![]() |
Reset default permissions . . .
I'm running "Ubuntu 18.04" with every update/upgrade patch installed.
I am accessing it via "ssh" from both inside and outside the network. I can access it directly from a console monitor. I issued the following command "sudo chmod -R 777 /" on a separately mounted drive, and of course, it began to reset all the permissions on my system "/" (dumb, dumb, dumb) Now, "sudo" does not work, and I've disconnected via "ssh" and cannot access it remotely. How can I reset default permissions on "/" from the console? |
I don't think there is an easy answer to your problem. The following link
https://stackoverflow.com/questions/...debian-squeeze contains the advice "... your options are (a) compare with a working Debian system and fix permissions manually or (b) backup and reinstallation. I'd recommend (b), which will probably be less time-consuming, and with (a) it is difficult to be sure you have got everything right." This is a pretty old post. Perhaps there is a better solution by now. For the future, let me say that I learned the hard way to always use the form Code:
chmod --preserve-root ... |
thanks . . .
|
The ~/.ssh directory must be readable only by the user, so
Code:
chmod 700 ~/.ssh On my server, inside ~/.ssh Code:
-rw-r--r--. 1 root root 1198 May 26 17:18 authorized_keys |
that's a good start . . .
I'm thinking of my options. I have a man onsite who can enter a command such as that, then I can work remotely to either "fix" what I need or reinstall. Fortunately, data storage is held separately (the disc from which I was working), so I can backup for safety but possibly retain the file structure. That way, I can perform a fresh installation of the OS disc only. That would likely be quickest as has been stated. It's three discs, one for the OS and two set in a hardware RAID to create a storage disc. |
many programs will refuse to run if they see non-std file permissions
what we need is to know the correct permissions and then chmod back, yeah, I know obvious ;) I note you are posting from Ubuntu, that will do ;) on your working ( and one hopes very similar ) Ubuntu as root Code:
#!/bin/bash another option ( which is slower and less likely to work well ) does not need root does need mountpoint ( first arg. ) Code:
#!/bin/bash now, mount the root partition of the ubuntu that needs to be fixed. the following script takes two arguments, the first the MANIFEST.bz2 and the second is the mountpoint of the root partition you need to fix it will only print the commands, not execute them output to a file Code:
sudo ./RestorePermisions.sh ./MANIFEST.bz2 /mnt/foobared/ | tee chmodcommands.txt need sudo as it uses find to do initial sweep it won't write anything ( unless you remove the XARGS echo ) review that file ( sorry it will have very long lines in it ) I never got round to writing a fancy menu for it it dosn't try to fix home, we can do that later Code:
#!/bin/bash |
Excellent script!
HOWEVER . . . I can login as a regular user (as created when installing Ubuntu) but not root, and I can no longer use "sudo" or "su root" That means I cannot run the command above "chmod 700 ~/.ssh" or any variation to fix my remote login issue. I plan to be at the console within the next week and do a re-installation. We are in the process of backing up any data we wish to keep. Thanks for all the help! I will look more closely at your scripts and try them when I get a chance (probably this Saturday or next) |
Hi sankeny,
If you can actually solve your issue using firerat's recommendation, by all means. Before seeing his post, I was going to echo fishope's advice to reinstall. The last time I made a mistake with permissions, and it wasn't as far-reaching as your situation, I was never able to manually correct everything and had to reinstall. Firerat's scripting abilities far outclass mine - so, again, if that does the trick - excellent - and kudos to firerat. Let us know how you make out ! |
[resolution pending] Reset default permissions . . .
I will post once I resolve the issue or post any specific issues I find which might help someone else. It may be after Thanksgiving.
