Re: [ilugd] Ubuntu sudo command problem
On Sat, Aug 11, 2012 at 9:22 AM, Naresh Narang nknar...@yahoo.com wrote: -- Okay.. just to ask, Can you please tell me what actually happened to my system when i changed the permission of /etc directory? Why my system done into an inconsistent state? While as much theory i have read during my engineering about OSs, i hadn't done anything special/severe in that.. -- In short - you $@:ed up an experimental system. No big deal. Lesson learnt. Reinstall the whole damn thing and you're back in business. --Naresh Yes.. i am back in business now..:) @Raj Sir, I have not committed any crime :P.. I have a red hat background and writing apache files was very easy in that if you are logged in as root. In ubuntu it was creating a problem for me and that's why without searching about that i just changed to whole directory permission B-) ... And thanks to all of you for telling this valuable information. -- Regards RAKESH KUMAR http://raakeshkumar.wordpress.com ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
On Sat, Aug 11, 2012 at 12:45 AM, Aman Thakur aman.thakur.1...@gmail.com wrote: But Balvinder, i think that shows the heights of thinking of different users. So, i think this could be a good example for all linux users who are teaching linux or learning linux. Take it positively :) While we are on the topic of teaching/ learning; I would suggest: 1. Trim your quotations to the relevant portion the message - more so when you reply to a digest. 2. Avoid top posting - inline comments/rebuttal to specific portions of the text is more helpful. There are plenty of examples in this list. . snip entire digest quotation . -- Arun Khan ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
On Sat, Aug 11, 2012 at 11:36 AM, Raakesh kumar kumar3...@gmail.com wrote: Yes.. i am back in business now..:) That's great but in your place I would have saved a snapshot of the system for analysis. I tend to do this when I cannot resolve a problem and in the interest of time I need to move on. In all the dialog I have not yet seen your answer as to what exactly you did to get in this hole (except for the mention of sudo nautilus in your OP). @Raj Sir, I have not committed any crime :P.. I have a red hat background On your system, OK not a crime. On a client's system it would be negligence at best (depends in the client's mood). I I (as a client) would mighty upset if the system had custom configurations and you were unable to restore them back. (hint backup, backup, backup) and writing apache files was very easy in that if you are logged in as root. In ubuntu it was creating a problem for me and that's why without searching about that i just changed to whole directory permission B-) ... You have already learnt a lesson the hard way. In *ubuntu, when you have to make a lot of changes the sudo xyz can be annoying [1] but you can do 'sudo su - ' which will give you the root access - do your stuff and remember to exit out of the root shell when you are done. [1] I have heard of *ubuntu users doing 'sudo ls' even when they are in the home directory! -- Arun Khan As a layman, I would say we have it, but as a scientist I have to say, 'What do we have?' Rolf Heuer, Director General CERN on the announcement of the Higgs Boson particle. ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
[...] On Sat, Aug 11, 2012 at 8:31 PM, Arun Khan knu...@gmail.com wrote: On Sat, Aug 11, 2012 at 11:36 AM, Raakesh kumar kumar3...@gmail.com wrote: That's great but in your place I would have saved a snapshot of the system for analysis. I tend to do this when I cannot resolve a problem and in the interest of time I need to move on. In all the dialog I have not yet seen your answer as to what exactly you did to get in this hole (except for the mention of sudo nautilus in your OP). [/...] Yes.. I should have saved something for future analysis. Actually i ran the command sudo nautilus and then i went to /etc directory and changed ownership from root to rakesh and then changed the permission of the directory and it's sub directories also as read and write... Then when i faced the problem in running my apache server and database servers, i tried to undo all those thing by again typing sudo nautilus, but it was too late then. Then i rebooted my system and tried to go in rescue mode but rescue mode was also not working.