4

A client has accidentally given the entire filesystem full permissions on their ubuntu 10.04 box.

chmod -R 777 httpdocs/cd /

As you can see they attempted to cd to the root, and instead gave chmod a fun parameter to play with.

First sign of the problem was inability to use 'su', giving an authentication error. sudo also complained of a missing setuid bit. This was fixed by logging in as root from the machine itself, and running chmod +s /usr/bin/sudo.

I can now sudo su and do what I need to as root. su still gives an authentication failure.

I followed the advice here: http://swiss.ubuntuforums.org/showthread.php?t=1180661&page=2

chmod 0755 /
chmod 0755 /*
chmod 1777 /tmp
chmod 0750 /root
chmod 0700 /lost+found

I then tried to reset root password. I still cannot su to become root, or su root.

The system seems to be running fine. Are there any suggestions for getting su to work once again? Where can I look for more problems?

ncatnow
  • 141
  • 1
  • 1
  • 3

3 Answers3

15

I would actually consider doing a full reinstall of the system. Even if you manage to get most permissions right and that things seem to work there will most likely be some special permissions laying around, just waiting to cause trouble.

Alternatively I'd compare the permission with a second, possibly freshly installed, machine. Shouldn't be to hard together with your favorite scripting language.

andol
  • 7,074
3

Wow...it happened to me once too...luckily was a home machine. I solved forcing a reinstall of all packages, so that all permission was set back. It was on debian anyway. I use apt-get install --reinstall $packages in a script that got all packages list. What the syslog or auth say when you try su?

Pier

PiL
  • 1,609
0

Maybe the problem in absence of SUID bit?

Here are the files which should have it:

ip@ip:~$ ls -al /bin | grep rws
-rwsr-xr-x  1 root root  27256 2010-01-28 20:32 fusermount*
-rwsr-xr-x  1 root root  78096 2009-10-23 07:28 mount*
-rwsr-xr-x  1 root root  35600 2009-05-12 00:43 ping*
-rwsr-xr-x  1 root root  31368 2009-05-12 00:43 ping6*
-rwsr-xr-x  1 root root  36864 2009-07-31 16:59 su*
-rwsr-xr-x  1 root root  56616 2009-10-23 07:28 umount*

ip@ip:~$ ls -al /usr/bin | grep rws
-rwsr-xr-x  1 root   root       14640 2009-05-12 00:43 arping*
-rwsr-sr-x  1 daemon daemon     52112 2009-09-16 01:29 at*
-rwsr-xr-x  1 root   root       41864 2009-07-31 16:59 chfn*
-rwsr-xr-x  1 root   root       37128 2009-07-31 16:59 chsh*
-rwsr-xr-x  1 root   root       59752 2009-07-31 16:59 gpasswd*
-rwsr-xr-x  1 root   lpadmin    14256 2010-03-02 17:16 lppasswd*
-rwsr-xr-x  1 root   root       62368 2008-11-05 15:24 mtr*
-rwsr-xr-x  1 root   root       32384 2009-07-31 16:59 newgrp*
-rwsr-xr-x  1 root   root       42856 2009-07-31 16:59 passwd*
-rwsr-xr-x  1 root   root       14880 2009-10-16 14:43 pkexec*
-rwsr-xr-x  2 root   root      143736 2010-04-13 20:31 sudo*
-rwsr-xr-x  2 root   root      143736 2010-04-13 20:31 sudoedit*
-rwsr-xr-x  1 root   root       18848 2009-05-12 00:43 traceroute6.iputils*
-rwsr-sr-x  1 root   root       10536 2009-11-10 12:48 X*

Try to set execution+SUID on all of them (or at least at su) via 

chmod u+xs file

UPD: note that for /usr/bin/at and /usr/bin/X you need to do also 

chmod g+xs
igorp1024
  • 228