| View previous topic :: View next topic |
| Author |
Message |
ryanknut
n00b
Joined: 21 Dec 2021
Posts: 10
|
 Posted: Mon Dec 26, 2022 7:55 pm Post subject: /root/ permissions somehow messed up |
 |
|
I'm not sure how I did it, but some of my permissions on a fairly-newly installed /root/.config/ are out of whack:
| Code: |
-rw-r--r-- 1 root root 141211 Dec 26 02:37 .config
|
For reference here's what that folder looks like on my Gentoo server:
| Code: |
drwxr-xr-x 1 root root 162 Nov 28 17:23 .config
|
I'm not sure how this happened but I did just enable ACLS in the kernel. Was that the thing to do it maybe?
From a quick glance `.config` is the only directory that's been messed up, the other ones look just fine. Only one that differs is /root/.ssh/ – here are the permissions on that directory from both boxes:
| Code: |
BROKEN ~ # ls -la .ssh
total 8
drwx------ 1 root root 52 Dec 25 18:39 .
drwx------ 1 root root 228 Dec 26 13:40 ..
-rw------- 1 root root 936 Dec 26 05:24 known_hosts
-rw-r--r-- 1 root root 95 Dec 25 18:38 known_hosts.old
GOOD ~ # ls -la .ssh
total 12
drwxr-xr-x 1 root root 82 Oct 30 22:00 .
drwx------ 1 root root 582 Dec 26 13:34 ..
-rw------- 1 root root 605 Oct 30 22:00 authorized_keys
-rw------- 1 root root 2717 May 12 2022 known_hosts
-rw------- 1 root root 2146 Apr 14 2022 known_hosts.old
|
I'm also wondering the best way to fix this is as I don't want to break things any further. Will a simple chroot chmod fix it? |
|
| Back to top |
|
 |
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21586
|
| Posted: Mon Dec 26, 2022 9:09 pm Post subject: Re: /root/ permissions somehow messed up |
|
|
| ryanknut wrote: | For reference here's what that folder looks like on my Gentoo server: | Code: | | drwxr-xr-x 1 root root 162 Nov 28 17:23 .config |
|
Granting search permission on directories is fairly typical, so yes, the "bad" system does look wrong. (Edit: however, as I failed to notice, but others have subsequently pointed out, your "bad" entry is actually a file, not a directory, so lacking +x is not wrong there.) However, it is not unreasonable for ~/.config not to exist at all. What tool did you run that created it? | ryanknut wrote: | | I'm not sure how this happened but I did just enable ACLS in the kernel. Was that the thing to do it maybe? |
No. The kernel would not change the mode bits on a directory. | ryanknut wrote: | | From a quick glance `.config` |
These forums do not use Markdown. | ryanknut wrote: | Only one that differs is /root/.ssh/ – here are the permissions on that directory from both boxes: | Code: | BROKEN ~ # ls -la .ssh
total 8
drwx------ 1 root root 52 Dec 25 18:39 .
drwx------ 1 root root 228 Dec 26 13:40 ..
GOOD ~ # ls -la .ssh
total 12
drwxr-xr-x 1 root root 82 Oct 30 22:00 .
drwx------ 1 root root 582 Dec 26 13:34 .. |
|
Since the parent directory is mode 700 on both, the group/other permissions on .ssh are largely irrelevant. Personally, I would use mode 700 on .ssh on principle, since it is very rare that any other user would have business reading any files in that directory. | ryanknut wrote: | | I'm also wondering the best way to fix this is as I don't want to break things any further. Will a simple chroot chmod fix it? |
chmod can fix this without a chroot.
[Edit: added note acknowledging that the problem is not directory without x versus directory with x, but file versus directory.]
Last edited by Hu on Wed Dec 28, 2022 1:14 pm; edited 1 time in total |
|
| Back to top |
|
|
Goverp
Veteran
Joined: 07 Mar 2007
Posts: 1992
|
| Posted: Tue Dec 27, 2022 11:11 am Post subject: Re: /root/ permissions somehow messed up |
|
|
| ryanknut wrote: | I'm not sure how I did it, but some of my permissions on a fairly-newly installed /root/.config/ are out of whack:
| Code: |
-rw-r--r-- 1 root root 141211 Dec 26 02:37 .config
|
For reference here's what that folder looks like on my Gentoo server:
| Code: |
drwxr-xr-x 1 root root 162 Nov 28 17:23 .config
|
...
I'm also wondering the best way to fix this is as I don't want to break things any further. Will a simple chroot chmod fix it? |
I doubt it. The first .config is a file, at a guess it's a kernel configuration or similar resulting from running some make process in ~root rather than some application subdirectory. The second is a directory, possibly the result of running a desktop environment as root (generally considered a bad idea), but maybe not.
might be enlightening; otherwise
_________________
Greybeard |
|
| Back to top |
|
|
freke
l33t
Joined: 23 Jan 2003
Posts: 974
Location: Somewhere in Denmark
|
| Posted: Tue Dec 27, 2022 7:01 pm Post subject: Re: /root/ permissions somehow messed up |
|
|
| Goverp wrote: | The first .config is a file, at a guess it's a kernel configuration or similar resulting from running some make process in ~root rather than some application subdirectory. The second is a directory, possibly the result of running a desktop environment as root (generally considered a bad idea), but maybe not.
might be enlightening; otherwise
|
On my headless server I have /root/.config/ | Code: | ns ~/.config # ls -la
total 24K
drwx------ 6 root root 4.0K Aug 23 21:03 .
drwx------ 6 root root 4.0K Dec 27 19:57 ..
drwx------ 3 root root 4.0K Feb 15 2020 borg
drwx------ 2 root root 4.0K Mar 26 2022 htop
drwxr-xr-x 2 root root 4.0K Aug 23 21:03 neofetch
drwx------ 2 root root 4.0K Feb 13 2020 procps |
I agree that the 'broken one' seems to be a file though (size of about 130kB seems about right for a kernel-config file, too?) - versus a directory on the 'good one' (though I don't like the 755 permission on that - should be 700 IMHO)
I see that neofetch creates world-readable directory + config-file, too - I wonder if it should really do that? |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3129
|
| Posted: Tue Dec 27, 2022 11:29 pm Post subject: |
|
|
What do you consider broken there?
Like in: Do you actually have any issues due to broken permissions, or are you simply experiencing fear of darkness?
| Code: | -rw-r--r-- 1 root root 141211 Dec 26 02:37 .config
drwxr-xr-x 1 root root 162 Nov 28 17:23 .config
|
The former one is a file, the latter is a directory. Notice presence or absence of d flag at the beginning.
x has a different meaning for those 2, in case of a file it allows direct execution of the code inside. so most files don't have it. In case of a directory allows entering it, so the vast majority of directories have it.
Either way, exceptions from the rule are not necessarily broken. Some files should be executable, and some directories should not be entered. That's why it's a flag and not a hard-coded behaviour.
.ssh is a bit of a special case, sshd checks a bunch of permissions to help you e.g. avoid exposing your private key to other users. #notallfiles though.
It is also a bit weird that a .config directory exists inside /root, it's GUI programs that tend to use it and those usually should not be used with root privileges, so I wonder what created it in your case. Weird as it is, it's not necessarily a problem either. I guess htop does make some sense...
| Quote: | | I'm also wondering the best way to fix this is as I don't want to break things any further. Will a simple chroot chmod fix it? |
Yes, chmod.
On a condition it is a problem that actually requires fixing. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Other Things Gentoo
