LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-16-2014, 09:34 AM   #1
jyunker
Member
 
Registered: Aug 2009
Posts: 167

Rep: Reputation: 0
Restoring file and directory permissions on Centos 6.5, 64 bit using Live CD


I have a Centos 6.5 Live CD, 64 bit. I messed up my permissions on my Centos 6.5, 64 bit install. It seems the only realistic thing to do is to reinstall.

That would be hard.

I restored most of the permissions using the commands:

for u $(rpm -qa), do rpm --setugids $u; done

and

for p $(rpm -qa), do rpm --setperms $p; done

As I said most permisiosns are now set correctly.

Most, but not all.

The system files and directories such as

/usr/local/

/usr/bin

still have far too open permissions. I want to set them back to their original permission values, but the above two command did not do that.

Guess, I must reinstall.

But do I?

The Centos 6.5, 64 bit Live CD has all of those fle and directory permission values. So is there way to use the Live CD and copy them to the Centos install on my computer's hard drive automatically.

I would rather not do it by hand : too tedious and error prone.

There must be some way to do it automatically and save a lot of time.

The alternative is to reinstall. I would rather not do that.

Thanks in advance,

Respectfully,

jyunker
 
Old 01-16-2014, 09:46 AM   #2
Habitual
LQ Addict
 
Registered: Jan 2011
Posts: 8,491
Blog Entries: 12

Rep: Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386
Code:
stat -c%a /usr/bin /usr/local
output please.
 
Old 01-16-2014, 10:19 AM   #3
jyunker
Member
 
Registered: Aug 2009
Posts: 167

Original Poster
Rep: Reputation: 0
command output

Okay, what is this command? What am I trying to do here? I will send you the output when I run it.


Respectfully,

jyunker
 
Old 01-16-2014, 12:20 PM   #4
jyunker
Member
 
Registered: Aug 2009
Posts: 167

Original Poster
Rep: Reputation: 0
The response when running

stat -c%a /usr/bin/ usr/local/

is

555
755

Is this what you need?

Respectfully,

jyunker
 
Old 01-16-2014, 12:39 PM   #5
haertig
Senior Member
 
Registered: Nov 2004
Distribution: Debian, Ubuntu, LinuxMint, Slackware, SysrescueCD, Raspbian
Posts: 2,191

Rep: Reputation: 338Reputation: 338Reputation: 338Reputation: 338
Quote:
Originally Posted by jyunker View Post
Guess, I must reinstall.
Restore from backups would be better. But if you don't have those, IMHO you should reinstall. On the bright side, you've learned why backups are so important. And you've also learned to be very careful at the command line, especially when running recursive commands as root.

IMHO, attempting to fix permissions in any way other than a restore from backups or a reinstallation is playing with fire. You could end up with all kinds of security holes in your system.
 
Old 01-16-2014, 01:02 PM   #6
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,107

Rep: Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478
/usr/bin is 555 ?
is ok for the FOLDER

there is also the SElinux context that might also need fixing

the two commands in the first post will restore them -- mostly
but NOT the folder the programs are in

however for the JUST the /usr/bin
Code:
su-
stat -c%A%C /usr/bin
should give you
Code:
dr-xr-xr-xsystem_u:object_r:bin_t:SystemLow
for the programs IN that folder 755 or
Code:
755system_u:object_r:bin_t:SystemLow
but NOT EVERYTHING IS THAT !!!
you will need to MANUALLY go through and check EVERYTHING


reinstall 20 to 30 min.
restore from known good back up
30 min.

manually check everything

A WEEK or so.....
(or at least a few days of long hours )

Last edited by John VV; 01-16-2014 at 01:13 PM.
 
Old 01-16-2014, 01:13 PM   #7
Habitual
LQ Addict
 
Registered: Jan 2011
Posts: 8,491
Blog Entries: 12

Rep: Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386
Quote:
Originally Posted by jyunker View Post
stat -c%a /usr/bin/ usr/local/
is
555
755
That is what they are on a stock CentOS 6.4 Final install.

I guess I'd ask what
Quote:
Originally Posted by jyunker View Post
still have far too open permissions.
means exactly.
 
Old 01-16-2014, 04:09 PM   #8
jyunker
Member
 
Registered: Aug 2009
Posts: 167

Original Poster
Rep: Reputation: 0
worrying about folders

I appreciate your quick response and I must tell you that you have given me some ideas.

I ran the commands as stated in the first post of this string, and it must have changed the programs permissions, becuase only folder names are now in that dark green rectangle on the computer screen that means they have far too liberal permissions.

Thus I am assumimng that the programs permissions must be okay after I ran those two one-liners commands.

That leaves only folders to worry about. This make the problem tractable.

Am I correct on this, because it seems so from what you said?

Thanks in advance. Any help appreciated.

Respectfully,


jyunker
 
Old 01-17-2014, 07:35 AM   #9
Habitual
LQ Addict
 
Registered: Jan 2011
Posts: 8,491
Blog Entries: 12

Rep: Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386
Quote:
Originally Posted by jyunker View Post
folder names are now in that dark green rectangle on the computer screen that means they have far too liberal permissions.
James is it?

It's hard to tell from here. We're using terminal commands and you are referencing some unknown graphical representation of "folder names".
Can you elaborated on this dark green rectangle?

Desktop Environment? File Manager?

A green rectangle may just mean you have access to those directories and their contents?
 
Old 01-17-2014, 08:42 AM   #10
jyunker
Member
 
Registered: Aug 2009
Posts: 167

Original Poster
Rep: Reputation: 0
filename and directory names

Somewhere along the line when I was installing NVDIA drivers and toolkits, I must have changed too many files to very liberal permissions. The suggested result was to run the two commands shown at the start of this string.

I was warned the commands would take a long time to run this and they did.

These commands did not get everything, but they got a lot. I ended up with some directories in a dark green rectangle and permissions like this


drwxrwxrwx james james Vurtualbox VMS


to get the dark green reactangle to go away, I changed permissions to


drwxrwxr-x james james Vurtualbox VMS


I was warned the this dark green triangle enclosing a directory name indicated that these directories have far too liberal/open permissions. I must change them or when my computer is scanned again by network security, I will be booted off the network.

I then ran

Code:
sudo yum reinstall filesystem
sudo yum reinstall coreutils

This seemed to get some more directory permissions changed and I was very happy.

All of the directories and files from Desktop and on were now just fine.

However, directories closer to root - not so much.


Many, but not all had their name enclosed in a green rectangle. Again, this signaled far too liberal permisisons.

So I noted that no filenames only directories names were enclosed in a green rectangle. That is whre I must concentrate.

I am now doing just that. As I said most have been corrected, but some have not.

Again no filenames in dark green reactangle, only directory names.

This indicated a much more tractable problem; there a far fewer directories than filenames.

That is why I am only worrying about directories; it should be much easier.

The statement by someone in this thread indicated that those two commands at the start of the thread chanage only filenames permissions.

I believe the easier way to go is too change things back. A reinstall for me will take a long time-not 20-30 minutes.

Respectfully,

jyunker
 
Old 01-17-2014, 12:34 PM   #11
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,107

Rep: Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478Reputation: 2478
Quote:
Somewhere along the line when I was installing NVDIA drivers and toolkits,
there is no need to change anything for the .run
nor is there a need to do so for the CUDA-SDK

just WHAT instructions are you trying to fallow
they sound like they are DESIGNED to KILL / FUBAR a operating system install

-- like the 4chan ps4 BRICKING " bit of FUN" they had
-- telling people to but the ps4 in a reboot cycle


also BE AWARE !!!!!!!!!
as a SECURITY measure SELinux will NOT !!!! let you login if the users HOME folder has the WRONG SE context
and if the system files have the wrong SE context SELinux might even PREVENT the booting of the Operating system


there was and is no need to change any folder or program permissions



reinstall the OS is your BEST OPTION
 
Old 01-17-2014, 01:21 PM   #12
Habitual
LQ Addict
 
Registered: Jan 2011
Posts: 8,491
Blog Entries: 12

Rep: Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386
Quote:
Originally Posted by John VV View Post
there is no need to change anything for the .run
...
there was and is no need to change any folder or program permissions
...
reinstall the OS is your BEST OPTION
This is the only way you'll ever be certain.

Next time, you may wish to include omitted steps much earlier in your posts for assistance, instead of 10 posts later:
Quote:
Somewhere along the line when I was installing NVDIA drivers and toolkits, I must have changed too many files to very liberal permissions.
Just some more advice.

Code:
sh /path/to/NVIDIA-Linux-whatever.sh
is all that need be done.
 
Old 01-17-2014, 02:10 PM   #13
jyunker
Member
 
Registered: Aug 2009
Posts: 167

Original Poster
Rep: Reputation: 0
partial reinstall

Is there a way to do a reinstall of centos 6.5, 64 bit and avoid any and all parts of the network reinstall?

This is the only way that I dare do it. If I cannot is do that, is there some kind of piecemeal approach to
reinstalling Centos?

I just want to avoid at all costs the network connection reinstall. If I am tossed of the network (and I will be if I cannot do it either of these two ways) then it will take a 20-min for the software install and a week in filling out forms to get back on the network. At least a week.

Please understand my problem.

Respectfully,


jyunker
 
Old 01-17-2014, 02:26 PM   #14
Habitual
LQ Addict
 
Registered: Jan 2011
Posts: 8,491
Blog Entries: 12

Rep: Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386Reputation: 2386
Quote:
Originally Posted by jyunker View Post
Is there a way to do a reinstall of centos 6.5, 64 bit and avoid any and all parts of the network reinstall?

This is the only way that I dare do it. If I cannot is do that, is there some kind of piecemeal approach to
reinstalling Centos?

I just want to avoid at all costs the network connection reinstall. If I am tossed of the network (and I will be if I cannot do it either of these two ways) then it will take a 20-min for the software install and a week in filling out forms to get back on the network. At least a week.
Are you asking how to keep your current network settings when you do re-install?

IP/Subnet + Gateway?

That is all that most installs need to get to the internet.
 
Old 01-21-2014, 07:37 AM   #15
jyunker
Member
 
Registered: Aug 2009
Posts: 167

Original Poster
Rep: Reputation: 0
reinstall linux and preserve network connections

Yes, exactly.

Is there way to do it?

Any help appreciated. Thanks in advance.


Respectfully,


jyunker
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
file/directory permissions mianmajidali Linux - Server 1 10-08-2009 10:35 AM
File permissions v. directory permissions Completely Clueless Linux - Newbie 7 07-09-2009 08:33 AM
Help restoring file permissions from a Dump bminish Linux - Newbie 3 12-12-2004 01:34 PM
File and Directory permissions plasmapudding Red Hat 3 09-09-2003 10:26 AM
Directory and file permissions ryan Linux - Security 2 12-06-2000 12:46 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration