LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-26-2013, 09:41 PM   #1
GaijinPunch
Member
 
Registered: Aug 2003
Location: Tokyo, Japan
Distribution: Gentoo
Posts: 130

Rep: Reputation: 22
WOW -- I'm an idiot. chmod'ed * -R from /


This is a double post, but I'm not getting much help at gentoo forums.

I ran chmod 755 * -R in the #$@Q!ing root, instead of somewhere else. Stupid. I realized it when it got to /proc and gave errors. I can SSH in, but I cannot su to root. I still have the root session open though. I changed permissions on /bin/su to be owned by root, but I still get setgid: Operation not permitted setgid: Operation not permitted.

I know this is totally dumb and I should just rebuild. It's Monday morning and I actually have a busy week of work. I won't reboot, but I could lose that session. Can anyone think of a few things I should do to alleviate the pain a little? The first is getting root access whenever I need it. After that, it should all be fixable with some time.

Updates: Things I can't do but need to. First and foremost, su, as stated above. Ping I can live w/o, but it tells me:
ping: icmp open socket: Operation not permitted

YES: I will rebuild... but I can't now. Maybe not for a few days.
Any help is appreciated.
 
Old 05-26-2013, 11:51 PM   #2
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 2,959

Rep: Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268
On /bin/su, you need to set the set-uid bit:
Code:
chmod u+s /bin/su
Yes, you will probably need to re-install to fix everything. On an RPM-based system a lot can be fixed with "rpm --setperms -a", but that only fixes those files and directories that the packages actually install, and I don't know if Gentoo has anything equivalent.
 
Old 05-27-2013, 01:37 AM   #3
GaijinPunch
Member
 
Registered: Aug 2003
Location: Tokyo, Japan
Distribution: Gentoo
Posts: 130

Original Poster
Rep: Reputation: 22
My guess is the base system will not be fixed w/ portage. Maybe, but generally when you do something so foolish, you should rebuild... for punishment alone.
 
Old 05-27-2013, 08:13 AM   #4
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,603

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
Don't feel too bad. Nearly everyone does it or something equivalent (in my case, it was overwriting the entire system trying to create a filesystem on a single partition).

The problem that remains is that none of the programs have setuid to root, and some programs have access that shouldn't (such as the encrypted password file).

This makes login difficult because some login utilities will not trust a shadow password file that is world readable (it may have been penetrated). It is hard to use su/sudo because both have lost the setuid bit.

The usual solution is to boot into single user mode, and (depending on distribution) force a reinstall to restore the correct permissions. Yo can fix the /etc/shadow file manually as that one is easy to identify, but finding all the others is harder unless you have a backup listing that has all that information (tripwire makes such a file for instance).
 
Old 05-27-2013, 08:59 AM   #5
GaijinPunch
Member
 
Registered: Aug 2003
Location: Tokyo, Japan
Distribution: Gentoo
Posts: 130

Original Poster
Rep: Reputation: 22
Yeah. I'm being chastised elsewhere for not keeping a backup. My reasoning is that I rebuild often enough to make it a waste of time, figuratively speaking. (Sources & Data are backed up though. )

I might just use this time to upgrade the hard drive. I need to anyway.
 
Old 05-27-2013, 09:03 AM   #6
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,603

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
One of the things I have moved to was keeping two root filesystems - one for operational use, one for testing... and backup.

Has made things much easier to recover - it only takes a reboot to start the alternate root, and then can more leisurely rebuild the other (at worst, just overwrite it...).
 
Old 05-27-2013, 11:12 PM   #7
GaijinPunch
Member
 
Registered: Aug 2003
Location: Tokyo, Japan
Distribution: Gentoo
Posts: 130

Original Poster
Rep: Reputation: 22
Yeah, that doesn't seem like a bad idea. You'd just have to periodically reboot to the new one to update the system. Part of my moaning about a lot of package-based systems is that if you wait too long, you're screwed and have to restart.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Sticky Bit? (ie: chmod 2770 vs chmod 770) JeffC1 Linux - Newbie 7 03-18-2010 08:39 AM
Apache: difference between chmod 644 and chmod 666 and chmod 600 for output/txt/dat? frenchn00b Programming 6 04-22-2009 02:10 PM
chmod 775 to only the directories and chmod 664 to only the files? apachenew Linux - Security 6 09-27-2007 04:26 PM
chmod, external usb, vfat - can't chmod a directory itsjustme Slackware 2 04-02-2006 05:23 PM
I'm an idiot: chmod -R * in / as root. Fix? fez Linux - General 9 11-23-2003 02:19 AM


All times are GMT -5. The time now is 08:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration