Tuesday, October 9, 2018

linux - Recovering from a system-wide chown?




I have a Linux web server with multiple sites being hosted with CPanel.
I was having trouble accessing a site, so I ran this command:
chown -R root:root /home/evalreal/. While waiting for the command I start seeing a bunch of errors. The errors went something like /home/evalreal/public_html/../virtfs/home/*Other website folders* Could not be accessed



So, I messed something up with my command and applied these owners across a large amount of my /?



My web sites went down until I reset their permissions from a back up. My /tmp directory and /var/lib/mysql directory are both running 777 for the time being. I need to do something similar for whatever is hampering Exim. I can't tell what got changed but since I was root when I ran the command I suspect it's a lot.



Ultimately I need to have the entire system restored from backups right? What if I can't do that for a day or so?


Answer




First, Look on the bright side: At least you HAVE backups.
Many people who wind up in your situation do not, and they get very cranky when we tell them the best thing to do is restore from their (nonexistent) backup...






Ultimately I need to have the entire system restored from backups right?
This is likely to be the most expedient solution (If you can restore just permissions that might be preferable as you won't risk losing any work).



Your other option is to determine what files have been affected and manually reset their ownership. There is somewhat more margin for error here though: The directory tree was walked recursively so you can use find -user root one level above where the chown was rooted to help you sort through the damage.
(This only applies if you stopped the chown -- If it ran through the whole system you're well and truly hosed and backups are your best option.)







What if I can't do that for a day or so?
Then you will be down (or at least impaired) for a day or so.
There are no shortcuts in system administration (well, there are, but not in this case. You need to undo the ownership change you made somehow, either manually or by restoring from backups.)


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...