{"id":1655,"date":"2019-06-21T16:21:39","date_gmt":"2019-06-21T10:51:39","guid":{"rendered":"http:\/\/jaipurhosting.com\/blog\/?p=1655"},"modified":"2019-11-11T07:15:49","modified_gmt":"2019-11-11T01:45:49","slug":"how-to-find-out-who-is-using-a-file-in-linux-2","status":"publish","type":"post","link":"https:\/\/www.jaipurhosting.com\/blog\/how-to-find-out-who-is-using-a-file-in-linux-2\/","title":{"rendered":"How to find out who is using a file in linux"},"content":{"rendered":"\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Description <\/strong>: <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">We can use the&nbsp;<a href=\"http:\/\/jaipurhosting.com\/blog\/10-lsof-command-examples-in-linux\/\"><strong>lsof command<\/strong><\/a>&nbsp;to know if someone is using a file, and if they are, who. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">It reads kernel memory in its search for open files and helps you list all open files. In this case, an open file may be a regular file, a directory, a block special file, a character special file, a stream, a network file and many others \u2013 because in&nbsp;Linux everything is a file. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"http:\/\/jaipurhosting.com\/blog\/10-lsof-command-examples-in-linux\/\">Lsof<\/a>&nbsp;is used on a file system to identify who is using any files on that file system. You can run&nbsp;<strong>lsof command<\/strong>&nbsp;on Linux filesystem and the output identifies the owner and process information for processes using the file as shown in the following output. <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ lsof \/dev\/null<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>                                       List of All Opened Files in Linux<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>[root@server ~]# lsof \/dev\/null\nCOMMAND     PID     USER   FD   TYPE DEVICE SIZE\/OFF NODE NAME\nsystemd       1     root    0u   CHR    1,3      0t0 1035 \/dev\/null\nsystemd       1     root    1u   CHR    1,3      0t0 1035 \/dev\/null\nimap       1979 jaipur    0w   CHR    1,3      0t0 1035 \/dev\/null\nimap       1979 jaipur    9w   CHR    1,3      0t0 1035 \/dev\/null\nsystemd-j  1993     root    0r   CHR    1,3      0t0 1035 \/dev\/null\nimap       6153 jaipur    0w   CHR    1,3      0t0 1035 \/dev\/null\nimap       6153 jaipur    9w   CHR    1,3      0t0 1035 \/dev\/null\nimap       6245 jaipur    0w   CHR    1,3      0t0 1035 \/dev\/null\nimap       6245 jaipur    9w   CHR    1,3      0t0 1035 \/dev\/null\nimap       6328 jaipur    0w   CHR    1,3      0t0 1035 \/dev\/null\nimap       6328 jaipur    9w   CHR    1,3      0t0 1035 \/dev\/null\nimap       6360 jaipur    0w   CHR    1,3      0t0 1035 \/dev\/null\nimap       6360 jaipur    9w   CHR    1,3      0t0 1035 \/dev\/null\nexim       6453 mailnull    0u   CHR    1,3      0t0 1035 \/dev\/null\nexim       6453 mailnull    1u   CHR    1,3      0t0 1035 \/dev\/null\nexim       6453 mailnull    2u   CHR    1,3      0t0 1035 \/dev\/null\nimap       6535 jaipur    0w   CHR    1,3      0t0 1035 \/dev\/null\nimap       6535 jaipur    9w   CHR    1,3      0t0 1035 \/dev\/null<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"> To list user specific opened files, run the following command replace&nbsp;<code>jaipur<\/code>&nbsp;with the actual user name. <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ lsof -u jaipur<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>                                     List of files Opened Files in Linux<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>[root@server ~]# lsof -u jaipur\nCOMMAND    PID     USER   FD      TYPE             DEVICE SIZE\/OFF     NODE NAME\nimap      1979 jaipur  cwd       DIR              202,1     4096   934273 \/home\/jaipur\/mail\/jaipurshosting\nimap      1979 jaipur  rtd       DIR              202,1     4096        2 \/\nimap      1979 jaipur  txt       REG              202,1  1611149  1573420 \/usr\/libexec\/dovecot\/imap\nimap      1979 jaipur  mem       REG              202,1   150108  1991442 \/usr\/lib64\/dovecot\/\nimap      1979 jaipur  mem       REG              202,1   141968  1709124 \/usr\/lib64\/libpthread-2.17.so\nimap      1979 jaipur  mem       REG              202,1   157424  1708710 \/usr\/lib64\/liblzma.so.5.2.2\nimap      1979 jaipur  mem       REG              202,1    68192  1709202 \/usr\/lib64\/libbz2.so.1.0.6\nimap      1979 jaipur  mem       REG              202,1    90248  1708428 \/usr\/lib64\/libz.so.1.2.7\nimap      1979 jaipur  mem       REG              202,1   193860  1991437 \/usr\/lib64\/dovecot\/lib20_zlib_plugin.so<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"> Another important use of&nbsp;<strong>lsof<\/strong>&nbsp;is to&nbsp;<a href=\"http:\/\/jaipurhosting.com\/blog\/how-to-find-out-which-process-listening-on-a-particular-port\/\">find out the process listening on a specific port<\/a>. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For example identify the process listening on port&nbsp;<strong>80<\/strong>&nbsp;using the following command. <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ sudo lsof -i TCP:80<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>                                    Find Out Process Listening Port<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>[root@server ~]# sudo lsof -i TCP:80\nCOMMAND   PID   USER   FD   TYPE   DEVICE SIZE\/OFF NODE NAME\nhttpd   14964 nobody    3u  IPv4 67600630      0t0  TCP *:http (LISTEN)\nhttpd   14964 nobody    4u  IPv6 67600631      0t0  TCP *:http (LISTEN)\nhttpd   14975 nobody    3u  IPv4 67600630      0t0  TCP *:http (LISTEN)\nhttpd   14975 nobody    4u  IPv6 67600631      0t0  TCP *:http (LISTEN)\nhttpd   14977 nobody    3u  IPv4 67600630      0t0  TCP *:http (LISTEN)\nhttpd   14977 nobody    4u  IPv6 67600631      0t0  TCP *:http (LISTEN)\nhttpd   15752 nobody    3u  IPv4 67600630      0t0  TCP *:http (LISTEN)\nhttpd   15752 nobody    4u  IPv6 67600631      0t0  TCP *:http (LISTEN)\nhttpd   15753 nobody    3u  IPv4 67600630      0t0  TCP *:http (LISTEN)\nhttpd   15753 nobody    4u  IPv6 67600631      0t0  TCP *:http (LISTEN)\nhttpd   15754 nobody    3u  IPv4 67600630      0t0  TCP *:http (LISTEN)\nhttpd   15754 nobody    4u  IPv6 67600631      0t0  TCP *:http (LISTEN)\nhttpd   15755 nobody    3u  IPv4 67600630      0t0  TCP *:http (LISTEN)\nhttpd   15755 nobody    4u  IPv6 67600631      0t0  TCP *:http (LISTEN)<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Note<\/strong>: Since&nbsp;<strong>lsof<\/strong>&nbsp;reads kernel memory in its search for open files, rapid changes in kernel memory may result into unpredictable outputs. This is one of the major downsides of using&nbsp;lsof command.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For more information, look at the&nbsp;<strong>lsof<\/strong>&nbsp;man page:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ man lsof<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><br> We hope you\u2019ve found this useful! <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Description : We can use the&nbsp;lsof command&nbsp;to know if someone is using a file, and if they are, who. It reads kernel memory in its search for open files and helps you list all open files. In this case, an open file may be a regular file, a directory, a block special file, a character [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1656,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-1655","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cpanel"],"_links":{"self":[{"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1655","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/comments?post=1655"}],"version-history":[{"count":5,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1655\/revisions"}],"predecessor-version":[{"id":1665,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1655\/revisions\/1665"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/media\/1656"}],"wp:attachment":[{"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/media?parent=1655"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/categories?post=1655"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jaipurhosting.com\/blog\/wp-json\/wp\/v2\/tags?post=1655"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}