owner of /etc /boot and / (related to can't su thread???)

Fri Jul 8 14:05:53 UTC 2005

Phil Schaffner wrote:

>On Fri, 2005-07-08 at 08:14 -0500, Mike McCarty wrote: 
>  
>
>>Shawn wrote:
>>    
>>
>...
>  
>
>>>Dare I try changing them back?
>>> 
>>>
>>>      
>>>
>>I would at least try. I'd do something like ...
>>
>>$ su -
>>    
>>
>
>But he said he couldn't "su".  Can you login as root in a virtual
>console?
>  
>
Erm, I think you have your attributions wrong. It was "related..." not
"part of..." the "can't su thread". I don't see where he can't su.

>  
>
>># chown root /*
>># ls -ld /*
>># (verify ownership)
>>    
>>
>
>Assuming login as root succeeds, I'd do:
>
># chown -R root /boot /etc
># cd /
># chown root . ..
># find / -type d -user jr | less
>  
>
I would not use the -R option. I'd just start with the contents of /,
and work my way down, slowly.

>This will show only directories (change "d" to "f" to see files).
>Inspect results and change ownership back as required - similar to /boot
>and /etc example above.
>
>As Alexander pointed out, not all /etc files should be owned by root:
>
># find /etc ! -user root -ls
>1902112    8 drwxr-xr-x   3 amanda   disk         4096 Jun 17 13:01 /etc/amanda
>1902351    8 drwxr-xr-x   2 amanda   disk         4096 Jun 17 13:01 /etc/amanda/DailySet1
>1902353    8 -rw-r--r--   1 amanda   disk         2099 Feb 17 18:59 /etc/amanda/DailySet1/disklist
>  
>
[snip]

>  
>
>># exit
>>$ _
>>
>>It's unlikely to make much difference, since the *group*
>>is still root, and anything that "logs in" as something other
>>than root is either going to suid to root, or will log in as
>>something with root priviledge, or log in as something with
>>the root as group.
>>
>>It would just make me a little nervous, anyway.
>>    
>>
>
>Yes.
>
>On the other query about an FC4 upgrade fixing permissions - probably
>some but not others.  Not all config files will be replaced on an
>upgrade.  OTOH may be worth a shot if you can't log in as root with the
>current mess, of fixing perms as described fails to correct all
>problems.
>  
>
I didn't see where he has any problems logging in. I wouldn't think that
much got changed. OTOH, if some stuff that needs to be owned by
something other than root got changed, then there could be big problems,
not solved by "chown -R root /"

I'd think that command would make things much worse.

Mike

-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!