HostOnNet Blog

Locate files owned by nobody and delete

Posted on November 7, 2014 by Annie

Looking for Linux Server Admin or WordPress Expert? We can help.

Contact Us

This is very useful for locating files that have been uploaded using an exploit and are still owned by the nobody user.

The below command will search all user document root for files owned by nobody and display them on the screen.

This is one of the most likely location of uploaded nobody files but its possible for files to be outside this directory.

find /home/*/public_html -user nobody -print

The below command will search and delete all files in the users document root that are owned by the nobody user. It’s recommended you just do a find first, then if it’s clear run the below command:

find /home/*/public_html -user nobody -print | xargs rm

To delete folders owned by nobody user too, use:

find /home/user/public_html -user nobody -print | xargs rm -Rf

About Annie

I've been working in Technical Section for over 10 years in a wide range of tech jobs from Tech Support to Software Testing. I started writing blog for my future reference and useful for all.
Posted in Linux Administration

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.