Ownership of etc folder is changed how to restore it using commandline?
Solution 1
Doing:
sudo chown -R root.root /etc
on the commandline will set /etc
and everything underneath to owner root
and group root
However on my system (Ubuntu 12.04) not everything under /etc
is in group root
. The following list might help (generated with sudo find /etc ! -gid 0 -ls | cut -c 29-
):
root dovecot 5348 Apr 8 2012 /etc/dovecot/dovecot-sql.conf.ext
root dovecot 782 Apr 8 2012 /etc/dovecot/dovecot-dict-sql.conf.ext
root dovecot 410 Apr 8 2012 /etc/dovecot/dovecot-db.conf.ext
root shadow 2009 Dec 23 16:10 /etc/shadow
root lp 4096 Mar 12 19:38 /etc/cups
root lp 540 Mar 12 19:38 /etc/cups/subscriptions.conf
root lp 108 Sep 1 2012 /etc/cups/classes.conf
root lp 4096 Oct 8 2012 /etc/cups/ppd
root lp 2751 Mar 12 07:38 /etc/cups/printers.conf
root lp 2751 Mar 11 21:06 /etc/cups/printers.conf.O
root lp 108 Jun 6 2012 /etc/cups/classes.conf.O
root lp 540 Mar 12 19:24 /etc/cups/subscriptions.conf.O
root lp 4096 Mar 28 2012 /etc/cups/ssl
root sasl 12288 Jun 6 2012 /etc/sasldb2
root daemon 144 Oct 25 2011 /etc/at.deny
root dialout 66 Oct 31 2012 /etc/wvdial.conf
root lightdm 0 Apr 21 2012 /etc/mtab.fuselock
root shadow 981 Feb 19 23:38 /etc/gshadow
root dovecot 1306 Jun 6 2012 /etc/ssl/certs/dovecot.pem
root ssl-cert 4096 Jun 6 2012 /etc/ssl/private
root dovecot 1704 Jun 6 2012 /etc/ssl/private/dovecot.pem
root ssl-cert 1704 Apr 21 2012 /etc/ssl/private/ssl-cert-snakeoil.key
root fuse 216 Oct 18 2011 /etc/fuse.conf
root dip 4096 Oct 31 2012 /etc/ppp/peers
root dip 1093 Mar 28 2012 /etc/ppp/peers/provider
root dip 4096 Mar 28 2012 /etc/chatscripts
root dip 656 Mar 28 2012 /etc/chatscripts/provider
Solution 2
Since you can modify /etc/passwd
, you can remove password verification on the root account. Edit /etc/passwd
and change the line
root:x:0:0:root:/root:/bin/sh
to
root::0:0:root:/root:/bin/sh
(i.e. the second colon-separated field must be empty). Now you can run su
and become root without typing a password. (I think this works on Ubuntu, but if empty passwords are disabled, you can put aaxSuH/.jTvGs
in the second field instead and use the password changeme
.)
Repair the permissions by running
cd /etc
chown -R root:root /etc
chgrp shadow shadow gshadow
and a whole bunch more chgrp
commands — Anthon's list is a good start.
Once you've done that, check on another terminal that you can use sudo
normally.
Then change root's password back to being disabled or the one in /etc/shadow
: edit /etc/password
and put x
(or *
) as the second field.
Finally, send a nasty email to Walesa and tell him not to pull such stunts anymore. It's the equivalent of closing your eyes and throwing a knife in the air hoping that it'll fall down just right to cure your hangnail.
Solution 3
Thanks to Anthon's answer above login problem was solved:
I found an old kubuntu 12.04 alternate CD, entered rescue shell, where
sudo chown -R root.root /etc
could be run. Then we could log in and everything seemed perfect
But sudo did not work with this error:
/etc/sudoers is world writable
no valid sudoers sources found, quitting...
unable to initialise policy plug-in
I seached the errors and found this thread, in which this command:
pkexec visudo
weirdly solved sudo probelm, the error /etc/sudoers is world writable
persisting (but not interfering). wierdly because I think I did not change anything manually (or if so, I tried to avoid saving).
Then in the same thread, these:
chmod u=rwx,g=rx,o=rx /etc/sudoers.d/
chmod u=r,g=r,o= /etc/sudoers.d/*
removed sudo's persisting error. Still there may be issues (probably not serious).
Solution 4
I just changed all of my files in /etc to user:user then changed them back to root:root once they're changed, you have to change your user to superuser : su
then provide your credentials for the superuser account.
once you're the superuser, just run chown -R root:root /etc
and you're back
Related videos on Youtube
Minimus Heximus
Updated on September 18, 2022Comments
-
Minimus Heximus over 1 year
I have a computer with Ubuntu 13.10 installed. The user (say
Walesa
) has changed the ownership ofetc
folder and all its subfolders fromroot
toWelesa
using a privileged file manager. Assudo
was disabled, he rebooted hoping it will be re-enabled again. But security does not allow log-in after entering username and password saying "owner of etc/profile is not root".But a commandline login with
I have no name!@Walesa
is possible. Is there a way to restore ownership ofetc
and all its subfolders toroot
using this commandline? -
Minimus Heximus about 10 yearsbut
sudo
is disabled with this error:etc/sudoers is owned by uid 1000 should be 0
. -
derobert about 10 years@MinimusHeximus rebooting with
single
on your kernel command line (edit it in grub) might get you a root shell. If not, you can tryinit=/bin/bash
on the kernel line instead. Note that later method will leave you with no init scripts run, so you'll have to mount filesystems (etc.) yourself. -
Anthon about 10 years@MinimusHeximus see my answer here unix.stackexchange.com/a/119393/33055 to get into single user mode as root, from there you should be able to change the permissions with the command in my answer.
-
Eric about 10 yearscan you just use
su
? get root priviliges then use the command from this answer without sudo?