(Perhaps because i had changed the ownership also). Then i posted my query here and after looking at the types of comment i got, i formatted my system after taking all the data backup. [...] On your system, OK not a crime. On a client's system it would be negligence at best (depends in the client's mood). I I (as a client) would mighty upset if the system had custom configurations and you were unable to restore them back. (hint backup, backup, backup) [/...] I got your point. Thank you for highlighting this scenario. [...] You have already learnt a lesson the hard way. In *ubuntu, when you have to make a lot of changes the sudo xyz can be annoying [1] but you can do 'sudo su - ' which will give you the root access - do your stuff and remember to exit out of the root shell when you are done. [/...] Ok... :) -- Regards RAKESH KUMAR http://raakeshkumar.wordpress.com ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
Raju Mathur said on Fri, Aug 10, 2012 at 09:02:00AM +0530,: Can somebody help me to get my system back as it was earlier.. Or is there any way to restore my system back? 1. Get a list of permissions of critical files in /etc/ from the 'net, a friend's machine, wherever. If this is a simple desktop, the easier way out would be a reinstall. joke 2. Boot into root. I won't tell you how, there are enough pointers on Will moving #5 above this help?? /J Would rephrase as get into rescue mode, and (re)mount / with rw permissions. That is, assuming Ubuntu boot loader has a rescue option, which I believe it ought to have. -- Mahesh T. Pai || Man's most judicious trait, is a good sense of what not to believe. --Euripides ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
But Balvinder, i think that shows the heights of thinking of different users. So, i think this could be a good example for all linux users who are teaching linux or learning linux. Take it positively :) On Sat, Aug 11, 2012 at 12:30 AM, ilugd-requ...@lists.linux-delhi.orgwrote: Send Ilugd mailing list submissions to ilugd@lists.linux-delhi.org To subscribe or unsubscribe via the World Wide Web, visit http://frodo.hserus.net/mailman/listinfo/ilugd or, via email, send a message with subject or body 'help' to ilugd-requ...@lists.linux-delhi.org You can reach the person managing the list at ilugd-ow...@lists.linux-delhi.org When replying, please edit your Subject line so it is more specific than Re: Contents of Ilugd digest... Today's Topics: 1. Ubuntu sudo command problem (Raakesh kumar) 2. Re: Ubuntu sudo command problem (Balwinder S Dheeman) 3. ILUG-D activity in last 7 days (nkap...@webrachna.com) 4. Re: Ubuntu sudo command problem (Raj Mathur ( ??? =?utf-8?b?IOCkruCkvuCkpeClgeCksA==?=)) 5. Re: Ubuntu sudo command problem (Mahesh T. Pai) -- Message: 1 Date: Fri, 10 Aug 2012 02:09:16 +0530 From: Raakesh kumar kumar3...@gmail.com To: The Linux-Delhi mailing list il...@frodo.hserus.net Subject: [ilugd] Ubuntu sudo command problem Message-ID: CAEid6wHJVy1Dwo2io52ff9-AXapH-co-= rukqfawquoxyhm...@mail.gmail.com Content-Type: text/plain; charset=ISO-8859-1 Hi All, Today i changed the permission of my /etc directory and it's sub directories and files using sudo nautilus. And now my everything including servers and all have stopped working. When i type sudo anywhere to use it shows an error as - sudo: /etc/sudoers is mode 0446, should be 0440 sudo: no valid sudoers sources found, quitting sudo: unable to initialize policy plugin Can somebody help me to get my system back as it was earlier.. Or is there any way to restore my system back? Thanks in advance... -- Regards RAKESH KUMAR -- Message: 2 Date: Fri, 10 Aug 2012 04:37:53 +0530 From: Balwinder S Dheeman bdhee...@gmail.com To: ilugd@lists.linux-delhi.org Subject: Re: [ilugd] Ubuntu sudo command problem Message-ID: 502442c9.1030...@gmail.com Content-Type: text/plain; charset=UTF-8; format=flowed On 08/10/2012 02:09 AM, Raakesh kumar wrote: Today i changed the permission of my /etc directory and it's sub directories and files using sudo nautilus. And now my everything including servers and all have stopped working. That's the most worst change any newbie like you can do. You should know what you're doing particularly when fiddling with the system files and, or directories. When i type sudo anywhere to use it shows an error as - sudo: /etc/sudoers is mode 0446, should be 0440 sudo: no valid sudoers sources found, quitting sudo: unable to initialize policy plugin Can somebody help me to get my system back as it was earlier.. Or is there any way to restore my system back? You did not tell what was the exact