From: Villén Pizarro, Julia (jvillen@indra.es)
Date: Tue Jul 23 2002 - 09:27:38 EDT
Hello:
Sorry for the delay. I got a lot of answers, thanks a lot.
The main proposal was to do:
pkgchk -f
Other suggestions were:
"If you had another Sol 7 system it wouldn9t be too hard to write a perl
script to take the ls -lR / output from the good one and parse it out and
reset the perms on the bad one."
"You need to check you umask settings I think."
"I don't know of any way to restore the correct permissions to all files,
but
I'm not sure I'd want to as system security may have been compromised.
Personally, I'd organise a downtime window and reinstall the OS. To quote
a
famous movie "It's the only way to be sure".
"Well, take a look at the /var/sadm/install/contents file. It contains
all perms for all installed 'packages'... You
can create a scipt to either read it and reset the perms or juest
manipulte teh file into a script.
But, this will not catch stuff like /dev, /devices, etc..."
"We have two servers on our network that have been mangled by wellmeaning
(but illinformed) people with root access. What I ended up doing (since
we couldn't take the boxes offline and re-install them), was to go to a
healthy machine, and do a find of all files, create a list of all
permissions (and ownership) of those files and use that as input to a
chmod/chown script (also custom written). That fixed most of the
problems.
Or at least enough of them to allow a reasonable stability of the boxes
in question."
"I had to do this once so I wrote a simple script.
You will need to go to a good system and take a snapshot of the files and
perms,
e.g. ls -lR from / directory, dump the output to a file, make sure that
you only see
filenames, if you need directories to chmod, then you will need to modify
my scrip a
little. Here is the script:
#!/bin/ksh
#
# probably you will need to run this only once.
# will change owner:group of file according to feeded file in format
# owner:group:filename
#
for name in `cat list`
do
tUSER=`echo $name | cut -d : -f1`
tGRP=`echo $name | cut -d : -f2-`
FILE=`echo $name | cut -d : -f3-`
if [ -f $FILE ]; then
# the following line works if echoed but may not work if echo
# is taken out, you can redirect the output to a file and run
# that output file
echo /usr/bin/chown $TUSER:$tGRP $FILE
fi
done
"
Thanks a lot,
Bye
Julia
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:38 EDT