{"id":1507,"date":"2019-04-08T06:49:22","date_gmt":"2019-04-08T01:19:22","guid":{"rendered":"http:\/\/jaipurhosting.com\/blog\/?p=1507"},"modified":"2019-04-30T10:42:28","modified_gmt":"2019-04-30T05:12:28","slug":"how-to-find-out-who-is-using-a-file-in-linux","status":"publish","type":"post","link":"https:\/\/www.jaipurhosting.com\/blog\/how-to-find-out-who-is-using-a-file-in-linux\/","title":{"rendered":"How to find out who is using a file in Linux"},"content":{"rendered":"\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p><strong>Description<\/strong><\/p>\n\n\n\n<p>We can use the <a href=\"http:\/\/jaipurhosting.com\/blog\/10-lsof-command-examples-in-linux\/\"><strong>lsof command<\/strong><\/a>&nbsp;to know if someone is using a file, and if they are, who. <\/p>\n\n\n\n<p>It reads kernel memory in its search for open files and helps you list all open files. <\/p>\n\n\n\n<p>In this case, an open file may be a regular file, a directory, a block special file, a character special file, a stream, a network file and many others \u2013 because in&nbsp;Linux everything is a file. <\/p>\n\n\n\n<p><a href=\"http:\/\/jaipurhosting.com\/blog\/10-lsof-command-examples-in-linux\/\"><strong>Lsof<\/strong><\/a>&nbsp;is used on a file system to identify who is using any files on that file system. <\/p>\n\n\n\n<p>You can run&nbsp;<strong>lsof command<\/strong>&nbsp;on Linux filesystem and the output identifies the owner and process information for processes using the file as shown in the following output. <\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><strong><em>$ lsof \/dev\/null<\/em><\/strong><\/pre>\n\n\n\n<p>                              <strong>List of All Opened Files in Linux <\/strong><br><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>COMMAND    PID    USER   FD   TYPE DEVICE SIZE\/OFF NODE NAME\nsystemd   1480 jaipur    0r   CHR    1,3      0t0    6 \/dev\/null\nsh        1501 jaipur    0r   CHR    1,3      0t0    6 \/dev\/null\nsh        1501 jaipur    1w   CHR    1,3      0t0    6 \/dev\/null\ndbus-daem 1530 jaipur    0u   CHR    1,3      0t0    6 \/dev\/null\nxfce4-ses 1603 jaipur    0r   CHR    1,3      0t0    6 \/dev\/null\nxfce4-ses 1603 jaipur    1w   CHR    1,3      0t0    6 \/dev\/null\nat-spi-bu 1604 jaipur    0r   CHR    1,3      0t0    6 \/dev\/null\ndbus-daem 1609 jaipur    0u   CHR    1,3      0t0    6 \/dev\/null\nat-spi2-r 1611 jaipur    0u   CHR    1,3      0t0    6 \/dev\/null\nxfconfd   1615 jaipur    0u   CHR    1,3      0t0    6 \/dev\/null\nxfwm4     1624 jaipur    0r   CHR    1,3      0t0    6 \/dev\/null\nxfwm4     1624 jaipur    1w   CHR    1,3      0t0    6 \/dev\/null\nxfce4-pan 1628 jaipur    0r   CHR    1,3      0t0    6 \/dev\/null\nxfce4-pan 1628 jaipur    1w   CHR    1,3      0t0    6 \/dev\/null\nThunar    1630 jaipur    0r   CHR    1,3      0t0    6 \/dev\/null\nThunar    1630 jaipur    1w   CHR    1,3      0t0    6 \/dev\/null\nxfdesktop 1632 jaipur    0r   CHR    1,3      0t0    6 \/dev\/null\nxfdesktop 1632 jaipur    1w   CHR    1,3      0t0    6 \/dev\/null\n....<\/code><\/pre>\n\n\n\n<p> To list user specific opened files, run the following command replace&nbsp;<code>jaipur<\/code>&nbsp;with the actual user name. <\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><strong><em>$ lsof -u jaipur<\/em><\/strong><br><\/pre>\n\n\n\n<p>                                      <strong>List of Files Opened by User<\/strong> <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>COMMAND    PID    USER   FD      TYPE             DEVICE  SIZE\/OFF       NODE NAME\nsystemd   1480 jaipur  cwd       DIR                8,3      4096          2 \/\nsystemd   1480 jaipur  rtd       DIR                8,3      4096          2 \/\nsystemd   1480 jaipur  txt       REG                8,3   1595792    3147496 \/lib\/systemd\/systemd\nsystemd   1480 jaipur  mem       REG                8,3   1700792    3150525 \/lib\/x86_64-linux-gnu\/libm-2.27.so\nsystemd   1480 jaipur  mem       REG                8,3    121016    3146329 \/lib\/x86_64-linux-gnu\/libudev.so.1.6.9\nsystemd   1480 jaipur  mem       REG                8,3     