Unix root directory owner wrong AIX 5.3


 
Thread Tools Search this Thread
Operating Systems AIX Unix root directory owner wrong AIX 5.3
# 1  
Old 12-08-2011
Unix root directory owner wrong AIX 5.3

The a chown was done and instead of using ./ a / was used and root ownership files got changed.

I need to change the ownership of the files/directory back - backups are not working and I am concerned a reboot will not be successful.

Can anyone provide the ownership of these files/directories or direct me to where I can find what the default ownership of root and subdir should be?
Below is an ls of the /

Code:
drwxr-xr-x  25 root     system         4096 Dec  5 01:12 .
drwxr-xr-x  25 root     system         4096 Dec  5 01:12 ..
drwxrwxr-x   3 root     system          256 Dec 21 2006  .SPOT
-rw-------   1 root     system         7260 Apr 11 2007  .sh_history
lrwxrwxrwx   1 root     system           20 May 11 2007  .udlibs71 -> /app/ud71/lib/uddlls
lrwxrwxrwx   1 root     system           20 Jul 14 2010  .udlibs72 -> /app/ud72/lib/uddlls
-r--r--r--   1 root     staff            20 Jul 14 2010  .unishared
-rw-------   1 root     system           74 Apr 11 2007  .vi_history
drwxr-xr-x   2 root     system         4096 Mar  7 2008  TT_DB
drwxr-xr-x  10 root     system         4096 May 27 2009  aixmaint
drwxrwxr-x  20 datatel  usr            4096 Apr 18 2011  app
drwxr-x---   2 root     audit           256 Dec 21 2006  audit
-rwxr-x---   1 root     system           25 Dec 17 2007  autobackup
lrwxrwxrwx   1 bin      bin               8 Dec 21 2006  bin -> /usr/bin
-rw-rw----   1 root     system         1323 Dec  4 03:03 bosinst.data
drwxrwx---   2 root     system          256 Sep 10 2007  cdrom
drwxrwxr-x   5 root     system         8192 Dec  8 00:00 dev
drwxr-xr-x  27 root     system         8192 Dec  5 01:15 etc
drwx------   3 root     system         4096 Dec  2 09:59 hlp
drwxr-xr-x   9 datatel  bin            4096 Mar 27 2009  home
-rw-rw----   1 root     system        10544 Dec  4 03:03 image.data
lrwxrwxrwx   1 bin      bin               8 Dec 21 2006  lib -> /usr/lib
drwx------   2 datatel  system          256 Dec 21 2006  lost+found
drwxr-xr-x 139 bin      bin            8192 Mar 31 2009  lpp
drwxr-xr-x   3 root     system          256 Dec 21 2006  mfg
drwxr-xr-x   5 root     system          256 Jun 13 2010  mkcd
drwxr-xr-x   2 bin      bin             256 Dec 21 2006  mnt
drwxr-xr-x  11 root     system         4096 Apr 11 2007  opt
dr-xr-xr-x   1 root     system            0 Dec  8 09:33 proc
drwxrwx---   2 root     system          256 Aug 27 2007  restore
drwxr-xr-x   3 bin      bin             256 Oct 29 2008  sbin
-rw-r--r--   1 root     system          700 Apr 11 2007  smit.log
-rw-r--r--   1 root     system          159 Apr 11 2007  smit.script
-rw-r--r--   1 root     system          307 Apr 11 2007  smit.transaction
drwxrwxr-x   2 root     system          256 Dec 21 2006  tftpboot
drwxrwxrwt  11 datatel  system        20480 Dec  8 09:33 tmp
lrwxrwxrwx   1 bin      bin               5 Dec 21 2006  u -> /home
lrwxrwxrwx   1 root     system           21 Dec 21 2006  unix -> /usr/lib/boot/unix_64
drwxrwxrwx  43 bin      bin            4096 Jul 14 2010  usr
drwxr-xr-x  27 datatel  bin            4096 Mar  6 2008  var
ksh: 1167506 Quit(coredump)

Thank you

Last edited by Scott; 12-08-2011 at 10:55 AM.. Reason: Please use code tags
# 2  
Old 12-09-2011
Code:
ksh: 1167506 Quit(coredump)

Is this showing up since the accident happened?
Was the chown recursive?
If this is the case and you don't get a solution, I'd recommend to take the permissions from a fresh installed box that hasn't been modified. Else, if possible you might want to backup your box's data and reinstall it, or restore a mksysb if possible.

