Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Accidentally chmod'd everything 777
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
jamori
n00b
n00b


Joined: 07 Dec 2005
Posts: 4

PostPosted: Wed Dec 07, 2005 12:23 am    Post subject: Accidentally chmod'd everything 777 Reply with quote

I seem to have accidentally chmod'd my entire system a+rwx

I issued the following command:
Code:
sudo chmod a+rwx /my/dir -R *
which I know isn't the right order, but I'd already typed a long pathname and didn't want to arrow back and add flags to the beginning. I figured that the program would either a) figure out what I meant or b) tell me it couldn't and bail.

Instead, the permissions on every file on my system are bork'd. Any recommendations on how to get the standard files back to how they should be other than going through manually? I'll obviously have to redo any special files/folders I made, but how about all the standard system stuff?
I'd like to preserve all my config files. Would a forced re-emerge world do it?

Any suggestions would be greatly appreciated.
Back to top
View user's profile Send private message
timeBandit
Bodhisattva
Bodhisattva


Joined: 31 Dec 2004
Posts: 2674
Location: here, there or in transit

PostPosted: Wed Dec 07, 2005 1:48 am    Post subject: Re: Accidentally chmod'd everything 777 Reply with quote

jamori wrote:
I figured that the program would either a) figure out what I meant or b) tell me it couldn't and bail.
... Any recommendations on how to get the standard files back to how they should be ... ? Would a forced re-emerge world do it?

I bet you won't make that assumption again. :wink:
Almost. I think your best bet is:
Code:
emerge -e system
emerge -e world

plus manual fixes to your own files. After the re-merge, you can do this to locate stragglers and decide whether they require correction:
Code:
find / -perm -0777 -a ! -type l -ls

The ! -type l (that's ell,) predicate excludes symbolic links, which always have mode 777. As a point of reference, on my machine that command finds exactly 23 files.

If you haven't already upgraded to GCC 3.4, now might be a good time--a full re-merge is part of the job.
_________________
Plants are pithy, brooks tend to babble--I'm content to lie between them.
Super-short f.g.o checklist: Search first, strip comments, mark solved, help others.


Last edited by timeBandit on Wed Dec 07, 2005 3:15 am; edited 1 time in total
Back to top
View user's profile Send private message
jamori
n00b
n00b


Joined: 07 Dec 2005
Posts: 4

PostPosted: Wed Dec 07, 2005 1:56 am    Post subject: Re: Accidentally chmod'd everything 777 Reply with quote

timeBandit wrote:
I bet you won't make that assumption again. :wink:

definitely not.

Thanks for the advice; it was greatly appreciated.

For some reason, all my services work except ssh (I get connection refused), so I'm going to have to drag it out of a closet to fix this. *sigh*

Thanks again.
Back to top
View user's profile Send private message
timeBandit
Bodhisattva
Bodhisattva


Joined: 31 Dec 2004
Posts: 2674
Location: here, there or in transit

PostPosted: Wed Dec 07, 2005 3:14 am    Post subject: Re: Accidentally chmod'd everything 777 Reply with quote

jamori wrote:
For some reason, all my services work except ssh (I get connection refused), so I'm going to have to drag it out of a closet to fix this. *sigh*

Thanks again.


You're welcome. As for SSH, it's fussy about permissions on certain critical directories/files (security risk), and will deny connections if they are incorrect. In particular, IIRC the host private keys and sshd_config need to be owned by root, readable only by root (0600), and the directory /var/empty must exist (with permissions 0755). There are probably more such constraints--I'm sorry, it's been a while since I set up SSH, so I can't say which may be at fault. It is mentioned in the config file comments and/or man pages, though, so with some reading you should be able to puzzle it out. Check the logs, too.

Good luck.
_________________
Plants are pithy, brooks tend to babble--I'm content to lie between them.
Super-short f.g.o checklist: Search first, strip comments, mark solved, help others.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 18084

PostPosted: Wed Dec 07, 2005 5:46 am    Post subject: Reply with quote

Moved from Other Things Gentoo
_________________
Those who know what's best for us must rise and save us from ourselves.
Back to top
View user's profile Send private message
wjholden
l33t
l33t


Joined: 01 Mar 2004
Posts: 826
Location: Augusta, GA

PostPosted: Wed Dec 07, 2005 7:59 am    Post subject: Reply with quote

I remember having problems after a "chmod 777 -R /some/directory" with a lot of stuff in it, which happened to be content on an FTP server (or something). Because I knew there were some perl scripts in teh folder that I didn't want to be executed, it shouldn't have been possible for any user to execute them anyways, but you can't be too careful, and I fell in love with the "find" command like this:
Code:
chmod -R a-x /some/directory
find /some/directory -type d -exec chmod a+x {} \;
Directories need to be executable (otherwise you can't "cd" into them).

