lsof

List all open files

$ lsof

$ lsof -u [username]

$ lsof -p [pid]

$ lsof -i :[port]

$ lsof -i

$ lsof +D [/path/to/dir]

$ lsof [/path/to/file]

lsof [options] [files]

lsof (List Open Files) is a diagnostic tool that reports all files currently opened by running processes. In Unix-like systems, the concept of a "file" extends well beyond regular files on disk -- it includes network sockets, Unix domain sockets, pipes, device files, and directories. Each open file is represented internally by a file descriptor, and lsof maps these descriptors back to the processes that hold them.
This makes lsof an essential troubleshooting tool for a wide range of scenarios. It can identify which process is listening on a specific TCP/UDP port (`-i :port`), find processes preventing a filesystem from being unmounted (`+D /mount`), or reveal network connections established by a particular program. The output includes the process name, PID, user, file descriptor number, file type, and the file path or network address, providing a comprehensive view of how processes interact with system resources.

FILES

Specific files to check.

Files opened by user.

Files opened by process.

Network connections.

Files in directory.

Files opened by command.

Display help information.

Requires root for all files. Output can be verbose. Performance impact on large systems.

lsof was created by Vic Abell in 1988 and has become a standard Unix diagnostic tool.

fuser(1), netstat(8), ss(8), ps(1)