owner of /etc /boot and / (related to can't su thread???)
Phil Schaffner
Philip.R.Schaffner at nasa.gov
Fri Jul 8 13:48:40 UTC 2005
On Fri, 2005-07-08 at 08:14 -0500, Mike McCarty wrote:
> Shawn wrote:
...
> >Dare I try changing them back?
> >
> >
> I would at least try. I'd do something like ...
>
> $ su -
But he said he couldn't "su". Can you login as root in a virtual
console?
> # chown root /*
> # ls -ld /*
> # (verify ownership)
Assuming login as root succeeds, I'd do:
# chown -R root /boot /etc
# cd /
# chown root . ..
# find / -type d -user jr | less
This will show only directories (change "d" to "f" to see files).
Inspect results and change ownership back as required - similar to /boot
and /etc example above.
As Alexander pointed out, not all /etc files should be owned by root:
# find /etc ! -user root -ls
1902112 8 drwxr-xr-x 3 amanda disk 4096 Jun 17 13:01 /etc/amanda
1902351 8 drwxr-xr-x 2 amanda disk 4096 Jun 17 13:01 /etc/amanda/DailySet1
1902353 8 -rw-r--r-- 1 amanda disk 2099 Feb 17 18:59 /etc/amanda/DailySet1/disklist
1902352 24 -rw-r--r-- 1 amanda disk 17638 Feb 17 18:59 /etc/amanda/DailySet1/amanda.conf
1902354 8 -rw-r--r-- 1 amanda disk 500 Feb 17 18:59 /etc/amanda/crontab.sample
1215137 4 -rw-r--r-- 1 amanda disk 0 Feb 17 18:59 /etc/amandates
1902490 8 drwxr-xr-x 2 news news 4096 Jun 17 13:01 /etc/news
1902514 12 -rw-r--r-- 1 news news 4742 Feb 18 07:07 /etc/news/newsfeeds
1902519 8 -rw-r----- 1 news news 597 Feb 18 07:07 /etc/news/passwd.nntp
1902516 8 -rw-r----- 1 news news 583 Feb 18 07:07 /etc/news/nntpsend.ctl
1902517 8 -rw-r----- 1 news news 2052 Feb 18 07:07 /etc/news/ovdb.conf
1902520 8 -rw-r----- 1 news news 2115 Feb 18 07:07 /etc/news/radius.conf
1902500 8 -rw-r----- 1 news news 164 Feb 18 07:07 /etc/news/actsync.cfg
1902515 8 -rw-r----- 1 news news 516 Feb 18 07:07 /etc/news/nnrpd.track
1902502 8 -rw-r----- 1 news news 304 Feb 18 07:07 /etc/news/buffindexed.conf
1902499 8 -rw-r--r-- 1 news news 41 Feb 18 07:07 /etc/news/.profile
1902510 8 -rw-r----- 1 news news 2120 Feb 18 07:07 /etc/news/innwatch.ctl
1902513 8 -rw-r----- 1 news news 609 Feb 18 07:07 /etc/news/news2mail.cf
1902524 8 -rw-r--r-- 1 news news 114 Feb 18 07:07 /etc/news/subscriptions
1902508 8 -rw-r----- 1 news news 3141 Feb 18 07:07 /etc/news/innfeed.conf
1902518 8 -rw-r--r-- 1 news news 340 Feb 18 07:07 /etc/news/overview.fmt
1902507 12 -rw-r----- 1 news news 5353 Feb 18 07:07 /etc/news/incoming.conf
1902512 8 -rw-r----- 1 news news 185 Feb 18 07:07 /etc/news/motd.news
1902501 8 -rw-r----- 1 news news 375 Feb 18 07:07 /etc/news/actsync.ign
1902505 8 -rw-r--r-- 1 news news 495 Feb 18 07:07 /etc/news/distrib.pats
1902506 8 -rw-r----- 1 news news 1428 Feb 18 07:07 /etc/news/expire.ctl
1902504 8 -rw-r----- 1 news news 859 Feb 18 07:07 /etc/news/cycbuff.conf
1902522 8 -rw-r----- 1 news news 117 Feb 18 07:07 /etc/news/sasl.conf
1902521 12 -rw-r----- 1 news news 4747 Feb 18 07:07 /etc/news/readers.conf
1902511 8 -rw-r--r-- 1 news news 1127 Feb 18 07:07 /etc/news/moderators
1902523 8 -rw-r----- 1 news news 1109 Feb 18 07:07 /etc/news/storage.conf
1902503 92 -rw-r----- 1 news news 82161 Feb 18 07:07 /etc/news/control.ctl
1902509 72 -rw-r----- 1 news news 63409 Feb 18 07:07 /etc/news/innreport.conf
1708120 8 drwxr-x--x 2 quagga quagga 4096 Jun 17 13:01 /etc/quagga
1708127 8 -rwxr-x--- 1 quagga quaggavt 126 Feb 17 22:06 /etc/quagga/vtysh.conf.sample
1708129 8 -rw-r----- 1 quagga quagga 31 Jun 17 13:01 /etc/quagga/zebra.conf
1213184 8 -rw-r----- 1 ident ident 83 Jun 17 12:53 /etc/ident.key
1215276 12 -rwxr-x--- 1 news news 4574 Feb 18 07:07 /etc/rc.news
> # exit
> $ _
>
> It's unlikely to make much difference, since the *group*
> is still root, and anything that "logs in" as something other
> than root is either going to suid to root, or will log in as
> something with root priviledge, or log in as something with
> the root as group.
>
> It would just make me a little nervous, anyway.
Yes.
On the other query about an FC4 upgrade fixing permissions - probably
some but not others. Not all config files will be replaced on an
upgrade. OTOH may be worth a shot if you can't log in as root with the
current mess, of fixing perms as described fails to correct all
problems.
Phil
More information about the fedora-list
mailing list