Help solving the sysadm's nightmare

[Erik Nørgaard]

Hi:

I have inherited a problem that is no cause for envy, the previous 
administrators had no idea what they were doing, so problems with a 
permission denied would be solved by chown -R 777 /whatever! Needless to 
say, it's a mess, and ofcourse everything is "critical" there is no room 
for interruption of service.

Now, I have no idea which processes actually require access to those 
files, what privileges these processes run with and which files are 
actually executable or just plain files.

What I know is that lots of files are on samba shares and lots of files 
are used by uniface9 application, but I don't know much about uniface or 
if this is actually executed on the client or on the server.

At this moment my project is to migrate servers with these permissions 
to new servers, but those who prepared the OS have maintained the 
permissions from the older version because it's easier than actually 
investigating or understanding what's going on and find a solution. *sigh*

So, how can I

- determine if files are actually unix executables or just plain files 
(or windows executables)?
- determine which users actually need read or write access to these files?

the second is what I think is the most difficult, I need some lsof 
daemon to log access...

Thanks for any suggestions.

Erik
-- 
M: +34 666 334 818
T: +34 915 211 157