Plus...this might not be a problem with you guys, but I find "a.out" files everywhere ;)
Back to top
View user's profile Send private message
humbletech99
Veteran
Veteran


Joined: 26 May 2005
Posts: 1229
Location: London

PostPosted: Thu Dec 29, 2005 1:18 am    Post subject: Reply with quote

This is a beginners experimental mistake, but some people actually like this sort of thing cos it makes everything more open and therefore easier, you don't get lots of access denied... etc, it's why people also run as root all the time. I'd say chalk it up to experience and do a fresh install, I get the impression you haven't been into Linux for too long so there probably isn't much to lose and it might be quicker than try to fix it. If you do want to try to fix it, the chmoding -R 755 / and then adjusting the rest like home dir and the occasional suid or special case may be the only way to go, but it's the long way round. You could try doing a deep emerge world and rebuild everything and see if that replaces everything with their correct permissions

Beware the power of linux, unlike Windows, it assumes you're smart enough to know what you're doing, it doesn't have stabilizers.


For your amusement (probably more for our own really), here's a relevent quote from this forum:

Gentree wrote:
Quote:
I tell you with the new flux of -ex windows users piling onto Linux we'll be the same mess as Winworld within a year. :cry:


from the following post https://forums.gentoo.org/viewtopic-p-2989221.html#2989221
Back to top
View user's profile Send private message
mephx
n00b
n00b


Joined: 23 Nov 2006
Posts: 11

PostPosted: Thu Dec 14, 2006 8:45 am    Post subject: File Permissions Reply with quote

well, accidentaly chmoded 777 ./.* as root, then went away for a smoke, when i was back, jeez, my box looks like a bit&/%!! is there any fast way to re-perm all the fs?

by hand may be out of question :S

thanks
Back to top
View user's profile Send private message
fangorn
Veteran
Veteran


Joined: 31 Jul 2004
Posts: 1886

PostPosted: Thu Dec 14, 2006 9:08 am    Post subject: Reply with quote

As gentoo systems are quite different from box to box, I dont think there are some scripts to repermission everything.

The most complete way (and with the minimum of handwork) is to just repermission your /home and /etc and rebuild the system with a stage3, copy the handedited files from /etc/, your /home and world file and "emerge -e world".
_________________
Video Encoding scripts collection | Project page
Back to top
View user's profile Send private message
lxg
Veteran
Veteran


Joined: 12 Nov 2005
Posts: 1019
Location: Aachen, Germany

PostPosted: Thu Dec 14, 2006 1:28 pm    Post subject: Reply with quote

Maybe I'm on the wrong path, but wouldn't in this specific situation an emerge -e world suffice?
_________________
lxg.de – codebits and tech talk
Back to top
View user's profile Send private message
mephx
n00b
n00b


Joined: 23 Nov 2006
Posts: 11

PostPosted: Thu Dec 14, 2006 4:59 pm    Post subject: Reply with quote

thanks,

even so... i'm currently on a deadline approach, so no emerge world for 200 and some change packages.

chmoded most of the fs by hand.

there should be an easy way to store/restore perms. portage or not :D

cheers
Back to top
View user's profile Send private message
PaulBredbury
Watchman
Watchman


Joined: 14 Jul 2005
Posts: 7310

PostPosted: Thu Dec 14, 2006 5:13 pm    Post subject: Reply with quote

lxg wrote:
an emerge -e world suffice?

No, because re-emerges don't reset the permissions of existing files. Unless they do so in e.g. pkg_postinst(), outside of the sandbox. Or unless Portage has got a bug.

Edit: Hmm, just experimented with /etc/conf.d/microcode_ctl and portage-2.2_rc22, and portage *did* reset the file's permissions after an emerge. Toss a coin, to determine Portage's behaviour this week :?


Last edited by PaulBredbury on Thu Jan 15, 2009 2:48 am; edited 1 time in total
Back to top
View user's profile Send private message
chris.c.hogan
Apprentice
Apprentice


Joined: 02 Oct 2005
Posts: 189

PostPosted: Thu Dec 14, 2006 7:20 pm    Post subject: Reply with quote

mephx wrote:
accidentaly chmoded 777 ./.* as root


I'm assuming you used chmod -R 777 ./* from root as root. chmod 777 ./.* would only have changed the permissions on hidden files in the current directory. Either way, it would make the files in question user/group/world readable/writable/executionable. It makes for an insecure system. However, with the exception of files that need to be setuid/setgid, your system should function. Of course you'll want to repair the damage.

mephx wrote:
there should be an easy way to store/restore perms. portage or not


If you are just interested in backing up and restoring permissions, you could do:

Code:

cd /
ls -Rl > backup.perms


You could then write a script that feeds the generated list back into chmod to restore. However, a better method would be to tarball your system to DVD. It provides much more protection. Excluding /home, /tmp, and parts of /var, it should fit on one or two disks.