84032    3150503 \/lib\/x86_64-linux-gnu\/libgpg-error.so.0.22.0\nsystemd   1480 jaipur  mem       REG                8,3     43304    3150514 \/lib\/x86_64-linux-gnu\/libjson-c.so.3.0.1\nsystemd   1480 jaipur  mem       REG                8,3     34872    2497970 \/usr\/lib\/x86_64-linux-gnu\/libargon2.so.0\nsystemd   1480 jaipur  mem       REG                8,3    432640    3150484 \/lib\/x86_64-linux-gnu\/libdevmapper.so.1.02.1\nsystemd   1480 jaipur  mem       REG                8,3     18680    3150450 \/lib\/x86_64-linux-gnu\/libattr.so.1.1.0\nsystemd   1480 jaipur  mem       REG                8,3     18712    3150465 \/lib\/x86_64-linux-gnu\/libcap-ng.so.0.0.0\nsystemd   1480 jaipur  mem       REG                8,3     27112    3150489 \/lib\/x86_64-linux-gnu\/libuuid.so.1.3.0\nsystemd   1480 jaipur  mem       REG                8,3     14560    3150485 \/lib\/x86_64-linux-gnu\/libdl-2.27.so\n...<\/code><\/pre>\n\n\n\n<p>Another important use of <strong>lsof<\/strong>&nbsp;is to&nbsp;<a href=\"http:\/\/jaipurhosting.com\/blog\/how-to-find-out-which-process-listening-on-a-particular-port\/\"><strong>find out the process listening on a specific port<\/strong><\/a>. <\/p>\n\n\n\n<p>For example identify the process listening on port&nbsp;<strong>80<\/strong>&nbsp;using the following command. <\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><strong>$ sudo lsof -i TCP:80<\/strong><\/pre>\n\n\n\n<p>                                     <strong>Find Out Process Listening Port <\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>COMMAND  PID   USER   FD   TYPE DEVICE SIZE\/OFF NODE NAME\nhttpd    903   root    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   1320 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   1481 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   1482 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   1493 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   1763 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   2027 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   2029 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   2044 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   3199 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)\nhttpd   3201 apache    4u  IPv6  20222      0t0  TCP *:http (LISTEN)<\/code><\/pre>\n\n\n\n<p><strong>Note<\/strong>: Since&nbsp;<strong>lsof<\/strong>&nbsp;reads kernel memory in its search for open files, rapid changes in kernel memory may result into unpredictable outputs. This is one of the major downsides of using&nbsp;lsof command. <\/p>\n\n\n\n<p>For more information, look at the&nbsp;<strong>lsof<\/strong>&nbsp;man page:<\/p>\n\n\n\n<p><em>$ man lsof<\/em><\/p>\n\n\n\n<p>We have explained how to know who is using a particular file in Linux. <\/p>\n\n\n\n<p>We have shown how to identify the owner and process information for processes using an open file. <br><\/p>\n\n\n\n<p>We hope you\u2019ve found this useful!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Description We can use the lsof command&nbsp;to know if someone is using a file, and if they are, who. It reads kernel memory in its search for open files and helps you list all open files. In this case, an open file may be a regular file, a directory, a block special file, a character [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1508,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-1507","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1507","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/comments?post=1507"}],"version-history":[{"count":7,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1507\/revisions"}],"predecessor-version":[{"id":1583,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1507\/revisions\/1583"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/media\/1508"}],"wp:attachment":[{"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/media?parent=1507"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/categories?post=1507"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/tags?post=1507"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}