2

I'm trying to find out the default ownership & permissions for my ubuntu install. I'm also trying to figure out whether the wrong-headed granted of file ownership to the user robert to system files is an irrecoverable error. Is it too complicated to try to undo what I have done for my system and just reinstall?

First, some background. I think I made the wrong command when I was trying to change the permissions on a 2nd ext4 drive which formerly had ubuntu installed on it. I must have inadvertently made changes to my current / directory without realizing it. Symptoms of the problem is that I no longer have sudo access on my current system. 

robert@robert-KJ379AA-ABA-a6400f:/$ sudo ls -al
sudo: /etc/sudoers is owned by uid 1000, should be 0
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

I see that "robert" now owns all the files inside /etc: Examples: 

drwxr-xr-x   3 robert root    4096 Apr  9 12:27 firefox
drwxr-xr-x   4 robert root    4096 Aug 23  2012 fonts
drwxr-xr-x   3 robert root    4096 Aug 23  2012 foomatic
-rw-r--r--   1 robert root     766 Apr 11 12:39 fstab
-rw-r--r--   1 robert root     664 Apr  9 11:26 fstab~
drwxr-xr-x   2 robert root    4096 Mar 29  2012 fstab.d
-rw-r--r--   1 robert root     664 Apr 11 12:36 fstab.original
-rw-r-----   1 robert fuse     216 Oct 18  2011 fuse.conf
-rw-r--r--   1 robert root    3343 Apr 19  2012 gai.conf
drwxr-xr-x   5 robert root    4096 Aug 23  2012 gconf

Here are the permissions and ownership for the / directory 

drwxr-xr-x  25 root   root    4096 May  5 15:26 .
drwxr-xr-x  25 root   root    4096 May  5 15:26 ..
drwxr-xr-x   2 robert root    4096 Apr 10 22:55 bin
drwxr-xr-x   3 robert root    4096 May  5 15:26 boot
drwxr-xr-x   2 robert root    4096 Apr  9 11:30 cdrom
drwxr-xr-x  15 root   root    4560 May  5 17:28 dev
drwxr-xr-x 150 robert root   12288 May  5 17:45 etc
drwxr-xr-x   3 robert root    4096 Apr  9 11:37 home
lrwxrwxrwx   1 robert root      33 May  5 15:26 initrd.img -> /boot/initrd.img-3.2.0-41-generic
lrwxrwxrwx   1 robert root      33 Apr  9 12:26 initrd.img.old -> /boot/initrd.img-3.2.0-40-generic
drwxr-xr-x  22 robert root    4096 Apr 24 16:58 lib
drwxr-xr-x   2 robert root    4096 Apr 24 16:58 lib64
drwx------   2 robert root   16384 Apr  9 11:26 lost+found
drwxr-xr-x   5 root   root    4096 May  5 17:28 media
drwxr-xr-x   2 root   root    4096 Apr 19  2012 mnt
drwxr-xr-x   2 root   root    4096 Aug 23  2012 opt
dr-xr-xr-x 198 root   root       0 May  5 12:26 proc
drwx------   8 root   root    4096 Apr 17 02:11 root
drwxr-xr-x  23 root   root     820 May  5 17:43 run
drwxr-xr-x   2 root   root    4096 Apr 24 16:58 sbin
drwxr-xr-x   2 root   root    4096 Mar  5  2012 selinux
drwxr-xr-x   2 root   root    4096 Aug 23  2012 srv
drwxr-xr-x  13 root   root       0 May  5 12:27 sys
drwxrwxrwt  10 root   root    4096 May  5 19:37 tmp
drwxr-xr-x  10 root   root    4096 Aug 23  2012 usr
drwxr-xr-x  14 root   root    4096 May  5 17:26 var
lrwxrwxrwx   1 root   root      29 May  5 15:26 vmlinuz -> boot/vmlinuz-3.2.0-41-generic
lrwxrwxrwx   1 root   root      29 Apr  9 12:26 vmlinuz.old -> boot/vmlinuz-3.2.0-40-generic
drwxrwxr--   1 robert robert  4096 Apr  9 01:37 windows1

Can anyone confirm that "robert" must not own any of these directories just below root? Is there anything here to suggest that the problem may be easy to recover from? If yes, do you have any advice or resources for how to fix this? Thanks.