If you happen to have a reference system, you could also take advantage of chmod's --reference=rfile option to fix things.
Back to top
View user's profile Send private message
timeBandit
Bodhisattva
Bodhisattva


Joined: 31 Dec 2004
Posts: 2674
Location: here, there or in transit

PostPosted: Thu Dec 14, 2006 7:29 pm    Post subject: Reply with quote

https://forums.gentoo.org/viewtopic-t-410050-highlight-accidentally+chmod+777.html
Forum search, lame though it may be, is still your friend....
_________________
Plants are pithy, brooks tend to babble--I'm content to lie between them.
Super-short f.g.o checklist: Search first, strip comments, mark solved, help others.
Back to top
View user's profile Send private message
mephx
n00b
n00b


Joined: 23 Nov 2006
Posts: 11

PostPosted: Fri Dec 15, 2006 5:39 am    Post subject: Reply with quote

chris.c.hogan wrote:
If you happen to have a reference system, you could also take advantage of chmod's --reference=rfile option to fix things.

this sounds interesting...
but, how do i generate that rfile? :S

thanks everyone
~x
Back to top
View user's profile Send private message
kallamej
Administrator
Administrator


Joined: 27 Jun 2003
Posts: 4927
Location: Gothenburg, Sweden

PostPosted: Fri Dec 15, 2006 9:45 am    Post subject: Reply with quote

Merged post 3782519 and onwards to this thread.
_________________
Please read our FAQ Forum, it answers many of your questions.
irc: #gentoo-forums on irc.freenode.net
Back to top
View user's profile Send private message
mephx
n00b
n00b


Joined: 23 Nov 2006
Posts: 11

PostPosted: Thu Dec 21, 2006 8:50 pm    Post subject: Reply with quote

anyone? :oops:
Back to top
View user's profile Send private message
timeBandit
Bodhisattva
Bodhisattva


Joined: 31 Dec 2004
Posts: 2674
Location: here, there or in transit

PostPosted: Thu Dec 21, 2006 9:28 pm    Post subject: Reply with quote

Sorry, thought the person who posted that would reply.

The "rfile" mentioned isn't a generated file--I assume you were hoping it was a file listing all the correct permissions to apply. It's not. What chmod --reference=fileA fileB does is set the mode (permissions) of fileB to be the same as that of fileA (the reference file).
_________________
Plants are pithy, brooks tend to babble--I'm content to lie between them.
Super-short f.g.o checklist: Search first, strip comments, mark solved, help others.
Back to top
View user's profile Send private message
Yura
n00b
n00b


Joined: 25 Feb 2007
Posts: 10

PostPosted: Wed Jan 14, 2009 9:08 am    Post subject: suid bit lost for /usr Reply with quote

i was installing gentoo (openoffice) when free disk space ended... I decided move /usr directory to other partition (it was at root) i execute cp -r /usr /mnt/r/

(/mnt/r - ext3 partition) in /etc/fstab i wrote:
/mnt/r/usr auto bind 0 0

old /usr i deleted.

boot gone successfully.

but when i logined as user and typed startx it wasn't execute;
i looked at /usr/sbin and saw that no files had SUID bit.

for some files i set it manually. but it's to hard to set it for all files. reinstall all in /usr because 1 bit is very long and pity.

1. Have somebody any ideas ?
2. and why suid bit was lose when copies with cp ?
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 7236
Location: almost Mile High in the USA

PostPosted: Thu Jan 15, 2009 2:07 am    Post subject: Reply with quote

For #2 - You'll need to cp with -p to copy/retain permissions and owners.
As for #1, I'm not sure if there's a record of suid bits anywhere... this might be a good feature to add to portage? Not sure...
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
timeBandit
Bodhisattva
Bodhisattva


Joined: 31 Dec 2004
Posts: 2674
Location: here, there or in transit

PostPosted: Thu Jan 15, 2009 2:32 am    Post subject: Reply with quote

Merged above two posts here since it amounts to the same problem. Unfortunately, as pointed out above it's necessary to re-merge everything to be sure it's all fixed.
_________________
Plants are pithy, brooks tend to babble--I'm content to lie between them.
Super-short f.g.o checklist: Search first, strip comments, mark solved, help others.
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 7236
Location: almost Mile High in the USA

PostPosted: Thu Jan 15, 2009 4:30 pm    Post subject: Reply with quote

I think portage, after every file is cataloged (it does MD5 everything?), also record group/owner and file modes. I don't think these really are quite as helpful as the md5, but can help in situations like these as it appears people screw this up more often than one would think.
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum