Skip to main content

How To Restore Default Permissions Of All Files Under / (ROOT) on Linux

How To Restore Default Permissions Of All Files Under / (ROOT) on Linux



Someone accidentally changed / (ROOT) permission to 777 with following command. I wanted to reset it back to original permissions. This is an OCI system.

# chmod 777 -R /


After that, All files and folders on my server changed to 777 permissions. And I try to reboot my server, I can’t login into my server. It’s shown error:

Failed to start SSH server : Starting sshd:WARNING: UNPROTECTED PRIVATE KEY FILE! Permissions 0775 for '/etc/ssh/ssh_host_key' are too open.



Or if try to switch to login from opc to root user will get below error


[opc@funoracleapps ~]$ sudo su - 

sudo: /etc/sudo.conf is world writable

sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set


Solution


Boot OCI system into Single User Mode, then type 2 commands I was having an OCI system so I created and Serial Connection to connect.


# /bin/mount -o remount,rw /


Now if we validate all files/folder permission would be shown as full






# for p in $(rpm -qa); do rpm --setperms $p; done

# for p in $(rpm -qa); do rpm --setugids $p; done


Above command combination will reset all the permissions to the default permissions. If you get "cannot access" errors that is fine. Nothing to worry.

After Running both the permissions are fixed




Change permission for these

chmod a=rx,u+ws /usr/bin/sudo
chmod u+s /usr/bin/crontab

These are the required permission for ssh config and  host keys to  make ssh login work


# chmod 644 /etc/ssh/ssh_config

# chmod 600 /etc/ssh/sshd_config

# chmod 640 /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key

# chmod 644 /etc/ssh/ssh_host_rsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ed25519_key.pub

If Possible, please run yum update

yum update -y

If you can’t boot into Single User Mode, Let boot from OS installation CD into Rescue Mode make sure that your system mounted into /mnt/sysimage, And type the following command

# chmod 7777 -R /mnt/sysimage/


Note: Permission is 7777 not 777

To change all files and folder to “7777” permission. And reboot your system. After that, You can boot into Single User Mode and type above commands.

Reset default permissions of all files and folders under /home/

Type the following commands

# cd /home/

# for p in $(ll); do chown $p.$p -R /home/$p; done

# find . -type d -print0 | xargs -0 chmod 755

# find . -type f -print0 | xargs -0 chmod 644

# chmod 700 *



Reboot Server and validate.





If you like please follow and comment
Labels:

Comments

Post a Comment

Popular posts from this blog

WebLogic migration to OCI using WDT tool

WebLogic migration to OCI using WDT tool Oracle WebLogic Deploy Tool (WDT) is an open-source project designed to simplify and streamline the management of Oracle WebLogic Server domains. With WDT, you can export configuration and application files from one WebLogic Server domain and import them into another, making it a highly effective tool for tasks like migrating on-premises WebLogic configurations to Oracle Cloud. This blog outlines a detailed step-by-step process for using WDT to migrate WebLogic resources and configurations. Supported WLS versions Why Use WDT for Migration? When moving Oracle WebLogic resources from an on-premises environment to Oracle Cloud (or another WebLogic Server), WDT provides an efficient and reliable approach to: Discover and export domain configurations and application binaries. Create reusable models and archives for deployment in a target domain. Key Pre-Requisites Source System: An Oracle WebLogic Server with pre-configured resources such as: Applica...
Post a Comment
Read more

How to Validate TDE Wallet Password in Oracle Database

How to Validate TDE Wallet Password in Oracle Database Validating the Transparent Data Encryption (TDE) wallet password is crucial, especially when ensuring that the password is correct without using the OPEN or CLOSE commands in the database. This blog post explains a straightforward method to validate the TDE password using the mkstore utility. Steps to Validate TDE Wallet Password Follow these steps to validate the TDE wallet password: Step 1: Copy the Keystore/Wallet File Navigate to your existing TDE wallet directory. Copy only the ewallet.p12 file to a new directory. If a cwallet.sso file exists, do not copy it . The absence of cwallet.sso ensures that the wallet does not use auto-login, forcing the utility to prompt for the password. Step 2: Validate Using mkstore Use the mkstore utility to check the contents of the wallet file. The mkstore utility will prompt you for the TDE wallet password, allowing you to validate its correctness. Command Syntax To display the conten...
Post a Comment
Read more

EBS 12.2 ADOP Interview Questions With Scenarios

EBS 12.2 ADOP Interview Questions With Scenarios Note: Check the patch cycle log is important to fix any issues.  Location: $ADOP_LOG_HOME Useful Adop Commands Click here 1.What is ADOP concept in oracle apps Online patching is the most important new feature in Oracle E-Business Suite Release 12.2. It is the ability to patch a running system without having to take the system down for a significant period of time while the patches are applied. 'adop' is the utility we use to apply patches in R12.2 2.What is PATCH_TOP directory in R12.2 In R12.2 there is a new directory location environment variable called $PATCH_TOP which points to $NE_BASE/EBSapps/patch $NE_BASE points to <Non-Editioned-filesystem-directory> Download the patch into the patch top directory and unzip it. This is the default location where the adop will look for patch files. If you are planning to put patches in non-defualt location then you need to use adop parameter 'patchtop=<patch_path>' to...
Post a Comment
Read more