Meanwhile, I will mark this "solved" just to let someone know that I have answers (though not resolved until later) ANSWER: If you can login with root or access root authority via "sudo," then use "Fireat's" scripts. If not, reinstall. My personal experience is that it's likely the BEST solution - BACK UP DATA FIRST and don't make silly mistakes like I did. "chmod --preserve-root" is an excellent suggestion. Thanks everyone! |
Quote:
boot a liveCD mount the root partition, and point the script at it actually if you have a "working" system, then this would generate a suitable command list Code:
MP="/mnt/temproot/" if you have multiple mountpoints ( like /opt , /var ) adapt |
a more targeted generation
Code:
unset MNTPOINT the idea with this one is, for each sbin and bin dir on the "broken" partition, recursively chmod to 755 then run the "script" generated by the above find the trick with restoring permissions is knowing what they should be. The "big" script is a re-write of the one posted in https://www.linuxquestions.org/quest...2/#post6041687 one of my posts in that thread explains the "%05m" in the recent ( find -printf )s slackware's MANIFEST.bz2 was a handy reference point the , ( unar some.deb | tar -Jvtf - ) seemed like a good way to get a "manifest" on Debian derivatives, but it would depend on apt's caching policy then I figured the Code:
bzip2 > MANIFEST.bz2 < <( Find ) |
Firerat --
not sure "why" I didn't think of this -- Quote:
Code:
unset MNTPOINT FWIW -- I enjoyed reading the link you posted - https://www.linuxquestions.org/quest...2/#post6041687 - as it explained your thought processes while writing/rewriting these scripts. At first I thought YOU were "Alan Hicks" and felt HONORED that you would stoop to helping someone such as I who made a "dumb" mistake, and then I realized you were NOT the writer of the original Slackware script, though you are obviously a skilled programmer. I STILL FEEL HONORED that you would spend your time helping me resolve this issue. I am not a newbie but I am not at your level, and I still make newbie mistakes! As stated above -- Quote:
|
not quite
( the bold didn't show up well for | ) Code:
# make bins fix it finds files in dirs. named sbin or bin, that are not perm 755 and prints what they should be e.g. Code:
( /mnt/badpart ) Code:
find /mnt/badpart \ they should have ( chmod -R 00755 ) run on them Then, "run" the file generated by the "fix bins" find but, to be honest, it is probably just easier to run the "find" in #6 to make the MANIFEST.bz2 on a "good" install ( as root because a normal user can't read some dirs. ) put that MANIFEST.bz2 and the "big script" on a usb stick/drive boot a liveCD make a mount point, mount the "bad" partition and run ( as root ) Code:
the_script.sh /path/to/MANIFEST.bz2 /path/to/mountpoint/ > FixScript.sh #PrintCosmetic $FUNCNAME lines , it takes a bit longer ( not much really ) but they print to stderr, so you will still see things when redirecting stdout to file the FixScript.sh will look ugly ( very long lines ) alternately, remove the "echo" from the XARGS var. it will then run the chmods as it finds them. how well this will all work depends on how close the "good" is to the "bad" ( with respect to the installed packages ) |
so, here's what I did to RESOLVE the issue --
(1) created a "liveDebian" boot USB (in hopes of being able to store the scripts needed) Ubuntu "live-server" did not allow me to boot into a "live-session" nor did it include the tools I needed (2) ran the following script found at #6 above . . . Code:
#!/bin/bash On reflection, no doubt I could have "stored" them on the "bad" partition which I had mounted. Nevertheless, I didn't. (4) created a script from the following, also found at #6 above . . . Code:
#!/bin/bash Code:
the_script.sh /path/to/MANIFEST.bz2 /path/to/mountpoint/ > FixScript.sh Everything completed with no errors. HOWEVER, it didn't change the permissions as I had hoped. It appeared to have changed "some" directories and files, but most of the dirs were still marked "drwzrwzrwz" At this point, I decided to reinstall Ubuntu Server. I had some difficulty with the RAID partitioning - it was initially setup to "mirror" and we needed more disc space - so I "blew" the existing partitions and installed from "scratch" It had also given me problem installing "grub" This is a redeployed Mark VI Integrator, and we will now use it with more disc space (1 TB) Thanks to "Firerat" for his efforts! If I had had more time, I would have consulted with him to make the scripts works. I am convinced the DO work. |
just a comment:
you can analyze packages and restore permissions based on that information, but you cannot restore files created without installation (like log files). Also there are postinstall scripts which may make it even more difficult. So you can completely restore your system only from a full backup. |
All times are GMT -5. The time now is 02:14 AM. |