On Fedora at least, the RPM command has the options --setperms
and --setugids
, using those you can fix most of the system owned files like rpm --setugids -a
. To (somewhat) fix the files for each user, you can do for each one chown -R user /home/user
. There probably will be leftovers that haven't been fixed by the above, particularly if you have some sort of server (web, ftp, others), those will have to be handled one by one.
Probably other distributions have similar mechanisms. Or do a full refresh (i.e., install everything anew, like it was somehow damaged. OK, it was somehow damaged.)
[Yes, this is yet again Unix' rather cruel way of teaching unsuspecting users to consider each command carefully before pressing ENTER, and to use root sparingly. Consider yourself taught.]
3This cannot be undone automatically, and yes, it has a significant impact on your system (including, but not limited to, the various home directories). I hope you have a recent backup handy. Good luck. – Frédéric Hamidi – 2013-02-18T16:33:09.057
There are programs that check your system for appropriate permissions and file ownership. I think tripwire is or was an early one. If you don't have multiple users you may be able to salvage the situation just by getting a report and/or fix from such a tool. – minopret – 2013-02-18T16:45:09.680
Also read the great advice below that amounts to "don't react in any way that would make it worse" and "don't assume the worst". Or remember these important general troubleshooting steps using the joke version: Emergency operator: "Don't panic, are you sure your friend is dead?" Caller: BANG "Yes, sadly, he's dead." – minopret – 2013-02-18T16:48:44.350
In most cases, on a normal system, you should be able to tell from the group of a file who the owner should be. So
find
all files that are owned by root where the group isn't appropriate, and chown them all to the user that matches the group. Log failues, and deal with them on an individual basis. – agf – 2013-02-18T22:17:59.857Have you run that command as root? (I hope not...) – Axel – 2013-02-18T23:34:19.563
I'm confused, why can't he recursively change the file permissions in his public directory to the webserver again? – Stephen P. – 2013-02-18T23:42:53.173
@StephenP.: He
chown
'd the entire filesystem, not just the public directory to his webserver. @Axel: Can't you only runchown
as root? – Thanatos – 2013-02-23T01:39:15.350