[ale] I did a bad bad thing...

Charles Shapiro cshapiro at nubridges.com
Mon Dec 10 11:30:38 EST 2001 


I am currently engaged in fixing a very similar problem. In this case it
was a cow-orker who managed to use not chown, but "chmod -R 777 /" as
root. Hit <enter> before finishing the directory name, alas. She hit
<break> before it ate all of the machine, but it still nailed most of
/bin, /etc, /var, a few other essential directories.

We also could not su(1), but we quickly found the setuid bit problem
mentioned below and got that straight within 5 minutes or so. It helped
that we knew we had a permissions problem. On my RedHat boxen, an ls -l
of /bin/su gives:

-rwsr-xr-x    1 root     root        14112 Jan 16  2001 /bin/su

I'm currently writing some perl scripts to copy the permissions from a
known good box back over to the munged one.  If there's interest, I'll
be happy to publish it on the TWiki
(http://tomshiro.org/cgi-bin/twiki/view/ALE), along with some sketchy
documentation. Right now it creates a script file full of "chmod"
commands which you can run in a separate step. Gnarly, but I like to do
this kind of fix in small, easily understood steps. It's more
labor-intensive, but minimizes the chances of compounding a dramatic
error with another dramatic error (gee, none of _us_ have ever done
that!).

-- CHS



-----Original Message-----
From: Fletch [mailto:fletch at phydeaux.org]
To: ale at ale.org
Sent: Thursday, December 06, 2001 12:40 PM
To: ALE List
Subject: Re: [ale] I did a bad bad thing...


>>>>> "Kevin" == Kevin Krumwiede <krum at smyrnacable.net> writes:

    Kevin> This morning I accidentally typed 'chown -R apache.apache
    Kevin> *' as root.  I don't know if I was in /, or if chown always
    Kevin> takes '*' to mean '/*', but anyhow, I screwed things up

[...]

        The shell expands wildcards (this isn't wintendo), so if it
happened to stuff in / you were in /.

    Kevin> Everything seems to work just fine now, except that I
    Kevin> cannot su to root.  I can log in as root, just can't su.

        Probably because in the process of chown'ing everything the
setuid bit on su (and many other things got wiped out).

    Kevin> Any ideas?  Are there any files in /etc, /bin, and /sbin
    Kevin> that should NOT be owned by root?


        You *might* could get everything back as it was by looking at
another box with a similar distribution and resetting permissions
accordingly.  But at this point, I'd really sugguest backing up user
data and reinstalling just to make sure you don't have problems
somewhere down the road.


        And welcome to the `Used A Wildcard As Root In The Wrong
Place' club. :)

-- 
Fletch                | "If you find my answers frightening,
__`'/|
fletch at phydeaux.org   |  Vincent, you should cease askin'          \
o.O'
770 933-0600 x211(w)  |  scary questions." -- Jules
=(___)=
                      |                                               U

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems
should be 
sent to listmaster at ale dot org.


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.

More information about the Ale mailing list