Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
12-02-2003, 05:23 PM
|
#1
|
Member
Registered: Dec 2003
Posts: 39
Rep:
|
box lockout after chmod 700
Hi
in my infinite wisdom and linux experience, i attempted to restrict users seeing other users directories within the /home structure by executing chmod -R 700 home.
the result is now that no user other than root can log into the system, my email server is down, web server is down, database is non-responsive and who knows what else has dumped. either way, i'm in big trouble.
the only suggestion i have received was to start fresh with a new install, losing whatever i had (painfully i might add) set up before.
is there any other way to recover from this?
any suggestions would be greatly appreciated.
thanks.
Takis
|
|
|
12-02-2003, 05:36 PM
|
#2
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Shoot the person who suggested the re-install ... :)
This is unix, you can do everything.
chmod 755 /home
And for the individual users, do the following
cd /home
ls -1 | xargs chmod -R 700
That should do the trick :}
Cheers,
Tink
|
|
|
12-02-2003, 05:55 PM
|
#3
|
Member
Registered: Dec 2003
Posts: 39
Original Poster
Rep:
|
ok
i'm logged in as root.
i've done the chmod 755 to the home directory.
i then went into the home directory and ran:
ls -1 | xargs chmod -R 700
it paused for a moment then returned.
i still can't log in as any other user.
i suspect perhaps i've done something wrong with what you suggested.
should i be running the above on each individual user directory? although i think that the above did run it on all directories.
either way, still no good. i don't understand how the web server dumped. there are no pages served from user's home directories. also the database user for pgsql has no home directory, yet that user too has lost login ability. home must have some hidden bits???
anyway... anything would be appreciated.
thanks
Takis
|
|
|
12-02-2003, 06:01 PM
|
#4
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Ummm ...
post the output of
ls -ld /home
and
ls -l /home
, please
Cheers,
Tink
|
|
|
12-02-2003, 06:09 PM
|
#5
|
Member
Registered: Dec 2003
Posts: 39
Original Poster
Rep:
|
ok
ls -ld /home
drwxr-xr-x 14 root root 4096 Dec 2 10:29 /home
ls -l /home
drwx------ 4 admin admin 4096 Feb 24 2003 admin
drwx------ 3 courier courier 4096 Mar 10 2003 courier
drwx------ 5 isecard isecards 4096 Jul 24 03:26 isecard
drwx------ 2 jay isecards 4096 Jul 24 03:22 jay
drwx------ 3 larosa hbclient 4096 May 18 2003 larosa
drwx------ 3 markg hibrow 4096 Feb 5 2003 markg
drwx------ 3 michielm hibrow 4096 Feb 5 2003 michielm
drwx------ 2 peteb hibrow 4096 Aug 15 04:21 peteb
drwx------ 3 popuser popuser 4096 Apr 28 2003 popuser
drwx------ 3 steveb hibrow 4096 Feb 5 2003 steveb
drwx------ 4 takisd takisd 4096 Dec 2 12:13 takisd
drwx------ 2 takisd2 takisd 4096 Dec 2 10:29 takisd2
the last account, takisd2 was one i created to see if adding a new user would work for that user... unfortunately no.
thanks
Takis
|
|
|
12-02-2003, 06:31 PM
|
#6
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Looks good to me ... what else did you change,
what's the error message you get? Try to log in
from a full-screen terminal ... or as root, do a
su - takisd and see what error message you get.
Cheers,
Tink
|
|
|
12-02-2003, 06:35 PM
|
#7
|
Member
Registered: Dec 2003
Posts: 39
Original Poster
Rep:
|
i've been trying that all night to no avail.
su takisd or any user gives me
could not open session
if i use a system type user say apache or my qmail users i get the same thing.
accessing mail still won't work, and the web sites are dead. initially i got 403 for the sites and then i restarted apache and now all i get is 404 not found. pinging the sites still works, so dns is ok. just everything on the machine is dumped.
even tomcat which started as root won't work though ps -ef will show those pocesses running.
thanks again... anything would be great
Takis
|
|
|
12-02-2003, 06:41 PM
|
#8
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Please, do a
su - takisd
and copy and paste the output.
And again, what else (besides the permissions)
did you change?
Cheers,
Tink
|
|
|
12-02-2003, 06:45 PM
|
#9
|
Member
Registered: Dec 2003
Posts: 39
Original Poster
Rep:
|
ok heres the su output
[root@plain /]# su takisd
could not open session
i get the above for all users.
i didn't touch anything else - nothing at all.
what i did was: chmod -R 700 /home
thats it. after that all dumped, from mail, to ftp (gives no access obviously), web (apache and tomcat) and so forth.
i don't understand. ok, big stuff up on my part but unrecoverable!!??
thanks heaps for your help... i'll take anything.
