ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Fixing Mass Permissions Issue

    IT Discussion
    linux permissions chmod
    6
    15
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      thanksajdotcom
      last edited by

      Saw this and had to share. So let's troubleshoot. Besides murdering that person, how would you fix this (after fixing the user so they don't reproduce)?
      upload-82da5077-363e-46a4-8385-11173782dc13

      1 Reply Last reply Reply Quote 0
      • T
        thanksajdotcom
        last edited by

        As far as I know, outside of a reinstall, I don't think you can restore permissions to the system after something like that. Time to lock down su or root.

        1 Reply Last reply Reply Quote 0
        • T
          thanksajdotcom
          last edited by

          Or at least change the password, after firing this guy.

          1 Reply Last reply Reply Quote 0
          • C
            coliver
            last edited by

            Did they have a backup?

            T 1 Reply Last reply Reply Quote 0
            • T
              thanksajdotcom @coliver
              last edited by

              @coliver said:

              Did they have a backup?

              No clue. You know what I know, which is what that post shows.

              1 Reply Last reply Reply Quote 0
              • C
                coliver
                last edited by

                I think this would be hard if they didn't have a backup. Would auditd be able to tell what the permissions were changed from?

                1 Reply Last reply Reply Quote 1
                • S
                  scottalanmiller
                  last edited by

                  Pretty much a backup is required. This is a blanket change to every file on the system. Each one needs to be rolled back to previously unknown states. You can pretty much guess at this if you are good and are willing to invest the time in a high level UNIX admin to guess at ti, test files and have end users testing constantly to see if you are getting it right.

                  Pretty much, this simply means that you are restoring everything.

                  T G 2 Replies Last reply Reply Quote 0
                  • T
                    thanksajdotcom @scottalanmiller
                    last edited by

                    @scottalanmiller said:

                    Pretty much a backup is required. This is a blanket change to every file on the system. Each one needs to be rolled back to previously unknown states. You can pretty much guess at this if you are good and are willing to invest the time in a high level UNIX admin to guess at ti, test files and have end users testing constantly to see if you are getting it right.

                    Pretty much, this simply means that you are restoring everything.

                    That's what I figured too.

                    1 Reply Last reply Reply Quote 0
                    • G
                      gjacobse @scottalanmiller
                      last edited by

                      @scottalanmiller
                      Never really thought about it but it makes sense. Not to mention the amount of time needed to go file by file.. it's not practical. If they don't have a backup,... sucks to be them.

                      T S 2 Replies Last reply Reply Quote 2
                      • T
                        thanksajdotcom @gjacobse
                        last edited by

                        @g.jacobse said:

                        @scottalanmiller
                        Never really thought about it but it makes sense. Not to mention the amount of time needed to go file by file.. it's not practical. If they don't have a backup,... sucks to be them.

                        If they have no backup, time to rebuild the machine, physical or VM, and restore any databases, etc. Other than that, not much I can think to do.

                        S 1 Reply Last reply Reply Quote 0
                        • S
                          scottalanmiller @gjacobse
                          last edited by

                          @g.jacobse said:

                          @scottalanmiller
                          Never really thought about it but it makes sense. Not to mention the amount of time needed to go file by file.. it's not practical. If they don't have a backup,... sucks to be them.

                          Pretty much. It's pretty bad.

                          1 Reply Last reply Reply Quote 0
                          • S
                            scottalanmiller @thanksajdotcom
                            last edited by

                            @thanksaj said:

                            If they have no backup....

                            They need to rethink why they have computers at all.

                            T 1 Reply Last reply Reply Quote 1
                            • T
                              thanksajdotcom @scottalanmiller
                              last edited by

                              @scottalanmiller said:

                              @thanksaj said:

                              If they have no backup....

                              They need to rethink why they have computers at all.

                              True that.

                              1 Reply Last reply Reply Quote 0
                              • A
                                Ambarishrh
                                last edited by

                                We had something like this once on a wordpress installation, when the user changed permission on the whole site folder, and used a script which is still available in the internet, which scans and fixes the whole directory when you give the WP owner and group usernames. We still have the scripts saved on all our servers, just to do a quick permission fix to avoid a mass restore and re deploy the site.

                                1 Reply Last reply Reply Quote 0
                                • R
                                  Reid Cooper
                                  last edited by

                                  I don't see much hope other than starting over in a case like this. It's more or less the same as doing the infamous rm -rf / except far better because at least you can take a final backup and recover, file by file, anything specific that you need.

                                  1 Reply Last reply Reply Quote 0
                                  • 1 / 1
                                  • First post
                                    Last post