-1

My fingers decided to betray me and press the enter key a moment too soon, and I have managed to run chmod -R 777 / across a whole drive. I have no physical access to the device.

I do however, still have a connected session where I am root and a clone-ish (minus web content) server which I guess I could probably dump permissions from i.e

./var/www/htdocs/ckeditor/plugins/link/images/hidpi:
total 12
drwxrwxrwx 2 user user 4096 Aug 27 20:43 .
drwxrwxrwx 3 user user 4096 Aug 27 20:43 ..
-rwxrwxrwx 1 user user 1597 Sep  6 20:51 anchor.png

./var/www/htdocs/ckeditor/plugins/liststyle:
total 12
drwxrwxrwx  3 user user 4096 Aug 27 20:40 .
drwxrwxrwx 32 user user 4096 Aug 27 20:41 ..
drwxrwxrwx  2 user user 4096 Aug 27 20:40 dialogs

./var/www/htdocs/ckeditor/plugins/liststyle/dialogs:
total 12
drwxrwxrwx 2 user user 4096 Aug 27 20:40 .
drwxrwxrwx 3 user user 4096 Aug 27 20:40 ..
-rwxrwxrwx 1 user user 2939 Sep  6 20:48 liststyle.js

Is there any way to utilize these two facts to undo the damage? Is it possible to build a script to harvest that data and use it to set permissions?

halfer
  • 19,824
  • 17
  • 99
  • 186
William Dunne
  • 21
  • 4
  • Fixing permissions of the packaged files might be doable with the packaging tools. I know rpm has flags that can do that at least. Fixing permissions on your custom (web content) files is going to be the hard part since there's nothing (short of backups or copies) that can assert what the permissions are supposed to be. – Etan Reisner Oct 03 '14 at 01:26
  • I'm not too worried about the web content as I can fix that fairly easily as I have a backup of 99% of it. – William Dunne Oct 03 '14 at 01:27
  • I am voting this up not because I have a solution, but because this is a textbook case about why you 1,000,000% never use `chmod 777` for anything. Now can I ask: Is it possible for you to rebuild the server from scratch? Or you say you have a clone, restore from that? But past that, sorry but I have no other real advice. – Giacomo1968 Oct 03 '14 at 01:30
  • Fair comment. Well, the issue you see is that I have a clone of a webserver setup identically just with different site files. And yes, you are right. Although I think in this case the issue was more the inclusion of / and -R in the same line. Anyhow, I think a bash script that would convert the output of ls -la -R on my "clone" into a script that would duplicate the permissions would be ideal – William Dunne Oct 03 '14 at 01:32
  • 1
    This belongs on unix.stackexchange.com, it's not a programming question. – Barmar Oct 03 '14 at 01:38
  • @WilliamDunne “Anyhow, I think a bash script that would convert the output of ls -la -R on my "clone" into a script that would duplicate the permissions would be ideal.” Great idea! Do you want us to code something from scratch for someone who has root access to a machine yet trashed it with `chmod 777`? Sorry for the snark, but seriously. – Giacomo1968 Oct 03 '14 at 01:48
  • Someone below already did it Jake ;) yes, I know I'm beyond stupid for that one. Although I didn't actually intend to run that command.. – William Dunne Oct 03 '14 at 01:50

1 Answers1

1

On the good server, dump the file permissions for non-symlinks on the disk filesystem:

$ find / -xdev \! -type l -printf 'chmod %#m %p\n'
...
chmod 0755 /bin/cp 
...
chmod 0600 /etc/iscsi/iscsid.conf 
...
chmod 0744 /lib/modules/2.6.32-431.el6.x86_64/kernel/drivers/video/backlight/progear_bl.ko 
...
chmod 0644 /usr/lib64/perl5/auto/POSIX/stat.al 
...

Copy and paste the output into your open root session on the messed-up server.

Then go install ZFS for Linux and start taking regular snapshots :P

andrewdotn
  • 32,721
  • 10
  • 101
  • 130