1

This is embarrassing, but I need to fix my mistake and ask for assistance rather then dig my grave any further.

While working on installing Fail2Ban on a server I wondered if permissions was the reason F2B was failing to launch properly, so I ran: chmod 755 -R ../ while I was in /etc/fail2ban/.

Right after that I went to restart the service, but got a response along the lines of "Unknown UID 1000... Who are you?" I still have a shell to the server and should be able to execute any sh script as root thanks to an administrative tool assuming it has not been harmed.

I don't know how bad this is and I am too scared to touch it after this grave of a mistake.

I feel like what I just did was almost the equivalent of sudo rm -rf /. Please, I am begging for your help!

Itai Ganot
  • 10,424
  • 27
  • 88
  • 143
Sean Mitchell
  • 123
  • 8

2 Answers2

1

Boot a livecd on another machine and compare the file mods. You can diff two ls -l outputs easily. Then correct them.

Also you can use dpkg -V <package> to verify the files to the packages.

Stone
  • 6,941
  • 1
  • 19
  • 33
  • Not an option as this is a virtual machine. I am considering pulling off all configurations and creating a new server as it would be ~30 minutes of work. – Sean Mitchell Jan 17 '18 at 10:07
  • 2
    Don't reboot the machine you've broken, boot the livecd on *another* machine, then compare the perms. If you've got another running Ubuntu 16.04 system you could even just use that "live". – womble Jan 17 '18 at 10:58
1

There are times when a package upon your Debian (or Ubuntu) system needs reinstalling to fix problems which you might have caused, or to revert back to a pristine state, for that you may use:

apt-get --reinstall install

It will reinstall all the packages and get them back to pristine state.

As a quick band aid to be able to use the system, in order to fix it properly (reinstalling all the packages with contents within /etc, as stated above), you could do:

sudo find /etc -type d -exec chmod 775 '{}' \;
sudo find /etc -type f -exec chmod 664 '{}' \;

With those two lines you'll be setting liberal permissions in all the /etc dir, with read/write allowed for the owner and the group, and read allowed for everybody else. The reason of the two chmod is to set the execute bit only on directories.

Some processes will complain or fail even so, including any executable within /etc, but you should be able to do the reinstall I outlined above.

Edit:

Following your comments, if you're not going to lose any data and you have the time required to re-install the server - then do it and save yourself time and a headache.

Itai Ganot
  • 10,424
  • 27
  • 88
  • 143
  • I estimate a full installation of a new one for me would be tops 30 minutes and I am seriously considering it, as pushing out linux commands via the Azure portal takes a while. If you had to guess what would you say repair time would be? Since I still have access to SSH pulling off the data is the least of my concerns right now. – Sean Mitchell Jan 17 '18 at 10:10
  • 2
    If it will take you 30 mins to install and configure a new server, and you will not lose any data, then I recommend you do it. I believe you can fix your system, but it will probably be very complicated and may consume lots of time. – Itai Ganot Jan 17 '18 at 10:12
  • well then, I appreciate the help, but I am all for recreation and taking better steps in the future. I am going to become a documentation freak because of this today. – Sean Mitchell Jan 17 '18 at 10:13
  • I know it doesn't console, but such mistakes make the best learning experiences, so look on the bright side. Also, always think 3 times before running chown / chmod / rm -r or any other potentially destructive command. – Itai Ganot Jan 17 '18 at 10:17
  • could you vote close it out for me? I don't have enough reputation and you guys have put in too much effort to allow me to close it. Thank you so much again, and have a wonderful day. – Sean Mitchell Jan 17 '18 at 10:38
  • You could also accept an answer, the information presented here may help another user in the future. – Itai Ganot Jan 17 '18 at 10:50