Help solving the sysadm's nightmare
wojtek at wojtek.tensor.gdynia.pl
Thu Jul 19 08:12:15 UTC 2012
> administrators had no idea what they were doing, so problems with a
> permission denied would be solved by chown -R 777 /whatever! Needless to say,
rm -rf /whatever would be even better!
> it's a mess, and ofcourse everything is "critical" there is no room for
> interruption of service.
> Now, I have no idea which processes actually require access to those files,
> what privileges these processes run with and which files are actually
> executable or just plain files.
i can only help you with base system and ports permissions, and /var and
just look how it should be
> What I know is that lots of files are on samba shares and lots of files are
> used by uniface9 application, but I don't know much about uniface or if this
> is actually executed on the client or on the server.
look at samba config to check as what user directories are accessed. set
it as such user and chmod 700 is enough.
> At this moment my project is to migrate servers with these permissions to new
> servers, but those who prepared the OS have maintained the permissions from
> the older version because it's easier than actually investigating or
> understanding what's going on and find a solution. *sigh*
> So, how can I
> - determine if files are actually unix executables or just plain files (or
> windows executables)?
> - determine which users actually need read or write access to these files?
depends on software
lsof will not help you.
More information about the freebsd-questions