Fixing broken permissions or ownership


People are not perfect, not even the staff here. Perfection is not required to be a sysadmin we found, just some good shell scripts to fix things when you break them accidentally.

One of the more common accidents are chown or chmod ones, especially the ones done as root from / . Its easy to accidentally chown someuser:someuser * and forget you are not /home/someuser but in /, and equally easy to find / -type f -exec xargs chmod 600 or similar (instead of find ./  … ) . Here’s how we fix it.

Since most of our customers run backups (its automated ever week unless you requested disabled them ), you can fix it fairly easily. In fact this will also work if you mounted using sshfs on another server also.

So, first mount the old backup image with (see http://youtu.be/TycDqUQw-mE ) the right permissions, somewhere like /mnt is good . If you do not have backups, but another server same distro and similar files, then use sshfs and mount it.

Now put this in a file on the server; sh fix_perms.sh , or copy paste everything other than the first line into your terminal (but make sure you change the first couple config lines to match your mounts)

#!/bin/bash
ORIGIN="/mnt"
ROOTFS="/"

find ${ORIGIN} | sed s@"${ORIGIN}"@@ | while read FFILE 
do
echo working with "${ORIGIN}${FFILE}"
UIDGID=$(stat -c "%u:%g" "${ORIGIN}${FFILE}")
CHMOD=$(stat -c "%a" "${ORIGIN}${FFILE}")
chown -h ${UIDGID} "${ROOTFS}${FFILE}"
chmod ${CHMOD} "${ROOTFS}${FFILE}"
done

If you want to list the permissions on one server, then copy them to the other without sshfs you can modify it to something similar to this. This should be run on the GOOD server that does NOT need fixing . It outputs the commands to a file that gets copied to the broken one to have run on it.

#!/bin/bash
ORIGIN="/mnt"
ROOTFS="/"

rm -f filepermfix.sh
touch filepermfix.sh

find ${ORIGIN} | sed s@"${ORIGIN}"@@ | while read FFILE 
do
echo working with "${ORIGIN}${FFILE}"
UIDGID=$(stat -c "%u:%g" "${ORIGIN}${FFILE}")
CHMOD=$(stat -c "%a" "${ORIGIN}${FFILE}")
echo chown -h ${UIDGID} "${ROOTFS}${FFILE}" >>filepermfix.sh
echo chmod ${CHMOD} "${ROOTFS}${FFILE}" >>filepermfix.sh
done
echo copy off the filepermfix.sh and run it on the remote machine 'sh filepermfix.sh'

This should also work if you just wanted to clone permissions on branches of code or other similar things for any reason.

If you run Debian and broke packages you can use the following to reinstall them
apt-get install –reinstall –force -y $(dpkg –get-selections | grep install | grep -v deinstall )

Centos has a fix permissions options you can run on all installed software like this
for i in rpm -qa;do rpm –setperms $i;done