Solved

Resetting Directory Permissions to defaults CentOS

Posted on 2013-01-17
9
591 Views
Last Modified: 2013-01-22
Is it possible to globally reset directory permissions for a server running CentOS?  The problem occurred in efforts to allow ftp to a test server.  While testing the different ways to allow access I accidentally made a change that appears to have change all directories in the root.  I have limited Linux experience so need details on what my options are?  Thanks.
0
Comment
Question by:ws11
  • 3
  • 3
  • 3
9 Comments
 
LVL 31

Expert Comment

by:farzanj
ID: 38788493
Unfortunately the answer is NO.  It is time to get your data from backup.  In a sensible backup, you preserve all permissions, ACLs, SELinux setting, etc.  If you have changed all the permissions and you don't have a backup, well,  if you have a very similar system, you can list the file permissions for each file and try resetting them, or you can reinstall the system but no matter what you do, you have unfortunately a long day ahead of you.
0
 

Author Comment

by:ws11
ID: 38788730
You recommended the following in another post.  What does this do?

df -hT /path/of/directory
ls -ld /path/of/directory
getfacl /path/of/directory
getenforce

Also shouldn't I be able to change setting so I can edit the SELinux config?  I don't seem to be able to do this.
0
 
LVL 31

Expert Comment

by:farzanj
ID: 38788780
df -hT /path/of/directory
To see which partition is  the file located that was creating problem.


ls -ld /path/of/directory
See the directory permissions.  And whether extended permissions are set.

getfacl /path/of/directory
Get ACL settings, to see all the permissions set.

getenforce
To see SELinux enforcing mode.

I wanted to partition because sometimes some partition becomes read only.  You cannot change permission for read only partitions as well.  In other words I am trying to see all possible reasons for this kind of behavior.
0
 
LVL 13

Expert Comment

by:Hugh McCurdy
ID: 38788812
If it's a test server, and if you don't have a backup, what's the harm of reloading?

Also, if what you are doing is running tests, perhaps you might want to think about using virtual machines, such as VMware, where reloading is pretty simple.

My advice here is based on this being a test server and not something like a real server.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 31

Assisted Solution

by:farzanj
farzanj earned 250 total points
ID: 38788847
I think hmccurdy is right.  If it is a test machine you should consider reinstalling since your system files seem to have incorrect permissions and the system appears to be acting up.
0
 

Author Comment

by:ws11
ID: 38789207
I understand and I agree.  I was simply trying to avoid having to do so and hopefully gain more understanding.  As mentioned in the other post chmod -R 777 * was used on the root I believe as well as the SELinux was set as disabled.  I did not know changing to disabled could result in the file system no longer having the correct security context.  I am not sure I understand how to create a flag file. Also do you know anything about the fixfiles relabel command?
0
 
LVL 13

Expert Comment

by:Hugh McCurdy
ID: 38789404
I'll add that 777 would guarantee the FS no longer has the correct security context.

You also said you were new at Linux.  Loading Linux is a good thing to practice.  I've had my Linux Networking students load their systems at least twice and some of them a few more times.
0
 

Author Comment

by:ws11
ID: 38789565
So are you saying that if I could change the SELinux back to original settings that it would not make a difference?
0
 
LVL 13

Accepted Solution

by:
Hugh McCurdy earned 250 total points
ID: 38790119
I would be surprised but I'm not going to say it won't happen since I've never tried messing up my permissions and then seeing if SELINUX would fix them.  You could try it and see.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now