Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi ,
I use Fedora Core 2 linux. I accidentally changed ownerships all of the entire unix directories and files to my local account(not root) and then I changed again the ownership to root except that I issued local account ownership only to my /home/xxxx directories. Now my mail server is not working and I cannot do a "su -" to login as root.
Can any one help me to restructure the entire permissions back. This is very critical to me.
I don't know how changing the fstab file would resolve your problem.. muddshark could you be a little bit more clear? Being able to write to your drive via a livecd only involves mounting it. You would have to take a look at your fstab file (possible without root) and use that while in the livecd to mount your drives to folders (all this as root possible with the livecd). Then you could chroot to the mounted folder, and just change all the permissions. Or simply change permissions without doing that, whichever seems easiest.
Can you log onto your computer as root (not as a normal user then use 'su')? That would be the first thing I would try to do. If you can just change them back that way. If not, you could try logging into your computer as root via ssh if it is enabled and try that way.
Do you know how to mount filesystems? If not, or you're a little shaky with it, post the contents of your fstab file, so that I might come up with the procedure.
And I'm slightly confused as to what the permissions are set at right now for which folders/files on your computer. Permissios on everything in the tree below and including your home directory have been altered?
Well, then. If you can login as root in some way, then there's no preventing you from changing permissions, right? I am not very good with shell scripting, though to change permissions and ownership you would simply apply the chown and chmod commands. For example (the --recursive just goes into the file tree, down the branches of each folder and all its contents):
Code:
# chown --recursive <username>:<group of user><directory>
That would take care of the ownership, then just apply a chmod to change the permissions:
Code:
# chmod --recursive u+rw <directory>
The only problem I have is that if you use --recursive on a folder and add the execute permissions, they'll be added to the containing files as well. I don't know how to make sure that the directories get x and the files are not touched with those permissions. But that should suffice, as to let you as your normal user to modify the files and permissions further.
My problem is not with changing permissions but when I do "su -" and give the root password, I cannot login as root whereas I can login using ssh using the same password. Also I cannot check mymail.
Ooohh I see, I'm sorry. For a solution, the only thing I can come up with is to add the username to the wheel group to allow the use of 'su'. Here is where it is stated.
Code:
# usermod -G wheel <username>
Other than that I do not know. (No idea what to do about the mail, either)
Not all files will have root ownership or root group, some files and directories will have different users and groups. For example, mysql will have a user called 'mysql' and group named 'mysql', if you changed ownership back to root on the directory structure, the daemons will not have the right permissions to function. Your mail server will have a user and group which now has changed to 'root', the mail daemon will not have the permissions to function. The only thing I can think of is change the permissions on the postfix or sendmail directories, depending on which one is installed, may fix the mail problem.
Also some file under /usr need SUID and SGID bit set or they don't work.
You might want to google or ask someone with a RH system to show the output of:
find /usr -type f -perm -04000 -ls
find /usr -type f -perm -02000 -ls
I would set at least:
chmod u+s /usr/bin/gpasswd /usr/bin/newgrp /usr/bin/passwd /usr/bin/procmail /usr/bin/sudo /usr/sbin/masqmail
chmod g+s /usr/bin/crontab /usr/bin/dotlockfile /usr/bin/kdesud /usr/bin/lockfile /usr/bin/procmail
Make sure your /etc/pam.d directory is owned by root.
make sure the T bit is set on /var/spool/mail ('chmod +t /var/log/mail') and that the files in there are owned by each individual owner and the 'mail' group.
Make sure the /bin/su has the sticky bit set ('chmod +s /bin/su').
That should make you able to log in as root. if not, check the /var/log/secure for error messages.
check the /var/log/messages for any additional info, if provided there..
Here's what you can do to debug the thing.
Open one terminal to follow the log files (physically on the machine without X? open more terminals with ALT-F1 through ALT-F6. Remotely, just log in as root more often).
in one terminal you type 'tail -f /var/log/messages '. In the second you type 'tail -f /var/log/secure '. Also possible: in just one terminal type 'tail -f /var/log/messages & tail -f /var/log/secure'.
Then try to log in in the third terminal and try different things, like 'su'. For mail error messages, also 'tail -f /var/log/maillog' to track errors too.
If you have vital rights back to be able to use your system, you may want to verify things.
'RPM -Va >~/rpmoutput.txt' to verify on files on your system. Use 'man rpm' to check what the lines mean.
If rights on directories are lost (the x bit), you can restore them, without putting the x bit on files as well by:
'chmod +x `find . -type d`'
This looks for directories from the '.' directory (or any other you provide) and does this recursively (the whole tree underneath) and adds the x bit to those files.
Let us know how you progress.
---------------
Ultimately, if you don't want much hassle, a reinstall is an option. Once, I messed up my machine with such command (thinking to chown to my user account from my homedir down, but I was in the / dir . . .). I ended up in reinstalling the whole thing.
It is a road of much learning if you want to restore everything by hand... depends what you want
Did you change the ownership only, or the permissions as well?
I think if you can get the help of someone with the same distro and a default full install you can come close to fixing it.
This command run on a system like yours will show all of the files that would need to be changed on your system..
ls -lR / | grep -v "root"
Once you have a list of files you could use chown and grep and the list to change the files one user or group at the time, or make a script that can do it all. If you look in /etc/passwd and /etc/group you'll see the users and groups you'll be working with.
Last edited by DavidPhillips; 01-02-2005 at 08:32 AM.
I have postfix with cyrus-imapd installed with authentication using saslauthd. One thing I observed in the /var/log/messages when I tried to retrive my mails was,
unable to open Berkeley db /etc/sasldb2:Permission denied
I think I need to change the permissions on /etc/sasldb2.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.