If it is just the root directory and you don't get an answer; I can post a listing on monday.

Last edited by zaxxon; 12-09-2011 at 03:03 AM.. Reason: rephrasing
This User Gave Thanks to zaxxon For This Post:
# 3  
Old 12-09-2011
On my only remaining 5.3 box at TL08 I got this:
Code:
/home/root # cd /
/ # ls -l
total 23132
drwxr-x---    2 root     audit           256 18 Dec 2008  audit
lrwxrwxrwx    1 bin      bin               8 18 Mar 2010  bin -> /usr/bin
-rw-r--r--    1 root     system         6067 08 Aug 18:09 bosinst.data
drwxrwxr-x    8 4000     4000           2048 28 Apr 2008  cdrom
-rw-r--r--    1 root     system     13393920 05 Jun 2009  core
drwxr-xr-x    2 root     system          256 19 Jun 2009  db2bkups_new
drwxrwxr-x    5 root     system         8192 08 Dec 18:16 dev
drwxr-xr-x    6 root     system          256 28 May 2009  .dt
-rwxr-xr-x    1 root     system         3970 28 May 2009  .dtprofile
drwxr-xr-x   15 esaadmin system         4096 18 Dec 2008  esa
drwxr-xr-x   28 root     system        12288 08 Dec 18:16 etc
drwxr-xr-x   14 bin      bin            4096 12 Apr 2011  home
-rw-r--r--    1 root     system        10505 08 Aug 18:09 image.data
lrwxrwxrwx    1 bin      bin               8 18 Mar 2010  lib -> /usr/lib
drwx------    2 root     system          256 18 Mar 2010  lost+found
drwxr-xr-x  153 bin      bin           12288 04 Jul 12:17 lpp
drwxr-xr-x    2 root     system          256 19 Jun 2009  lv00_fs
drwxr-xr-x    3 root     system          256 26 Jan 2009  mkcd
drwxr-xr-x    3 bin      bin             256 27 Sep 23:51 mnt
drwxr-xr-x   13 root     system         4096 18 Mar 2010  opt
dr-xr-xr-x    1 root     system            0 08 Dec 18:17 proc
-rw-r--r--    1 root     system           36 18 Dec 2008  .rhosts
drwxr-xr-x    3 bin      bin             256 18 Dec 2008  sbin
-rw-------    1 root     system         1360 29 May 2009  .sh_history
drwxrwxr-x    3 root     system          256 18 Dec 2008  .SPOT
drwxrwxr-x    2 root     system          256 18 Dec 2008  tftpboot
drwxrwxrwt   15 bin      bin            8192 08 Dec 18:16 tmp
drwxr-xr-x    2 root     system         4096 29 May 2009  TT_DB
lrwxrwxrwx    1 bin      bin               5 18 Mar 2010  u -> /home
lrwxrwxrwx    1 root     system           21 18 Mar 2010  unix -> /usr/lib/boot/unix_64
drwxr-xr-x   43 bin      bin            4096 18 Mar 2010  usr
drwxr-xr-x   30 bin      bin            4096 26 Oct 2010  var
-rw-rw-r--    1 root     system            3 28 May 2009  .wmrc
-rw-------    1 root     system          123 28 May 2009  .Xauthority

HTH
This User Gave Thanks to dukessd For This Post:
# 4  
Old 12-09-2011
What was your current directory and what EXACT command did you execute?
What user were you at the time? If it was "root", please tell us.

If you have command history enabled, please retrieve the EXACT command.


(Sorry to shout).


What is you backup status?

Ps. The tail end of your post is "ksh: 1167506 Quit(coredump)". This is ominous. Please be prepared for a full system restore from last good backup. In the meantime DO NOT LOG OUT until you have gathered all the information you need.


