ws11
asked on
Resetting Directory Permissions to defaults CentOS
Is it possible to globally reset directory permissions for a server running CentOS? The problem occurred in efforts to allow ftp to a test server. While testing the different ways to allow access I accidentally made a change that appears to have change all directories in the root. I have limited Linux experience so need details on what my options are? Thanks.
farzanj
Unfortunately the answer is NO. It is time to get your data from backup. In a sensible backup, you preserve all permissions, ACLs, SELinux setting, etc. If you have changed all the permissions and you don't have a backup, well, if you have a very similar system, you can list the file permissions for each file and try resetting them, or you can reinstall the system but no matter what you do, you have unfortunately a long day ahead of you.
ASKER
You recommended the following in another post. What does this do?
df -hT /path/of/directory
ls -ld /path/of/directory
getfacl /path/of/directory
getenforce
Also shouldn't I be able to change setting so I can edit the SELinux config? I don't seem to be able to do this.
df -hT /path/of/directory
ls -ld /path/of/directory
getfacl /path/of/directory
getenforce
Also shouldn't I be able to change setting so I can edit the SELinux config? I don't seem to be able to do this.
df -hT /path/of/directory
To see which partition is the file located that was creating problem.
ls -ld /path/of/directory
See the directory permissions. And whether extended permissions are set.
getfacl /path/of/directory
Get ACL settings, to see all the permissions set.
getenforce
To see SELinux enforcing mode.
I wanted to partition because sometimes some partition becomes read only. You cannot change permission for read only partitions as well. In other words I am trying to see all possible reasons for this kind of behavior.
To see which partition is the file located that was creating problem.
ls -ld /path/of/directory
See the directory permissions. And whether extended permissions are set.
getfacl /path/of/directory
Get ACL settings, to see all the permissions set.
getenforce
To see SELinux enforcing mode.
I wanted to partition because sometimes some partition becomes read only. You cannot change permission for read only partitions as well. In other words I am trying to see all possible reasons for this kind of behavior.
If it's a test server, and if you don't have a backup, what's the harm of reloading?
Also, if what you are doing is running tests, perhaps you might want to think about using virtual machines, such as VMware, where reloading is pretty simple.
My advice here is based on this being a test server and not something like a real server.
Also, if what you are doing is running tests, perhaps you might want to think about using virtual machines, such as VMware, where reloading is pretty simple.
My advice here is based on this being a test server and not something like a real server.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I understand and I agree. I was simply trying to avoid having to do so and hopefully gain more understanding. As mentioned in the other post chmod -R 777 * was used on the root I believe as well as the SELinux was set as disabled. I did not know changing to disabled could result in the file system no longer having the correct security context. I am not sure I understand how to create a flag file. Also do you know anything about the fixfiles relabel command?
I'll add that 777 would guarantee the FS no longer has the correct security context.
You also said you were new at Linux. Loading Linux is a good thing to practice. I've had my Linux Networking students load their systems at least twice and some of them a few more times.
You also said you were new at Linux. Loading Linux is a good thing to practice. I've had my Linux Networking students load their systems at least twice and some of them a few more times.
ASKER
So are you saying that if I could change the SELinux back to original settings that it would not make a difference?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.