Skip to content

June 2, 2009

1

What to do when you mess up the setuid bit of all the files from root directory?

by Joe Kuan

unixYou can mess up the access mode of a file if you do a ‘chown -R’ or ‘chmod -R’ over the wrong directory. Well, I did!! This will screw up the setuid bit which can lead to permission problem on some essential utilities, such as mount, dhclient, etc.

I need to find another clean machine with the same distribution and run

find / -perm /u+s -printf "%m %p\n" > /tmp/list

This extracts the permission and the whole path of the files

Then transfer the file to the messed up machine and run the following script

awk ' {
            if (! system("ls $2 > /dev/null")) {
              a = sprintf("chmod -c %s %s", $1, $2);
              system(a);
            }
       }' /tmp/list

Everything is fixed.

Here is a list from my Ubuntu 8.04 LTS. Maybe one day someone will need this.

4754 /bin/fusermount
4755 /bin/umount
4755 /bin/su
4755 /bin/ping6
4755 /bin/ping
4755 /bin/mount
6755 /usr/bin/at
4755 /usr/bin/chsh
4755 /usr/bin/arping
4755 /usr/bin/passwd
6755 /usr/bin/X
4755 /usr/bin/sudo
4755 /usr/bin/newgrp
4755 /usr/bin/gpasswd
4755 /usr/bin/mtr
4755 /usr/bin/v4l-conf
4755 /usr/bin/chfn
4755 /usr/bin/sudoedit
4754 /usr/sbin/pppd
6755 /usr/sbin/uuidd
4755 /usr/sbin/exim4
4754 /usr/lib/policykit/polkit-grant-helper-pam
4755 /usr/lib/eject/dmcrypt-get-device
4754 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
4755 /usr/lib/pt_chown
4754 /usr/lib/apache2/suexec
4755 /usr/lib/openssh/ssh-keysign
4754 /lib/dhcp3-client/call-dhclient-script

 

I work for iTrinegy and here are my other technical blogs

Advertisements
Read more from Ubuntu, Unix
1 Comment Post a comment
  1. Aug 2 2010

    I like to add the -c switch for every chmod command, so I can see what is changed.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: