From owner-freebsd-questions@FreeBSD.ORG Fri Jan 30 10:53:10 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 04A1C16A4CE for ; Fri, 30 Jan 2004 10:53:10 -0800 (PST) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 15CDD43D1D for ; Fri, 30 Jan 2004 10:53:07 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) i0UIr2jc083573 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 30 Jan 2004 18:53:02 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id i0UIr2VA083572; Fri, 30 Jan 2004 18:53:02 GMT (envelope-from matthew) Date: Fri, 30 Jan 2004 18:53:02 +0000 From: Matthew Seaman To: Spades Message-ID: <20040130185302.GA83276@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Spades , freebsd-questions@freebsd.org References: <05a601c3e75f$93714810$fa10fea9@bryanuptrvb0jc> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5mCyUwZo2JvN/JJP" Content-Disposition: inline In-Reply-To: <05a601c3e75f$93714810$fa10fea9@bryanuptrvb0jc> User-Agent: Mutt/1.5.5.1i X-Spam-Status: No, hits=-4.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on happy-idiot-talk.infracaninophile.co.uk cc: freebsd-questions@freebsd.org Subject: Re: permissions problems X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jan 2004 18:53:10 -0000 --5mCyUwZo2JvN/JJP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jan 31, 2004 at 02:33:27AM +0800, Spades wrote: > Hi, >=20 > What if one of my admin accidentally did a: >=20 > chmod -R o+rx / >=20 > and changed my entire system permissions. > What should i do to restore it? >=20 > Please assist. Thanks. Several choices: i) mtree(8) is your friend: # mtree -U -p / -f /etc/mtree/BSD.root.dist # mtree -U -p /usr -f /etc/mtree/BSD.usr.dist # mtree -U -p /usr/local -f /etc/mtree/BSD.local.dist # mtree -U -p /usr/include -f /etc/mtree/BSD.include.dist # mtree -U -p /var -f /etc/mtree/BSD.var.dist which will fix up permissions on a large number of files and directories, but by no means all. ii) Do a restore from your latest backups. Working out how to merge any changes to file contents without modifying the file permissions is left as an exercise for the student. iii) Do a full make {build,install}world cycle -- this will include the mtree(8) commands as above, and more. Reinstall all of your ports. This is probably going to be the most effective procedure. Even so, for some of the filesystems, you're simply going to have to guess -- your home directories will probably have to be fixed up manually as will web site document roots, database files etc. Luckily, the change described is actually a no-op on the great majority of files, but the ones where it isn't a no-op usually have an important reason for not permitting world access. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --5mCyUwZo2JvN/JJP Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAGqgNdtESqEQa7a0RAq90AJwIqMS2srf/oIgKF8UtP/7HgtDV+ACaAmaN 8lbc9jxIOLhaZRQfUlSPvtE= =RgyB -----END PGP SIGNATURE----- --5mCyUwZo2JvN/JJP--