Quote:
The a chown was done and instead of using ./ a / was used and root ownership files got changed.
Sorry to be overcritical but this is just too vague (but I get the gist that a chown command was typed for the root directory when it should have been relative to the current directory). What was actually typed and what was the current directory at the time? Were you logged in as "root"?

Last edited by methyl; 12-09-2011 at 10:24 PM.. Reason: Layout, content, typos. Stress "do not log out".
This User Gave Thanks to methyl For This Post:
# 5  
Old 12-09-2011
Right, comparing with dukessd's useful post we can see that the owner "datatel" has appeared in spike1's directory list for some directories which should be owned by user "root". Directories with 777 permissions are irrelevant. The problem here looks like /var.

The big question remains. What EXACT command was typed, in what current directory and by which user?
This might be reversible (but don't hold your breath).

I'm in UK time. If this runs through the night in UK, please can someone pick up the thread.

Last edited by methyl; 12-09-2011 at 10:52 PM.. Reason: typos and more typos
This User Gave Thanks to methyl For This Post:
# 6  
Old 12-12-2011
Exact command

I was in a data directory (not a system directory) when I typed the command:
I was in /app/datatel/coll18/coll18_live/apphome
when I typed
Code:
chown -R / datatel

when I should have typed
Code:
chown -R ./ datatel

I was attempting to change owner under the apphome directory but with my syntax error I changed the owner under root. I stopped the command before it completely disrupted the system.

I was able to set a number of the ownerships back to what I am think they should be and the system is running, rebooting, and getting backups.

Most of the damage was done under the var directory ALSO the /home ownership is still in question. Should it be root?

Thank you for posting some responses!

---------- Post updated at 09:55 AM ---------- Previous update was at 09:51 AM ----------
Code:
ksh: 1167506 Quit(coredump)

I cannot say definetly is this is showing up since the chown command - I believe so.

I am not the Unix Administrator so I usually do not take not of these system files.

thanks


Moderator's Comments:
Mod Comment Please use code tags!


---------- Post updated at 10:11 AM ---------- Previous update was at 09:55 AM ----------

I apoligize... I am new to this forum:

The exact command I typed when I was in
Code:
pwd
/app/datatel/coll18/coll18_live/apphome/

was
Code:
find . -name "*" | xargs chown datatel

When I should have typed
[code]
find ./ -name "*" | xargs chown datatel

The list was too long to chown using a recurrsive so I used the xargs.

My previous post of
Code:
chown -R datatel

was incorrect. That was the command I had entered prior to using the xargs.

I do not have the history.

I did not log off or reboot until I was sure I was able to log in. As mentioned earlier I had issues with the /home directory. Root user could not log in.

I was able to go to the security directory and change the profile file to redirect roots home directory to / instead of /home/root and then I was able to log in.

I am now trying to confirm the ownership of the files I have changed.

Thank you to all that have been responding.

---------- Post updated at 10:13 AM ---------- Previous update was at 10:11 AM ----------

Yes, I was root at the time I executed this command

---------- Post updated at 10:14 AM ---------- Previous update was at 10:13 AM ----------

