Bluhalo IT

A problem I experianced recently was one of my users accidently ran the following command, as root, on a live server:

chown www:www /.* -R

Note the “/.” rather than the “./”. This has the rather unfortunate consequence of changing the ownership of the entire drive to www:www (our apache user).

After a bit of panicking (this was a live server after all!) I found RPM has a very underdocumented feature called “fixperms”. If you look for the man page for this, all you get is:

rpm {–setperms|–setugids} PACKAGE_NAME …

With some quick testing on a local box I found what this command does is read through an RPM and fix the permissions on the files it would have generated. Using the command rpm -qa you can list all installed packages. A little bit of creativity later and…

for i in $(rpm -qa);

do

rpm –setperms $i;

done

for i in $(rpm -qa);

do

rpm –setugids $i;

done

These 2 commands will go through the list of installed packages and reperform the task originaly done at instalation of setting the owner, group and permissions on each file.Unfortunatly there is no equivelant command for dpkg based systems such as Debian or Ubuntu, our OS of choice at Bluhalo.