 'saslpasswd2 -a qemu [username]'
/etc/sasl2/libvirt.conf:# 'scram-sha-1' plugin allows plain username/password authentication
/etc/sasl2/libvirt.conf:# If using scram-sha-1 for username/passwds, then this is the file
/etc/sasl2/libvirt.conf:# containing the passwds. Use 'saslpasswd2 -a libvirt [username]'
/etc/vmware-tools/tools.conf.example:# /var/log/vmware-<servicename>-<username>.log
/etc/postfix/main.cf:# In the left-hand side, specify a bare username, an @domain.tld
/etc/postfix/main.cf:# username->Firstname.Lastname mapping.
/etc/postfix/main.cf:# Other environment variables of interest: USER (recipient username),
/etc/postfix/main.cf:# username), $shell (recipient shell), $home (recipient home directory),
/etc/postfix/virtual:#        own user name space. Local  (i.e.  non-virtual)  usernames
/etc/iscsi/iscsid.conf:# To set a CHAP username and password for initiator
/etc/iscsi/iscsid.conf:#node.session.auth.username = username
/etc/iscsi/iscsid.conf:# To set a CHAP username and password for target(s)
/etc/iscsi/iscsid.conf:#node.session.auth.username_in = username_in
/etc/iscsi/iscsid.conf:# To set a discovery session CHAP username and password for the initiator
/etc/iscsi/iscsid.conf:#discovery.sendtargets.auth.username = username
/etc/iscsi/iscsid.conf:# To set a discovery session CHAP username and password for target(s)
/etc/iscsi/iscsid.conf:#discovery.sendtargets.auth.username_in = username_in
/etc/wgetrc:#header = From: Your Name <username@site.domain>
/etc/libreport/events.d/abrt_event.conf:# Record username only if uid element is present:
/etc/libreport/events.d/abrt_event.conf:        if [ -f uid ]; then getent passwd "`cat uid`" | cut -d: -f1 >username; fi
/etc/libreport/plugins/mantisbt_format.conf:    -username,-hostname,-os_release,-os_info,\
/etc/libreport/plugins/mantisbt_format_analyzer_libreport.conf:    -username,-hostname,-os_release,-os_info,\
/etc/libreport/plugins/mantisbt_formatdup.conf: -username,-hostname,-os_release,-os_info,\
/etc/libreport/plugins/mantisbt_formatdup_analyzer_libreport.conf:    -username,-hostname,-os_release,-os_info,\
/etc/libreport/plugins/bugzilla_format.conf:    -username,-hostname,-os_release,-os_info,\
/etc/libreport/plugins/bugzilla_format_libreport.conf:  -username,-hostname,-os_release,-os_info,\
/etc/libreport/plugins/bugzilla_formatdup.conf: -username,-hostname,-os_release,-os_info,\
/etc/libreport/plugins/bugzilla_format_anaconda.conf:   -username,-hostname,-os_release,-last_occurrence,-ureports_counter,\
/etc/libreport/plugins/bugzilla_formatdup_anaconda.conf:        -username,-hostname,-os_release,-last_occurrence,-ureports_counter,\
/etc/libreport/plugins/ureport.conf:# Use username and password:
/etc/libreport/plugins/ureport.conf:# HTTPAuth = username:password
/etc/libreport/forbidden_words.conf:username
/etc/dnsmasq.conf:#dhcp-option=encap:175, 190, user     # iSCSI username
/etc/libvirt/libvirtd.conf:# A whitelist of allowed SASL usernames. The format for username
/etc/libvirt/libvirtd.conf:# depends on the SASL authentication mechanism. Kerberos usernames
/etc/libvirt/libvirtd.conf:# look like username@REALM
/etc/libvirt/libvirtd.conf:#sasl_allowed_username_list = ["joe@EXAMPLE.COM", "fred@EXAMPLE.COM" ]
/etc/GeoIP.conf:# ProxyUserPassword username:password
[root@centos7-1 /]#

2.13 从指定目录中查找含有自定字符串的所有文件

查找 /etc/ 目录下所有含有username的文件

[root@centos7-1 /]# grep -rl 'username' /etc
/etc/security/chroot.conf
/etc/sasl2/qemu-kvm.conf
/etc/sasl2/libvirt.conf
/etc/vmware-tools/tools.conf.example
/etc/postfix/main.cf
/etc/postfix/virtual
/etc/iscsi/iscsid.conf
/etc/wgetrc
/etc/libreport/events.d/abrt_event.conf
/etc/libreport/plugins/mantisbt_format.conf
/etc/libreport/plugins/mantisbt_format_analyzer_libreport.conf
/etc/libreport/plugins/mantisbt_formatdup.conf
/etc/libreport/plugins/mantisbt_formatdup_analyzer_libreport.conf
/etc/libreport/plugins/bugzilla_format.conf
/etc/libreport/plugins/bugzilla_format_libreport.conf
/etc/libreport/plugins/bugzilla_formatdup.conf
/etc/libreport/plugins/bugzilla_format_anaconda.conf
/etc/libreport/plugins/bugzilla_formatdup_anaconda.conf
/etc/libreport/plugins/ureport.conf
/etc/libreport/forbidden_words.conf
/etc/dnsmasq.conf
/etc/libvirt/libvirtd.conf
/etc/GeoIP.conf
[root@centos7-1 /]#

2.14 从指定目录中查找所有不含有自定字符串的文件

查找 /etc/ 目录下所有不含有username的文件

grep -rL 'username' /etc

测试开发技术网站

博客