LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-21-2010, 02:12 PM   #1
itismike
Member
 
Registered: Aug 2002
Location: East Coast, USA
Distribution: Ubuntu
Posts: 75

Rep: Reputation: 15
oops: chown -R fog:fog /


As expected, the above command borked my system, and quickly! I've been able to recover 90% of the way, but there is one symptom remaining. I connect to a Juniper SSL VPN at work, and it runs a script that asks me for my root user's password. It fails, and I haven't been able to figure out why since everything seems to be working now.

Let me start at the beginning. I was attempting to recursively change the ownership of '/images' to the user "fog" (this is for the application called FreeGhost - a very cool replacement for Symantec Ghost) as described here. I mistyped, and left off the 'images' part. This is what I typed"
Code:
sudo chown -R fog:fog /
It crunched for a few seconds (which was WAY too long for the /images folder, so I realized something was wrong), I then saw an error about permission denied for a folder in my home folder. I ctrl-C'ed out of the command. By that time, it had chowned /bin, /boot, /dev, /etc, and a few folders under /home. [see attached picture]

I was able to log in as user fog, and since I didn't have a record of what the permissions previously were, I just set all the ones in the folders listed above to root:root. The ones in /home I set to the name of the user for each folder.

I couldn't unlock the screensaver, so I found that /etc/shadow needed to be set to root:shadow. So the system is usable, but I cannot launch the script to connect to the VPN. Here's what I see in /var/log/auth.log when I attempt to provide the root password:
Code:
Mar 21 13:24:51 fries unix_chkpwd[6423]: check pass; user unknown
Mar 21 13:24:51 fries unix_chkpwd[6423]: password check failed for user (root)
Mar 21 13:24:51 fries su[6422]: pam_unix(su:auth): authentication failure; logname=michael uid=1000 euid=1000 tty=/dev/pts/1 ruser=michael rhost=  user=root
Mar 21 13:24:53 fries su[6422]: pam_authenticate: Authentication failure
Mar 21 13:24:53 fries su[6422]: FAILED su for root by michael
Mar 21 13:24:53 fries su[6422]: - /dev/pts/1 michael:root
Any tips on what I need to chown to resolve this?
Attached Thumbnails
Click image for larger version

Name:	2010-03-14 21.50.42.jpg
Views:	26
Size:	86.6 KB
ID:	3112  

Last edited by itismike; 03-21-2010 at 02:20 PM. Reason: adjust title
 
Old 03-21-2010, 05:54 PM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,790

Rep: Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653
In an RPM based system you can verify whether files installed by a package have been modified, maybe Ubuntu has a similar function ?

hth
 
Old 03-22-2010, 07:14 AM   #3
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.10, Centos 7.5
Posts: 17,710

Rep: Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520Reputation: 2520
Also, rpm has a way to reset perms/owners http://www.cyberciti.biz/tips/reset-...ermission.html
 
Old 03-23-2010, 06:13 PM   #4
itismike
Member
 
Registered: Aug 2002
Location: East Coast, USA
Distribution: Ubuntu
Posts: 75

Original Poster
Rep: Reputation: 15
hmm. If it does, I haven't seen it. I'll keep looking.
 
Old 03-23-2010, 06:16 PM   #5
uhcafigdc
Member
 
Registered: Oct 2008
Distribution: Debian Lenny
Posts: 39

Rep: Reputation: 15
This is awesome. I'm just saying. :]
 
Old 03-23-2010, 06:19 PM   #6
itismike
Member
 
Registered: Aug 2002
Location: East Coast, USA
Distribution: Ubuntu
Posts: 75

Original Poster
Rep: Reputation: 15
c'mon uhcafigdc. that ain't cool :P I got a hosed system here!
 
Old 03-23-2010, 07:06 PM   #7
uhcafigdc
Member
 
Registered: Oct 2008
Distribution: Debian Lenny
Posts: 39

Rep: Reputation: 15
I can identify because it is exactly the type of thing that I would do. Welcome to the club that I made I am president.
 
Old 03-23-2010, 07:21 PM   #8
itismike
Member
 
Registered: Aug 2002
Location: East Coast, USA
Distribution: Ubuntu
Posts: 75

Original Poster
Rep: Reputation: 15
Mr. President, I appreciate the sympathy. Feel free to keep an eye on my progress and have a cheap laugh at my expense. It's nice to have a leader with experience.
 
Old 03-27-2010, 03:44 PM   #9
itismike
Member
 
Registered: Aug 2002
Location: East Coast, USA
Distribution: Ubuntu
Posts: 75

Original Poster
Rep: Reputation: 15
some progress (?)

still struggling with this. I ran this command on a similar machine (same version of Ubuntu):
Code:
sudo ls -aFlgR /etc | grep -v "root root" | grep -v "total" > /home/me/Desktop/result-etc.txt
and did the same for /bin, /boot and /dev. These other three directories didn't return any meaningful results, but I got many hits from the /etc folder:
Code:
sudo ls -aFlgR etc/ | grep -v "root root" | grep -v "total" > /home/me/Desktop/result-etc.txt

etc/:
drwxrwxr-x   4 couchdb couchdb     4096 2009-10-28 17:02 couchdb/
drwxr-xr-x   4 root    lp          4096 2010-03-21 14:05 cups/
drwxr-xr-x   8 root    dip         4096 2009-10-28 17:02 ppp/
-rw-r-----   1 root    daemon       144 2009-09-15 09:09 at.deny
-rw-r-----   1 root    shadow       695 2010-02-05 02:22 gshadow
-rw-------   1 root    me      0 2010-02-05 14:53 mtab.fuselock [renamed]
-rw-r-----   1 root    shadow      1086 2010-02-25 17:13 shadow

etc/chatscripts:
drwxr-s---   2 root dip   4096 2009-10-28 17:02 ./
-rw-r-----   1 root dip    656 2009-10-28 17:02 provider

etc/couchdb:
drwxrwxr-x   4 couchdb couchdb  4096 2009-10-28 17:02 ./
drwxr-xr-x   2 couchdb couchdb  4096 2009-10-23 08:40 default.d/
drwxr-xr-x   2 couchdb couchdb  4096 2009-10-23 08:40 local.d/
-rwxrwxr--   1 couchdb couchdb  3843 2009-10-23 08:40 default.ini*
-rwxrwxr--   1 couchdb couchdb   910 2009-10-23 08:40 local.ini*

etc/couchdb/default.d:
drwxr-xr-x 2 couchdb couchdb 4096 2009-10-23 08:40 ./
drwxrwxr-x 4 couchdb couchdb 4096 2009-10-28 17:02 ../

etc/couchdb/local.d:
drwxr-xr-x 2 couchdb couchdb 4096 2009-10-23 08:40 ./
drwxrwxr-x 4 couchdb couchdb 4096 2009-10-28 17:02 ../

etc/cups:
drwxr-xr-x   4 root lp    4096 2010-03-21 14:05 ./
drwxr-xr-x   2 root lp    4096 2010-02-05 21:29 ppd/
drwx------   2 root lp    4096 2009-10-28 17:01 ssl/
-rw-------   1 root lp      82 2010-02-05 21:30 classes.conf
-rw-------   1 root lp     639 2010-03-21 14:05 printers.conf
-rw-------   1 root lp     639 2010-03-09 14:19 printers.conf.O
-rw-r-----   1 root lp     110 2010-02-16 14:12 subscriptions.conf
-rw-r-----   1 root lp     396 2010-02-15 08:34 subscriptions.conf.O

etc/cups/ppd:
drwxr-xr-x 2 root lp    4096 2010-02-05 21:29 ./
drwxr-xr-x 4 root lp    4096 2010-03-21 14:05 ../

etc/cups/ssl:
drwx------ 2 root lp   4096 2009-10-28 17:01 ./
drwxr-xr-x 4 root lp   4096 2010-03-21 14:05 ../

etc/ppp:
drwxr-xr-x   8 root dip   4096 2009-10-28 17:02 ./
drwxr-s---   2 root dip   4096 2009-10-28 17:02 peers/

etc/ppp/peers:
drwxr-s--- 2 root dip 4096 2009-10-28 17:02 ./
drwxr-xr-x 8 root dip 4096 2009-10-28 17:02 ../
-rw-r----- 1 root dip 1093 2009-10-28 17:02 provider

etc/ssl:
drwx--x---   2 root ssl-cert  4096 2010-02-05 02:23 private/

etc/ssl/private:
drwx--x--- 2 root ssl-cert 4096 2010-02-05 02:23 ./
-rw-r----- 1 root ssl-cert  887 2010-02-05 02:23 ssl-cert-snakeoil.key
So the above is a list of all the files, folders, and subfolders within /etc who's ownership is NOT "root root". (there were several that showed up as "root [several spaces] root", so I deleted them from my results-etc.txt file manually.)

I've gone back through all the above files/folders and set them to the permissions identified above. Example:
Code:
sudo chown root:daemon /etc/at.deny 
sudo chown root:shadow /etc/gshadow
sudo chown root:lp cups/
sudo chown root:dip ppp/
sudo chown couchdb:couchdb couchdb/
sudo chown root:dip /etc/chatscripts/provider
sudo chown -R couchdb:couchdb *
sudo chown root:dip peers/
sudo chown root:dip provider 
sudo chown -R root:ssl-cert private/
Since mtab.fuselock had "me" listed, I just renamed the file. It wasn't recreated after boot. Haven't been able to find out what purpose it serves.

I still can't launch my VPN. I suspect a file within my home directory needs ownership other than me, so I'm looking into that now.
 
Old 03-27-2010, 06:39 PM   #10
itismike
Member
 
Registered: Aug 2002
Location: East Coast, USA
Distribution: Ubuntu
Posts: 75

Original Poster
Rep: Reputation: 15
Solved

Apparently my reckless chown command had wiped out the 'sticky-bit' on my su file. Had nothing to do with the VPN or my individual profile. These commands restored it:
Code:
sudo -i
chmod +s /bin/su

Last edited by itismike; 03-27-2010 at 06:39 PM. Reason: misspelling
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
root> chown -R 666 ~ veracity Linux - Software 10 11-06-2009 09:30 AM
cant go on chown -R root:root $LFS/tools Lolandrea Linux From Scratch 6 11-04-2008 08:36 AM
chown as non-root Rudy Vogels Linux - Security 5 06-19-2007 01:20 AM
proftpd chown as root failed john8675309 Linux - Software 2 12-06-2005 05:53 PM
Oops! I did a chown -R root from the '/' level Wujen Linux - Newbie 4 04-06-2005 06:20 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 03:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration