/var由于 出现挂起,我无法搜索/var/run。我尝试排除/var/run,但没有产生预期的结果:
$ sudo grep -IR --exclude-dir="/var/run" '45.78.157.165' /var | egrep -v '(audit|access)'
/var/log/secure:Jun 21 14:08:34 cryptopp sshd[19729]: error: Received disconnect from 199.91.135.157: 3: com.jcraft.jsch.JSchException: reject HostKey: 45.78.157.165 [preauth]
/var/log/secure-20160626:Jun 21 14:08:34 cryptopp sshd[19729]: error: Received disconnect from 199.91.135.157: 3: com.jcraft.jsch.JSchException: reject HostKey: 45.78.157.165 [preauth]
/var/log/secure-20160626:Jun 21 14:08:34 cryptopp sshd[19729]: error: Received disconnect from 199.91.135.157: 3: com.jcraft.jsch.JSchException: reject HostKey: 45.78.157.165 [preauth]
grep: /var/run/saslauthd/mux: No such device or address
grep: /var/run/dbus/system_bus_socket: No such device or address
grep: /var/run/rpcbind.sock: No such device or address
grep: /var/run/udev/control: No such device or address
我已尝试过-exclude-dir=/var/run和-exclude-dir="/var/run"。两者产生相同的结果。
为什么我的 grep 失败了?
如何/var/run从递归 grep 中排除?
CentOS 7.2,使用 Grep:
$ grep --version
grep (GNU grep) 2.20
Copyright (C) 2014 Free Software Foundation, Inc.
答案1
我认为这可能是因为您明确要求grep从 进行递归搜索/var,并且/var/run与 下的 SUBDIRECTORY 不匹配/var。
请参阅 grep 手册页,其中指出:
--exclude-dir=glob
[..] skip any subdirectory whose base name matches glob. [..]
使固定
因此,要修复您的命令,请更改排除模式,即:
sudo grep -IR --exclude-dir="run" '45.78.157.165' /var | egrep -v '(audit|access)'
答案2
换句话说,更短一些,因为它需要一个子目录,而在大多数情况下,这个子目录不是绝对路径(=不包括从根目录本身进行搜索,因此它可能会起作用)