command or what indeed you typed, hence all I can do is just guess or provide you a hint. Try booting your system with a live/rescue CD/DVD and executing the following: $ sudo mount /dev/partition /mnt $ sudo chmod -R o-w /mnt/etc Substitute the partition with root partition of your Ubuntu installation. WARNING: The above is also as dangerous as was your attempt to make your system unusable. NOTE: All directories in your /etc including /etc should/can be 0555 or 0755 and the files 0444 or 644, but some sensitive directories and, or files containing passwords or serious things should/must not even be readable by others i.e. these directories should/must be 0550 or 0750 and files 0440 or 0640. Reboot your system; hope that helps. -- Balwinder S bdheeman Dheeman (http://werc.homelinux.net/contact/) -- Message: 3 Date: Fri, 10 Aug 2012 08:10:02 +0530 From: nkap...@webrachna.com To: ilugd@lists.linux-delhi.org Subject: [ilugd] ILUG-D activity in last 7 days Message-ID: 201208100240.q7a2e2j7032...@images.kandalaya.org Content-Type: text/plain; charset=us-ascii Fri 10-Aug-2012: ILUG-D activity in last 7 days: = New/recent events: 0 Total events: 83 = New Discussion forum postings: 0 Total postings: 1143 = New News items: 0 Total News items: 378 = New Resources: 0 Total Resources: 0 = New comments: 0Total comments: 260 = New pictures: 0Total pictures: 231
Re: [ilugd] Ubuntu sudo command problem
On Friday 10 Aug 2012, Mahesh T. Pai wrote: Raju Mathur said on Fri, Aug 10, 2012 at 09:02:00AM +0530,: 2. Boot into root. I won't tell you how, there are enough pointers on Will moving #5 above this help? Sure, my principles are for sale, but only if the bid amount is appropriate! Trivial compensations like half your kingdom and your daughter's hand in marriage won't do the trick for this one. Would rephrase as get into rescue mode, and (re)mount / with rw permissions. That is, assuming Ubuntu boot loader has a rescue option, which I believe it ought to have. Do machines install with rescue by default? I'd have thought you need some install CD -- most distributions' install CDs seem to have a rescue mode option. Booting into root is faster if you know what you're doing. If you don't, rescue sounds like a better option. Regards, -- Raj -- Raj Mathur || r...@kandalaya.org || GPG: http://otheronepercent.blogspot.com || http://kandalaya.org || CC68 It is the mind that moves || http://schizoid.in || D17F ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
On 8/11/12, Raj Mathur (राज माथुर) r...@linux-delhi.org wrote: On Friday 10 Aug 2012, Mahesh T. Pai wrote: Raju Mathur said on Fri, Aug 10, 2012 at 09:02:00AM +0530,: 2. Boot into root. I won't tell you how, there are enough pointers on Will moving #5 above this help? Sure, my principles are for sale, but only if the bid amount is appropriate! Trivial compensations like half your kingdom and your daughter's hand in marriage won't do the trick for this one. Would rephrase as get into rescue mode, and (re)mount / with rw permissions. That is, assuming Ubuntu boot loader has a rescue option, which I believe it ought to have. Do machines install with rescue by default? I'd have thought you need some install CD -- most distributions' install CDs seem to have a rescue mode option. Booting into root is faster if you know what you're doing. If you don't, rescue sounds like a better option. Regards, -- Raj -- Raj Mathur || r...@kandalaya.org || GPG: http://otheronepercent.blogspot.com || http://kandalaya.org || CC68 It is the mind that moves || http://schizoid.in || D17F ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Thank you all, I have reinstalled ubuntu again as going in recovery mode and doing those changes didn't work for me. @Balwinder Sir, I know i had made a mistake by doing so. But i was just doing a kind of experiment but without properly surfing about that... Okay.. just to ask, Can you please tell me what actually happened to my system when i changed the permission of /etc directory? Why my system done into an inconsistent state? While as much theory i have read during my engineering about OSs, i hadn't done anything special/severe in that.. -- Regards RAKESH KUMAR http://raakeshkumar.wordpress.com ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