Zanna
  • 70,465
idiotprogrammer
  • 213
  • update: I see that /bin, /etc and /boot are entirely owned by robert. But /usr, /sbin and lots of other things seem owned by root as they probably normally should. I don't care about /home directory, but I do want to make sure that basic linux commands and system updates and daemons are able to work properly. I would appreciate anyone who can explain generally which directories must have root ownership. Thanks. – idiotprogrammer May 06 '13 at 01:48

4 Answers4

2

To make root owner of everything in /etc:

sudo chown root:root -R /etc

You will need to boot a live cd and run

sudo chown root:root -R /media/$USER/*/etc

You will need to open the folder in the file browser to mount the disk

Zanna
  • 70,465
GM-Script-Writer-62850
  • 2,127
  • 17
  • 12
  • Thanks. I think I can do a recovery via LiveCD. What I don't understand is 1)whether the file ownership issue is only for /etc and 2)which directories must have the owner to be root and whether all files in a directory should be owned by root. For example, it seems odd that /bin and /boot are owned by robert. – idiotprogrammer May 06 '13 at 01:28
  • 1
    /etc seems to have a few exceptions: http://pastebin.com/Af9xhqjU that is from my system – GM-Script-Writer-62850 May 06 '13 at 01:34
  • (I think I ran chown on /home during a separate occasion for a different reason, and I am not worried about /home for now). – idiotprogrammer May 06 '13 at 01:35
  • edited link in last post – GM-Script-Writer-62850 May 06 '13 at 01:36
  • 2
    You need to be careful with this. /etc will have some files owned by other system "users". – coteyr May 06 '13 at 05:05
  • I chose this as the correct answer because it solved my immediate problem. (I changed some files in your paste bin to the appropriate group as well). (I did not run the second command -- sudo chown root:root -R /media/$USER/*/etc -- frankly because I wasn't sure what it was doing and I had already mounted / in read/write mode. However, I am still a little unsure whether ownership of some of my top directories are still screwy... – idiotprogrammer May 07 '13 at 05:42
  • I should add that I did run the single line command to reinstall packages, so that may have solved the problem with application packages -- if there were any.... – idiotprogrammer May 07 '13 at 05:42
2

Run below command:

pkexec chown root:root -R /etc

Now write your password.

Braiam
  • 67,791
  • 32
  • 179
  • 269
Bhavin_Darji
  • 43
  • 2
    As Florian Diesch pointed out in another comment: As some files need to belong to users or groups other than root this may even cause more problems. Don't do it. – guntbert Nov 29 '13 at 20:31
  • Actually I did it and did not have any issues with it. – Bhavin_Darji Aug 27 '15 at 06:41
1

Your best bet is to re-install all packages and let that fix your permissions for you. This will take some time, but it's the only way to fix everything. 

sudo apt-get --reinstall install $(dpkg --get-selections | grep install | grep -v deinstall | cut -f1)

You can see more about this on this site, including some fixes for common problems with running that command.

Keep in mind you will want to reboot as soon as the command finishes or weird things will (or at least could) happen with different versions of libraries.

Zanna
  • 70,465
coteyr
  • 18,288
  • Fascinating idea. assuming that I can sudo from the boot disk, I will definitely try this out. But first, I'm backing up my data....Will post update later. – idiotprogrammer May 06 '13 at 06:05
  • Just wondering. After I restore sudo, can I run this command while logged on to the window manager? Also, how long does it take to reinstall everything? – idiotprogrammer May 07 '13 at 04:37
  • Update: after I restored sudo, I was able to run this command fairly easily via terminal in unity. It took 10 minutes or so. Everything appears to work normally, but I am a little worried that it did not entirely fix permissions with the system directories. But everything seems working so far, (I think). – idiotprogrammer May 07 '13 at 05:39
  • root 357 0.0 0.0 4804 820 ? S 22:21 0:00 mount -n -t davfs -o _netdev,rw,user https://dav.otixo.com home/mike/dav root 358 0.0 0.0 9660 1656 ? S 22:21 0:00 /sbin/mount.davfs https://dav.otixo.com home/mike/dav -n -o rw noexec nosuid nodev user _netdev – coteyr May 07 '13 at 16:28
  • There is your problem. Do not exit X with stuff mounted like that. Specially if network manager is crashing. Instead, unmount first then try to restart. To test commont out the lines in fstab that are causing that to mount. – coteyr May 07 '13 at 16:29
0

Well just run these commands

pkexec apt-get install sudo

then

pkexec chmod 0440 /etc/sudoers.d/README

And that's it

Zanna
  • 70,465
Ahmad
  • 101