Accidently ran "chown www-data:www-data / -R" as root

linux ubuntu root chown

6,656

Solution 1

Most everything in /bin/ should be owned by root:root, so if you run the following you can fix the ownership on those files:

chown root:root -R /bin/

You may also want to make sure the setuid bit is properly set on /bin/su, which you can fix with the following:

chmod 4755 /bin/su

Solution 2

Redhat user:

chown 0:0 /bin/rpm && rpm -qa | xargs rpm --setugids

Debian/Ubuntu user:

chown 0:0 /bin/*  /usr/bin/*
chown daemon:daemon /usr/bin/at
chown 0:utmp /usr/bin/screen
chmod 02755 /usr/bin/screen
chmod u+s /bin/fusermount /bin/mount /bin/su /bin/mount
chmod u+s /usr/bin/sudo /usr/bin/passwd
screen

While screen is running do this at least twice:

dpkg --get-selections | awk '{ if ($2 == "install") print $1}' \
    | xargs apt-get install --reinstall --

Pay very close attention to the output because if it complains about something having the wrong permissions, you should fix it on another screen window.

Crash course in screen:

Control+A     - command key
Control+A a   - emit a control+A
Control+A n   - next "screen"
Control+A c   - create "screen"

Solaris user:

You're fucked.

pkgchk -R / -f -a

will reset all the permissions, but setuid-ness will still be broken. Use a backup, or another solaris machine to look for setuid/setgid scripts and files and fix them up manually.

THE IMPORTANT THING ABOUT BACKUPS

Is that you can recover them, not that you take them.

Other people have given you advice to take backups, but I want to add that you should be testing them. If you're using a unixish system, there is no reason whatsoever that you can't dump the files onto another machine periodically and make sure everything works.

Solution 3

I was going to explain the details of using RPM to reset file permissions, but I've found a site with a lot more information. It does also mention that Ubuntu/Debian (so .debs in general) don't support it.

But in general the option your looking for would be along the lines:

rpm --setugids {packagename}

Solution 4

Be aware that the set-uid flags on any affected binaries may have been removed, too; this is a security feature of chown. Check with some other system which binaries have the set-uid or set-gid flags and be sure to set them on your binaries as well.

Solution 5

If this was a debian system, I'd aptitude reinstall everything.

View more solutions

6,656

Will

Updated on September 17, 2022

Comments

Will almost 2 years

I just ran this a few seconds ago. I managed to do Ctrl - C as soon as I realized what I started doing.

So far the only directory it's started going through is /bin.

I'm afraid to do anything else. So far I realized I can't use su as my normal user anymore.

Luckily I still have another root terminal open. What do I do?
- ta.speot.is over 14 years
  
  Sounds like you got chowned there, buddy.
- Zaid Amir over 14 years
  
  Now you understand the importance of backups. Do it regularly.
- Khushboo Tahir over 12 years
  
  At least he didn't chmod from root. That's a full-on disaster. At least rm -rf from root gives you more disk space and prepares you for a full system reinstall, chmod just leaves a real mess that's pretty hard to recover from by anything besides a complete system reinstall. The grass is brown on both sides of the fence, eh?
Bernd Haug over 14 years

On Ubuntu, it's especially important to do the same with sudo. I don't think that a root password is even set by default? By the way, I'd really recommend actually using sudo instead of root shells. The half-second it takes to type sudo normally stops mistakes like that in the tracks. Just working in a root shell is easier to miss...
elmo over 14 years

paste.ubuntu.com/362468 is a "ls -l /bin" from my Ubuntu 9.10 desktop. While I might not have exactly the same files installed as you, it should at least give you a good hint on which files need special permissions.
David Thornley over 14 years

@Bernd: Although I don't do that much admin work, I have noticed that I sudo fewer dumb things than I do as root. I may never use a root password ever again. (And, no, there is no default root password on Ubuntu, and I don't think there is one on MacOSX.)
Bernd Haug over 14 years

@David: There definitely is no default root password on OS X, and setting one is mostly a mistake, IMO. There's almost always another, better way. The problem is that Macs are not too secure to begin with; I expect to see a lot of 'fun' once they have a larger install base to make RKs, Virii, Botnet clients &c profitable.
fxmtor over 14 years

This is on an ubuntu system, as indicated by the tags. This means that dpkg and .DEBs are used instead of rpm and .RPMs
einstiien over 14 years

FreeBSD User: would never make this kind of mistake ;)
user1686 over 14 years

@einstiien Yep, FreeBSD users go straight to the rm -rf stage.
einstiien over 14 years

@grawity: lol, good one.
9997 almost 14 years

Poor Solaris users :(