permissions problems
Matthew Seaman
m.seaman at infracaninophile.co.uk
Fri Jan 30 10:53:10 PST 2004
On Sat, Jan 31, 2004 at 02:33:27AM +0800, Spades wrote:
> Hi,
>
> What if one of my admin accidentally did a:
>
> chmod -R o+rx /
>
> and changed my entire system permissions.
> What should i do to restore it?
>
> Please assist. Thanks.
Several choices:
i) mtree(8) is your friend:
# mtree -U -p / -f /etc/mtree/BSD.root.dist
# mtree -U -p /usr -f /etc/mtree/BSD.usr.dist
# mtree -U -p /usr/local -f /etc/mtree/BSD.local.dist
# mtree -U -p /usr/include -f /etc/mtree/BSD.include.dist
# mtree -U -p /var -f /etc/mtree/BSD.var.dist
which will fix up permissions on a large number of files and
directories, but by no means all.
ii) Do a restore from your latest backups. Working out how to merge
any changes to file contents without modifying the file permissions is
left as an exercise for the student.
iii) Do a full make {build,install}world cycle -- this will include
the mtree(8) commands as above, and more. Reinstall all of your
ports. This is probably going to be the most effective procedure.
Even so, for some of the filesystems, you're simply going to have to
guess -- your home directories will probably have to be fixed up
manually as will web site document roots, database files etc.
Luckily, the change described is actually a no-op on the great
majority of files, but the ones where it isn't a no-op usually have an
important reason for not permitting world access.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040130/8113a9c7/attachment-0001.bin
More information about the freebsd-questions
mailing list