Date: Fri, 30 Jan 2004 18:53:02 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Spades <spades@galaxynet.org> Cc: freebsd-questions@freebsd.org Subject: Re: permissions problems Message-ID: <20040130185302.GA83276@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <05a601c3e75f$93714810$fa10fea9@bryanuptrvb0jc> References: <05a601c3e75f$93714810$fa10fea9@bryanuptrvb0jc>
next in thread | previous in thread | raw e-mail | index | archive | help
--5mCyUwZo2JvN/JJP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Jan 31, 2004 at 02:33:27AM +0800, Spades wrote:
> Hi,
>=20
> What if one of my admin accidentally did a:
>=20
> chmod -R o+rx /
>=20
> and changed my entire system permissions.
> What should i do to restore it?
>=20
> Please assist. Thanks.
Several choices:
i) mtree(8) is your friend:
# mtree -U -p / -f /etc/mtree/BSD.root.dist
# mtree -U -p /usr -f /etc/mtree/BSD.usr.dist
# mtree -U -p /usr/local -f /etc/mtree/BSD.local.dist
# mtree -U -p /usr/include -f /etc/mtree/BSD.include.dist
# mtree -U -p /var -f /etc/mtree/BSD.var.dist
which will fix up permissions on a large number of files and
directories, but by no means all.
ii) Do a restore from your latest backups. Working out how to merge
any changes to file contents without modifying the file permissions is
left as an exercise for the student.
iii) Do a full make {build,install}world cycle -- this will include
the mtree(8) commands as above, and more. Reinstall all of your
ports. This is probably going to be the most effective procedure.
Even so, for some of the filesystems, you're simply going to have to
guess -- your home directories will probably have to be fixed up
manually as will web site document roots, database files etc.
Luckily, the change described is actually a no-op on the great
majority of files, but the ones where it isn't a no-op usually have an
important reason for not permitting world access.
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
--5mCyUwZo2JvN/JJP
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFAGqgNdtESqEQa7a0RAq90AJwIqMS2srf/oIgKF8UtP/7HgtDV+ACaAmaN
8lbc9jxIOLhaZRQfUlSPvtE=
=RgyB
-----END PGP SIGNATURE-----
--5mCyUwZo2JvN/JJP--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040130185302.GA83276>