LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 12-13-2006, 10:04 PM   #1
ubearcats
LQ Newbie
 
Registered: Dec 2006
Posts: 3

Rep: Reputation: 0
Reversal of chown -R oracle . issued from / as root


Coworker issued chown -R oracle . from / as root. Stopped immediately but damage was already done. This is on CentOS. Wondering if there are any utilities to help reverse this without reinstalling. Any help would be appreciated.

Thanks
 
Old 12-13-2006, 10:15 PM   #2
frob23
Senior Member
 
Registered: Jan 2004
Location: Roughly 29.467N / 81.206W
Distribution: Ubuntu, FreeBSD, NetBSD
Posts: 1,449

Rep: Reputation: 47
Ugh, that's a nasty mess. I don't suppose CentOS uses mtree during the install? It might be a BSD thing, as I know all the BSDs use it.

If you have it, you'll probably have a directory /etc/mtree which will have files with the original information.

If you can get that, if you don't have it already. You will want to use it to make a listing of the correct information for the drive (in case this happens in the future). The program itself can even compare the old permissions and change them back. I hate to have to admit this, but it has saved me once because of a similar mistake.

If you don't have that, you need to find some way to compare a clean filesystem with the messed up one and change the permissions back. This may involve doing a sample install on another system and running a complete listing of all the files to be brought to the new machine and then writing a script to compare owners and fix them if they're different.

Edit: to add some info.

Last edited by frob23; 12-13-2006 at 10:20 PM.
 
Old 12-13-2006, 10:36 PM   #3
J.W.
LQ Veteran
 
Registered: Mar 2003
Location: Milwaukee, WI
Distribution: Mint
Posts: 6,642

Rep: Reputation: 69
Quote:
Originally Posted by ubearcats
.... [the] damage was already done...
This is the safe viewpoint. Unless you have an 100% comprehensive and exhaustive listing of each and every file that was incorrectly changed (which I would assume would be unlikely in the extreme) my recommendations would be to:

1. Backup any important data
2. Reinstall
3. Review your security policy, and give only 2 or maybe 3 trusted people true root access. I'm sure your co-worker meant well, but I'd suggest looking at it this way: If his/her actions were a deliberate act, rather than an accident, would you consider it sabotage/vandalism? I would, and I'd consider pressing charges if I knew who was responsible. Maybe it was a true and/or innocent rookie mistake, but even so, I'd only give root to someone whose job actually required it, and they had demonstrated that they would use it responsibly.

Keep in mind that in Linux, it is assumed that root knows what he/she is doing, and thus any commands executed by root will be performed, no questions asked. Good luck with it regardless.
 
Old 12-13-2006, 11:22 PM   #4
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
You can try using the rpm verify option.

For example, you can verify the /etc/auto.net file with:
rpm -qVf /etc/auto.net
Add the option -v for verbose to verify all of the files that the package supplies:
rpm -qVvf /etc/auto.net

To locate the package the supplies the file enter: rpm -qf <full/file/name>; e.g.:
rpm -qf /etc/auto.net
autofs-4.1.4-23

Now you can look at the default permissions of all of the files that the package supplies:
Code:
rpm -qvl autofs
-rw-r--r--    1 root    root              345 May  2  2006 /etc/auto.master
-rw-r--r--    1 root    root              581 May  2  2006 /etc/auto.misc
-rwxr-xr-x    1 root    root             1272 May  2  2006 /etc/auto.net
-rwxr-xr-x    1 root    root              538 May  2  2006 /etc/auto.smb
-rwxr--r--    1 root    root             9234 May  2  2006 /etc/init.d/autofs
drwxr-xr-x    2 root    root                0 May  2  2006 /usr/lib/autofs
-rwxr-xr-x    1 root    root            11704 May  2  2006 /usr/lib/autofs/autofs-ldap-auto-master
-rwxr-xr-x    1 root    root            13128 May  2  2006 /usr/lib/autofs/showmount
drwxr-xr-x    2 root    root                0 May  2  2006 /usr/lib64/autofs
-rwxr-xr-x    1 root    root            25596 May  2  2006 /usr/lib64/autofs/lookup_file.so

...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
proftpd chown as root failed john8675309 Linux - Software 2 12-06-2005 04:53 PM
Oops! I did a chown -R root from the '/' level Wujen Linux - Newbie 4 04-06-2005 05:20 PM
python script needs root chown ability kosuke Programming 5 11-07-2004 04:14 PM
CHOWN as root fails; owner 4294967295? eventide Linux - Hardware 1 11-24-2003 12:42 AM
chmod vs chown on some root files and yes apps ergo_sum Linux - Newbie 3 11-12-2003 10:49 AM


All times are GMT -5. The time now is 09:02 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration