Hi all
Many thanks to the very quick and helpful respondents.
"Dr. Tom Blinn, 603-884-0646" <tpb_at_doctor.zk3.dec.com>
Chris Ruhnke/St Louis/IBM <ruhnke_at_us.ibm.com>
Frank Wortner <frank_at_bondnet.com>
"Lavelle, Bryan" <Bryan.Lavelle_at_compaq.com>
"Davis, Alan" <Davis_at_tessco.com>
James Sainsbury <sainsb_j_at_chem.usyd.edu.au>
Wagner, Ronald P" <ronald.p.wagner_at_lmco.com>
Peter.Stern_at_weizmann.ac.il
"Bochnik, William J" <BochnikWJ_at_bernstein.com>
Richard Westlake <r.westlake_at_mail.cryst.bbk.ac.uk>
Nikola Milutinovic <Nikola.Milutinovic_at_ev.co.yu>
Lars Bro <Lars.Bro_at_gnnettest.com>
Joerg Bruehe <joerg_at_sql.de>
"Tschermernig, Dieter" <dieter.tschermernig_at_joanneum.ac.at>
i am happy to say my problem is mostly fixed at this point! i got two,
well three, basic types of answers:
fverify
some sort of script in conjunction with the backup
shoot my advisor / other bad advisor stories / have him clean up mess
i have gone with a two part solution. first, an fverify use as perscribed
by Dr. Tom Blinn (as well as others, i just got his email first). he
suggested runing it in conjunction with a listing of the lock files in
/usr/.smdb.
this would look specifically at installed software, as opposed to a
default listing. the man pages on fverify are pretty clear, so those
needing it should have no problem using it. the things i find worth
mentioning are that it does check checksums which will change on some
files (like passwd) and if you use a -p flag fverify will not think of
these as errors. it can be run interactively or with a -y for non
interactive runs.
as i also have a set of locally specific software in /usr/local i am also
hoping to use the script method in conjunction with a backup. as many
people suggested, i can use a recursive script to check permissions and
then issue a chmod command. i am hoping to modify some already offered
existant script on this matter so as to not reinvent the wheel.
also, James Sainsbury suggested that if i use tripwire then the permission
would also be stored in that database. i do not, but for those that do,
it is probably valuable info.
Alan Davis suggested that if i log a call with the unix expert team they
will send a script called allverify that will eliminate spurrious error
messages on patched files. i did not feel this worth my time at this
point as i could handle the spurrious messages - altho knowing there would
be some was helpful and reassuring when they came up. i believe it is the
script sent to me by Wagner, Ronald P" <ronald.p.wagner_at_lmco.com>.
the bottom line - fverify good, advisor bad, write scripts very carefully.
thanks!
ciao
claudia
****************** initial message ************************************
hi all
due to some problems with permissions in a shared directory space i wrote
a script to change permissions to a+rw in that directory. one of the
users su'd in and tried to run it and did so in / the problem is, the
program changes permissions recursively so many subdirectories are now
messed up. i tried to make some manual comparisons and changes but this
would take hours - maybe days. i have backup that is ~2 months old. it
would certainly work over a reinstall or many other things, but i wonder
what other solutions are out there. i guess my questions are then:
1) is there anything i can do to fix the permission in the
necessary directories?
/, /usr and sub dirs: /etc, /dev, /opt, /shlib, /tcb
/etc, /proc, /subsys, /usr, /mdec, /sbin, /sys
2) if i have to restore from dumps what is the best method for
doing this? i presume it will involve a system disk and a reboot.
any help/advice would be greatly appreciated!
ciao
claudia
aside: before anyone yells at someone having root passwds, he is my
advisor in grad school. his arguments are that they are his $%%^&
computers and he had better _at_#%% have the passwd. i am not sure it was
him, but i see no other alternative.
Received on Mon Nov 20 2000 - 15:40:11 NZDT