How To Restore Default Permissions Of All Files Under / (ROOT) on Linux



Someone accidentally changed / (ROOT) permission to 777 with following command. I wanted to reset it back to original permissions. This is an OCI system.

# chmod 777 -R /


After that, All files and folders on my server changed to 777 permissions. And I try to reboot my server, I can’t login into my server. It’s shown error:

Failed to start SSH server : Starting sshd:WARNING: UNPROTECTED PRIVATE KEY FILE! Permissions 0775 for '/etc/ssh/ssh_host_key' are too open.



Or if try to switch to login from opc to root user will get below error


[opc@funoracleapps ~]$ sudo su - 

sudo: /etc/sudo.conf is world writable

sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set


Solution


Boot OCI system into Single User Mode, then type 2 commands I was having an OCI system so I created and Serial Connection to connect.


# /bin/mount -o remount,rw /


Now if we validate all files/folder permission would be shown as full






# for p in $(rpm -qa); do rpm --setperms $p; done

# for p in $(rpm -qa); do rpm --setugids $p; done


Above command combination will reset all the permissions to the default permissions. If you get "cannot access" errors that is fine. Nothing to worry.

After Running both the permissions are fixed




Change permission for these

chmod a=rx,u+ws /usr/bin/sudo
chmod u+s /usr/bin/crontab

These are the required permission for ssh config and  host keys to  make ssh login work


# chmod 644 /etc/ssh/ssh_config

# chmod 600 /etc/ssh/sshd_config

# chmod 640 /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key

# chmod 644 /etc/ssh/ssh_host_rsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ed25519_key.pub

If Possible, please run yum update

yum update -y

If you can’t boot into Single User Mode, Let boot from OS installation CD into Rescue Mode make sure that your system mounted into /mnt/sysimage, And type the following command

# chmod 7777 -R /mnt/sysimage/


Note: Permission is 7777 not 777

To change all files and folder to “7777” permission. And reboot your system. After that, You can boot into Single User Mode and type above commands.

Reset default permissions of all files and folders under /home/

Type the following commands

# cd /home/

# for p in $(ll); do chown $p.$p -R /home/$p; done

# find . -type d -print0 | xargs -0 chmod 755

# find . -type f -print0 | xargs -0 chmod 644

# chmod 700 *



Reboot Server and validate.





If you like please follow and comment