owner of /etc /boot and / (related to can't su thread???)

Phil Schaffner Philip.R.Schaffner at nasa.gov
Fri Jul 8 13:48:40 UTC 2005


On Fri, 2005-07-08 at 08:14 -0500, Mike McCarty wrote: 
> Shawn wrote:
...
> >Dare I try changing them back?
> >  
> >
> I would at least try. I'd do something like ...
> 
> $ su -

But he said he couldn't "su".  Can you login as root in a virtual
console?

> # chown root /*
> # ls -ld /*
> # (verify ownership)

Assuming login as root succeeds, I'd do:

# chown -R root /boot /etc
# cd /
# chown root . ..
# find / -type d -user jr | less

This will show only directories (change "d" to "f" to see files).
Inspect results and change ownership back as required - similar to /boot
and /etc example above.

As Alexander pointed out, not all /etc files should be owned by root:

# find /etc ! -user root -ls
1902112    8 drwxr-xr-x   3 amanda   disk         4096 Jun 17 13:01 /etc/amanda
1902351    8 drwxr-xr-x   2 amanda   disk         4096 Jun 17 13:01 /etc/amanda/DailySet1
1902353    8 -rw-r--r--   1 amanda   disk         2099 Feb 17 18:59 /etc/amanda/DailySet1/disklist
1902352   24 -rw-r--r--   1 amanda   disk        17638 Feb 17 18:59 /etc/amanda/DailySet1/amanda.conf
1902354    8 -rw-r--r--   1 amanda   disk          500 Feb 17 18:59 /etc/amanda/crontab.sample
1215137    4 -rw-r--r--   1 amanda   disk            0 Feb 17 18:59 /etc/amandates
1902490    8 drwxr-xr-x   2 news     news         4096 Jun 17 13:01 /etc/news
1902514   12 -rw-r--r--   1 news     news         4742 Feb 18 07:07 /etc/news/newsfeeds
1902519    8 -rw-r-----   1 news     news          597 Feb 18 07:07 /etc/news/passwd.nntp
1902516    8 -rw-r-----   1 news     news          583 Feb 18 07:07 /etc/news/nntpsend.ctl
1902517    8 -rw-r-----   1 news     news         2052 Feb 18 07:07 /etc/news/ovdb.conf
1902520    8 -rw-r-----   1 news     news         2115 Feb 18 07:07 /etc/news/radius.conf
1902500    8 -rw-r-----   1 news     news          164 Feb 18 07:07 /etc/news/actsync.cfg
1902515    8 -rw-r-----   1 news     news          516 Feb 18 07:07 /etc/news/nnrpd.track
1902502    8 -rw-r-----   1 news     news          304 Feb 18 07:07 /etc/news/buffindexed.conf
1902499    8 -rw-r--r--   1 news     news           41 Feb 18 07:07 /etc/news/.profile
1902510    8 -rw-r-----   1 news     news         2120 Feb 18 07:07 /etc/news/innwatch.ctl
1902513    8 -rw-r-----   1 news     news          609 Feb 18 07:07 /etc/news/news2mail.cf
1902524    8 -rw-r--r--   1 news     news          114 Feb 18 07:07 /etc/news/subscriptions
1902508    8 -rw-r-----   1 news     news         3141 Feb 18 07:07 /etc/news/innfeed.conf
1902518    8 -rw-r--r--   1 news     news          340 Feb 18 07:07 /etc/news/overview.fmt
1902507   12 -rw-r-----   1 news     news         5353 Feb 18 07:07 /etc/news/incoming.conf
1902512    8 -rw-r-----   1 news     news          185 Feb 18 07:07 /etc/news/motd.news
1902501    8 -rw-r-----   1 news     news          375 Feb 18 07:07 /etc/news/actsync.ign
1902505    8 -rw-r--r--   1 news     news          495 Feb 18 07:07 /etc/news/distrib.pats
1902506    8 -rw-r-----   1 news     news         1428 Feb 18 07:07 /etc/news/expire.ctl
1902504    8 -rw-r-----   1 news     news          859 Feb 18 07:07 /etc/news/cycbuff.conf
1902522    8 -rw-r-----   1 news     news          117 Feb 18 07:07 /etc/news/sasl.conf
1902521   12 -rw-r-----   1 news     news         4747 Feb 18 07:07 /etc/news/readers.conf
1902511    8 -rw-r--r--   1 news     news         1127 Feb 18 07:07 /etc/news/moderators
1902523    8 -rw-r-----   1 news     news         1109 Feb 18 07:07 /etc/news/storage.conf
1902503   92 -rw-r-----   1 news     news        82161 Feb 18 07:07 /etc/news/control.ctl
1902509   72 -rw-r-----   1 news     news        63409 Feb 18 07:07 /etc/news/innreport.conf
1708120    8 drwxr-x--x   2 quagga   quagga       4096 Jun 17 13:01 /etc/quagga
1708127    8 -rwxr-x---   1 quagga   quaggavt      126 Feb 17 22:06 /etc/quagga/vtysh.conf.sample
1708129    8 -rw-r-----   1 quagga   quagga         31 Jun 17 13:01 /etc/quagga/zebra.conf
1213184    8 -rw-r-----   1 ident    ident          83 Jun 17 12:53 /etc/ident.key
1215276   12 -rwxr-x---   1 news     news         4574 Feb 18 07:07 /etc/rc.news


> # exit
> $ _
> 
> It's unlikely to make much difference, since the *group*
> is still root, and anything that "logs in" as something other
> than root is either going to suid to root, or will log in as
> something with root priviledge, or log in as something with
> the root as group.
> 
> It would just make me a little nervous, anyway.

Yes.

On the other query about an FC4 upgrade fixing permissions - probably
some but not others.  Not all config files will be replaced on an
upgrade.  OTOH may be worth a shot if you can't log in as root with the
current mess, of fixing perms as described fails to correct all
problems.

Phil





More information about the fedora-list mailing list