Quote:
Originally Posted by dukessd
On my only remaining 5.3 box at TL08 I got this:
Code:
/home/root # cd /
/ # ls -l
total 23132
drwxr-x---    2 root     audit           256 18 Dec 2008  audit
lrwxrwxrwx    1 bin      bin               8 18 Mar 2010  bin -> /usr/bin
-rw-r--r--    1 root     system         6067 08 Aug 18:09 bosinst.data
drwxrwxr-x    8 4000     4000           2048 28 Apr 2008  cdrom
-rw-r--r--    1 root     system     13393920 05 Jun 2009  core
drwxr-xr-x    2 root     system          256 19 Jun 2009  db2bkups_new
drwxrwxr-x    5 root     system         8192 08 Dec 18:16 dev
drwxr-xr-x    6 root     system          256 28 May 2009  .dt
-rwxr-xr-x    1 root     system         3970 28 May 2009  .dtprofile
drwxr-xr-x   15 esaadmin system         4096 18 Dec 2008  esa
drwxr-xr-x   28 root     system        12288 08 Dec 18:16 etc
drwxr-xr-x   14 bin      bin            4096 12 Apr 2011  home
-rw-r--r--    1 root     system        10505 08 Aug 18:09 image.data
lrwxrwxrwx    1 bin      bin               8 18 Mar 2010  lib -> /usr/lib
drwx------    2 root     system          256 18 Mar 2010  lost+found
drwxr-xr-x  153 bin      bin           12288 04 Jul 12:17 lpp
drwxr-xr-x    2 root     system          256 19 Jun 2009  lv00_fs
drwxr-xr-x    3 root     system          256 26 Jan 2009  mkcd
drwxr-xr-x    3 bin      bin             256 27 Sep 23:51 mnt
drwxr-xr-x   13 root     system         4096 18 Mar 2010  opt
dr-xr-xr-x    1 root     system            0 08 Dec 18:17 proc
-rw-r--r--    1 root     system           36 18 Dec 2008  .rhosts
drwxr-xr-x    3 bin      bin             256 18 Dec 2008  sbin
-rw-------    1 root     system         1360 29 May 2009  .sh_history
drwxrwxr-x    3 root     system          256 18 Dec 2008  .SPOT
drwxrwxr-x    2 root     system          256 18 Dec 2008  tftpboot
drwxrwxrwt   15 bin      bin            8192 08 Dec 18:16 tmp
drwxr-xr-x    2 root     system         4096 29 May 2009  TT_DB
lrwxrwxrwx    1 bin      bin               5 18 Mar 2010  u -> /home
lrwxrwxrwx    1 root     system           21 18 Mar 2010  unix -> /usr/lib/boot/unix_64
drwxr-xr-x   43 bin      bin            4096 18 Mar 2010  usr
drwxr-xr-x   30 bin      bin            4096 26 Oct 2010  var
-rw-rw-r--    1 root     system            3 28 May 2009  .wmrc
-rw-------    1 root     system          123 28 May 2009  .Xauthority

HTH
Thank you for posting the listing. I will use it to compare to what I have changed the ownership to.

---------- Post updated at 10:34 AM ---------- Previous update was at 10:14 AM ----------

thank you dukessd for posting the listing.
I compared the ownership to the what I changed the ownership back to in the root directory.

I based a number of the ownership based on the group that was set on the file (because I had not changed these or the permissions).

DUKESSD listing for home directory has an owner of bin.
I changed my home directory owner to bin and this caused complete chaos. Users were kicked off the system (at that point the system was still functioning) and the root user could not log in. Certain commands would hang for example
Code:
ls -al

would cause the system to hang but
Code:
ls -l

would work.

I could not do a
Code:
pwd

Once I changed the
Code:
/etc/passwd

entry for the home directory of root to be
Code:
/

I was able to log in as root and I changed the permission back to user datatel on the home file only because when it was user datatel we would log in and process command.

I an now concerned about having to change the owner back to bin on the home directory.
Code:
teamaix(root): /etc -> more passwd
root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:

I also added user datatel to system groups trying to increase privileges in case I the root user could not log in.
Code:
teamaix(root): /etc -> more group
system:!:0:root,hlp,ezadmin,udmsmgr,udms,datatel,uiusers,dmiadmin
staff:!:1:ipsec,sshd,datatel,staftp,stfftp,uiusers,dmiadmin
bin:!:2:root,bin,datatel,uiusers,dmiadmin
sys:!:3:root,bin,sys,datatel
adm:!:4:bin,adm,ezadmin,datatel
uucp:!:5:uucp,nuucp
mail:!:6:
security:!:7:root
cron:!:8:root
printq:!:9:lp
audit:!:10:root
ecs:!:28:
nobody:!:4294967294:nobody,lpd

Could there be some other reason that changing the home directory owner to bin caused such problems?

Last edited by zaxxon; 12-12-2011 at 10:56 AM.. Reason: code tags, see PM
# 7  
Old 12-12-2011
The home directory for the root account must be on the root filesystem. Your issue was probably that /home was not mounted when you wanted to log in as root in single user. Nowadays the home directory for root is usually /root .

Providing that directory /home has permissions 755 I don't think it matters who owns it. It would normally be root.

Suggest you run a "find" from root and check every file or directory still owned by user "datatel".

e.g.
Code:
find // -follow -user "datatel" -print | while read filename
do
         ls -lad "${filename}"
done

This User Gave Thanks to methyl For This Post:
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

UNIX command to display Owner,Group,Root and Subdirectories list

Hi Team, Am a newbie to Unix. As I would like to see the Server Name,Owner Name ( not numeric form), Group Name ( not numeric ID), ROOT path. I would like to send this list as an attachment to my personal mail. Can any one please help me out to to resolve this . Here is the sample result... (6 Replies)
Discussion started by: vasuvv
6 Replies

2. AIX

How to set owner and permission for files/directory in directory in this case?

Hi. My example: I have a filesystem /log. Everyday, log files are copied to /log. I'd like to set owner and permission for files and directories in /log like that chown -R log_adm /log/* chmod -R 544 /log/*It's OK, but just at that time. When a new log file or new directory is created in /log,... (8 Replies)
Discussion started by: bobochacha29
8 Replies

3. UNIX for Dummies Questions & Answers

Creating a file where the owner and group is not root

Hi, I'm the root user on my computer, but I'm writing a script that does a lot of file handling. Every time I create a file or directory it automatically requires root privileges. Is there a way I can just create a file that the user can access without a password? For example in my script I... (20 Replies)
Discussion started by: jdilts
20 Replies

4. Solaris

Changing file/directory owner

Hi , I want to change owner of files or folder from 23186 to dsadm, Present ------- -rw-r--r-- 1 23186 gdstage 10240 Oct 31 2007 BLTRS drwxrwxrwx 3 23186 gdstage 512 Sep 1 2010 sql Required as ----------- -rw-r--r-- 1 dsadm gdstage 10240 Oct 31 2007 BLTRS drwxrwxrwx 3 dsadm gdstage... (6 Replies)
Discussion started by: sridhardwh
6 Replies

5. OS X (Apple)

Logic of owner of directory or file

Would the owner as listed , be the one who made the directory in the first place. when any one could use chown in a script. I do not know where this directory came form or who made it. And am attempting to just find out more info on it. what could i use to find its origins and its why does it... (3 Replies)
Discussion started by: cowLips
3 Replies

6. UNIX for Dummies Questions & Answers

How to display only Owner and directory/sub directory names under particular root

hai, I am new to Unix, I have a requirement to display owner name , directory or sub directory name, who's owner name is not equal to "oasitqtc". (here "oasitqtc" is the owner of the directory or sub directory.) i have a command (below) which will display all folders and sub folders, but i... (6 Replies)
Discussion started by: gagan4599
6 Replies

7. UNIX for Advanced & Expert Users

How UNIX admin set up this? how files of 744 of other owner can be removed by another owner?

Hi all, We have some files are under 744 permissions and the the owner is say owner1 and group1. Now we have another user owner2 of group2, owner2 can remove files of the owner1 and the permission of those files are 744, unix admin told us he did some config at his side so we can do that. ... (14 Replies)
Discussion started by: TheGunMan
14 Replies

8. UNIX for Dummies Questions & Answers

how to find a path within unix root directory

I need to know whether nyfile/mypath exists on the file system in the root directory. How to do this (1 Reply)
Discussion started by: ramky79
1 Replies

9. Shell Programming and Scripting

determine owner directory permissions from within the directory

From within a directory, how do I determine whether I have write permission for it. test -w pwd ; echo ? This doesn't work as it returns false, even though I have write permission. (4 Replies)
Discussion started by: Sniper Pixie
4 Replies

10. Cybersecurity

root owner of daemons?

Hi all, what happens if i have a service running as root? if it is exploited what would happen? can a hacker actually becomes a hacker and screw up my whole box? thanks (1 Reply)
Discussion started by: xNYx
1 Replies
Login or Register to Ask a Question