Takis
|
|
|
12-02-2003, 07:05 PM
|
#10
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Does
su takisd
and
su - takisd
make a difference in your distro?
Also, what's the
ls -l /home/takis
look like?
Cheers,
Tink
|
|
|
12-02-2003, 07:09 PM
|
#11
|
Member
Registered: Dec 2003
Posts: 39
Original Poster
Rep:
|
the results of those commands is below:
[root@plain /]# su takisd
could not open session
[root@plain /]# su - takisd
su: warning: cannot change directory to /home/takisd: Permission denied
could not open session
[root@plain /]# ls -l /home/takisd
total 8
drwx------ 8 takisd takisd 4096 Mar 10 2003 Maildir
drwx------ 7 root root 4096 Jul 28 11:01 temp
i'm running redhat 7.2... sorry should have mentioned that earlier
thanks
Takis
|
|
|
12-02-2003, 07:15 PM
|
#12
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
What about a
chown -R takisd:takisd /home/takisd
?
|
|
|
12-02-2003, 07:17 PM
|
#13
|
Member
Registered: Dec 2003
Posts: 39
Original Poster
Rep:
|
same deal...
[root@plain /]# chown -R takisd:takisd /home/takisd
[root@plain /]# su takisd
could not open session
its as if something has become horribly corrupted.
i'm really pulling my hair out, i'm hosting a couple of small sites and email accounts. i think they want my blood....
anything.....
thanks
Takis
|
|
|
12-02-2003, 07:22 PM
|
#14
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
*sigh*
ls -lad /home
ls -la /home
ls -lad /home/takisd
ls -la /home/takisd
Look at both users and permissions.
Cheers,
Tink
|
|
|
12-02-2003, 07:26 PM
|
#15
|
Member
Registered: Dec 2003
Posts: 39
Original Poster
Rep:
|
tried that results below:
[root@plain /]# ls -lad /home
drwxr-xr-x 14 root root 4096 Dec 2 10:29 /home
[root@plain /]# ls -la /home
total 56
drwxr-xr-x 14 root root 4096 Dec 2 10:29 .
drwx------ 21 root root 4096 Dec 2 17:15 ..
drwx------ 4 admin admin 4096 Feb 24 2003 admin
drwx------ 3 courier courier 4096 Mar 10 2003 courier
drwx------ 5 isecard isecards 4096 Jul 24 03:26 isecard
drwx------ 2 jay isecards 4096 Jul 24 03:22 jay
drwx------ 3 larosa hbclient 4096 May 18 2003 larosa
drwx------ 3 markg hibrow 4096 Feb 5 2003 markg
drwx------ 3 michielm hibrow 4096 Feb 5 2003 michielm
drwx------ 2 peteb hibrow 4096 Aug 15 04:21 peteb
drwx------ 3 popuser popuser 4096 Apr 28 2003 popuser
drwx------ 3 steveb hibrow 4096 Feb 5 2003 steveb
drwx------ 4 takisd takisd 4096 Dec 2 12:13 takisd
drwx------ 2 takisd2 takisd 4096 Dec 2 10:29 takisd2
[root@plain /]# ls -lad /home/takisd
drwx------ 4 takisd takisd 4096 Dec 2 12:13 /home/takisd
[root@plain /]# ls -la /home/takisd
total 40
drwx------ 4 takisd takisd 4096 Dec 2 12:13 .
drwxr-xr-x 14 root root 4096 Dec 2 10:29 ..
-rwx------ 1 takisd takisd 1460 Nov 6 08:28 .bash_history
-rwx------ 1 takisd takisd 24 May 14 2002 .bash_logout
-rwx------ 1 takisd takisd 191 May 14 2002 .bash_profile
-rwx------ 1 takisd takisd 124 Dec 2 12:13 .bashrc
-rwx------ 1 takisd takisd 99 May 19 2002 .fetchmailrc
drwx------ 8 takisd takisd 4096 Mar 10 2003 Maildir
-rwx------ 1 takisd takisd 11 Feb 4 2003 .qmail
drwx------ 7 takisd takisd 4096 Jul 28 11:01 temp
[root@plain /]#
i had changed the .bash_profile and the others .bash_ files to 644 as they were before, but that didn't work either.
should i be considering scrubbing and starting again... i'm just desperartely trying to avoid this - it will take forever.
thanks
Takis
|
|
|
All times are GMT -5. The time now is 11:45 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|