broke stuff with CHMOD...ick
 

i seem to have dug myself a hole using chmod

i [being a semi-newbie] was getting frustrated with having to switch back and forth between the root account and my user account when trying to access the roots files and programs that were installed under root. I had a bunch of mp3s and pics in my root's home, and wanted to access that folder under my user account, so i studied up on how to do this and stumbled across chmod.

after a few minutes i get the command sorted out for chmod and gave myself full rwx access to this folder, and used -R to get every thing nestled. so then i thought to myself, 'wow that was easy' so i started doing this for every folder in my my / folder, figuring i dont care too much about personal security at this point [considering i just got everything together], and ran 'chmod -R a+rwx file' on everything....

needless to say the next time i ran 'su' i got an error something like 'Operation not permitted' [something like that, i cant say exactly because i have to use winxp now just to write this email :( ] and, worse, my old root password wont work...and im POSITIVE i didnt touch it, and it worked prior to my chmod rampage.

during startup i there is a few new lines warning me about something being world readable...if need be, i can relay the entire section in a folow up post.

im running RedHat 9.0 and kernel 2.4.20-8

im stumped with this one...figured everything else so far on my own until now, but now that my root password is not working, im a lilttle stumped.

any help would be GREATLy appreciated.

thanks!

Welcome to LQ :)

A rarety from me, but I'd say, backup and reinstall. Doing a chmod -R on / is going to take you a month to suss out, and that's a good outlook. I guess first thing first if you wanna try though:
chmod 722 /etc/group /etc/passwd (actually likely most of /etc)
And follow with a:
chown -R root.root /etc

Good Luck, and like I said, it's rare, but with this kind of thing, you are best off just wiping it and learning from the mistake ;) Backup of course.

Cool

-
 

wow quick response! ;)

sticky thing is, is that chmod seems to not work correctly when not under the root account, or su. and since my user account is all i can use right nowm im not sure how to give chmod permission to change whatever it has to and stop giving me errors

ick! haha

Ah, the answer I hate to give probably more than re-install...

Since you chmodded everything, you should be able to chmod everything back now, but that's no biggie, let's give your user the appearance of root, something you should NEVER EVER EVER EVER EVER..... EVER do:
Fire up a text editor, I prefer vi:
vim /etc/passwd
Arrow down to your user entry (assuming it's chuck, go to the entry with 'chuck')
Change the numbers from something like 501 or 500 to 0 save and exit (assuming this file was 'chmodded' this'll work, if not, maybe a single user mode will be appropriate, we'll see).

Now that user **should** virtually be "root". NEVER EVER EVER VER.....EVER...EVER do this though, normally.

Cool

the reason su doesnt work is because youve lost all the setuid permissions so at a guess the following and possibly more will not work(as a non-root user). mount, umount, su, ping and a few shadow passwod utilities. im not sure why your old root password doesnt work possibly something to do with the permissions of /etc/shadow but thats just a guess. as MasterC reccomends your only real choice is to backup and reinstall. to get su working chmod 4755 /bin/su, this will only work if root. if you cant get to root, pass a shell as the init option to the kernel - if you dont know what this means, dont worry just reinstall

will this work? he says his root password doesnt work and i thought the lookup in /etc/shadow was based on uid?

kev, would dropping in the install CD and getting to a term help the situation at all? I mean, the chmod would then be called from the root perms of the disc right? Which, being read-only are going to be correct since it's the install discs ;)

From there he could chmod a bit around, mess with a few things to "pick up the pieces" and start rebuilding his shack he just destroyed? No? Just some thoughts, he might learn quite a bit and become the next permissions wizard! :D

Cool

i dont see why not, if he gets to a root console, mounts his filesystem, and sorts out the setuid problems and /etc then the system should be perfectly useable(assuming he uses devfs and not a static /dev) then he can go chmodding away and most certanly would become a permissions wizard.

btw i still cant get that quote thing right, you said put the name in {i}{/i} tags and the body in {b}{/b} tags obviosly replacing { with [ that just does bold and italic, what i want is where it says quote: after the colon i want the persons name to appear.

Yeah, add the quotes bit too:
{QUOTE}{i}Originally posted by Toby{/i}
{b}Body{/b}{/quote}

So:
:)

Cool

Dunno ;) I tend to not do this, so it's just pulling different parts of knowledge together to see what'll work.

He could certainly delete the entry in /etc/shadow as well, that wouldn't cause any headaches other than no root pass...

Cool

<after thought>
When in 'rescue mode' with the disc, he could uninstall/reinstall the shadow rpm, just guessing, but maybe that'd set him straight on that at the very least?

Cool

about the quotes, what u did wasnt what i meant but ive spent 20 minutes looking through all the threads ive posted in and cant find what i want so i must have been dreaming or something.

ive just tried that and it doesnt work, however if you remove the x in /etc/passwd and just leave the password entry empty eg:

root::0:0:root:/root:/bin/sh

then it lets you login with no password, at which point you can start chmodding 4755

i dont know whats in the rpm but i think the main problem is /etc which i would have thought was constructed on the fly in the install rather than in an rpm but it would certanly set a lot of the setuid bits back.

Were you looking for something like this:
?

Cool

nope, more like this

quote: by person
-------------------------------------------------------------------------
quoted text
-------------------------------------------------------------------------

while your here where would one find libglut.a on mandrake 9??
http://www.linuxquestions.org/questi...threadid=80200

http://www.linuxquestions.org/questi...994#post415994

Originally posted by Thread Hijackers


Like that?

Cool

no, the persons name was on the same line as "quote:" im convinced i must have dreamed it up

haha....im jumping back in now! ;)

i took masterC's original advice- i re-installed RH9 from scratch, and built it back up as best as i could.

thanks a ton for the follow up advice, although most of it was way over my head at this point, it was the not-understanding of chmod that got me into this mess in the first place :p

i do have another related question tho, however. i was wondering if there are any SAFE directories from the / level that i can chmod with -R. im asking this because i get a little frustrated with having to chmod each individual directory as i tinker with things here and there....for example installing gaim plugins or gettin my fstab all set up for xp partitions. whenever i do anything with su the directory or file, by default, gives my user no permissions to change anything, so i was wondering if i could get some of the permission changing out of the way by chmodding with -R some directories that take alot of ins and outs, like /usr for example...

any ideas?