I am trying to figure out the command to display all files created 30 minutes (as an example) before and after another file was created. So far I managed to find files newer than that file
but I cannot work out how to look for both before and after given time.
A command I have used:
find -type f -newer file.txt -cmin -30
This works fine but only does half of what I am trying to do.
Also, I need to modify that to search for setuid files only, which I THINK I can do by adding the -perm -4000 in that command.
Any suggestions?
As far as I know there is no way to find file creation time.
You can try by modification time (this will get all files last-modified between 5th and 8th)
(or access time replace
newermtwithnewerat)newerXYis flag to compare timestamps of current file with reference (see man find for more info).According to
man find(on my debian) there are 4 flags (aside fromtto interpret directly as time)You can also try with
'B'birth time but it does not work for me, gives me error. I don’t know why it is included in the man pagecompare to another file
You can create temp file (one with modification time 30 min before the target file, another 30 mins after)
touch -dtakes a date option, so if you add and subtract correctly, this should work.