On 08/11/2012 01:31 AM, Raakesh kumar wrote: I have reinstalled ubuntu again as going in recovery mode and doing those changes didn't work for me. @Balwinder Sir, I know i had made a mistake by doing so. But i was just doing a kind of experiment but without properly surfing about that... The package management, handling of temporary, log and a few other system files is done quite cleanly on almost all Unix/Linux systems; hence we seasoned users rarely reinstall :) Anyway, the reinstall is not bad on a freshly installed machine and, or in similar cases like as yours. Okay.. just to ask, Can you please tell me what actually happened to my system when i changed the permission of /etc directory? Why my system done into an inconsistent state? While as much theory i have read during my engineering about OSs, i hadn't done anything special/severe in that.. Just a guess again; you might have recursively changed permissions (using chmod -R option or a something like that using some GUI file manager) which exposed directories and, or files containing passwords, secrets and, or other sensitive system information to the public or others. The security has been and shell remain a major concern for the developers/auditors of Unix/Linux or multi-user systems that's why many a tools/utilities perform some checks well before performing operations intended by the user as did *sudo* in your case. -- Balwinder S bdheeman Dheeman (http://werc.homelinux.net/contact/) ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
On Saturday 11 Aug 2012, Raakesh kumar wrote: I have reinstalled ubuntu again as going in recovery mode and doing those changes didn't work for me. @Balwinder Sir, I know i had made a mistake by doing so. But i was just doing a kind of experiment but without properly surfing about that... Okay.. just to ask, Can you please tell me what actually happened to my system when i changed the permission of /etc directory? Why my system done into an inconsistent state? While as much theory i have read during my engineering about OSs, i hadn't done anything special/severe in that.. There are files and directories in /etc that need specific permissions. Hell, there are files and directories everywhere that need those permissions. Off the top of my head, a few /etc-related permissions: Sub-directories: 0755 or similar. If you don't have those on (e.g.) pam.d, apache2, your servers won't work -- the files inside those directories will not be accessible. Files: passwd needs at least 444, because it has to be world readable. shadow needs to be 600 or similar, because it /shouldn't/ be world- readable; however, I don't know if any app enforces /etc/shadow permissions. Scripts and executables: At the very least, scripts in /etc/init.d need to be 755 or equivalent. If they aren't, your system will probably die a horrible death when trying to boot. Special files like the one you found: sudo will fail if sudoers is world readable, because it's paranoid about security. So you can have two types of problems related to file permissions: 1. Truncated permissions on the file (directory), because of which the system is unable to use the file for its intended purpose. 2. Extra permissions on a file, because of which an application that uses the file determines that it is insecure and refuses to use it. You saw the effect of the latter; if you'd continued you'd probably have seen the effects of the former too. /me shakes his head... Nautilus se sara /etc ka permission change kar diya... what will these kids think of next? Regards, -- Raj -- Raj Mathur || r...@kandalaya.org || GPG: http://otheronepercent.blogspot.com || http://kandalaya.org || CC68 It is the mind that moves || http://schizoid.in || D17F ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
-- Okay.. just to ask, Can you please tell me what actually happened to my system when i changed the permission of /etc directory? Why my system done into an inconsistent state? While as much theory i have read during my engineering about OSs, i hadn't done anything special/severe in that.. -- In short - you $@:ed up an experimental system. No big deal. Lesson learnt. Reinstall the whole damn thing and you're back in business. --Naresh ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
[ilugd] Ubuntu sudo command problem
Hi All, Today i changed the permission of my /etc directory and it's sub directories and files using sudo nautilus. And now my everything including servers and all have stopped working. When i type sudo anywhere to use it shows an error as - sudo: /etc/sudoers is mode 0446, should be 0440 sudo: no valid sudoers sources found, quitting sudo: unable to initialize policy plugin Can somebody help me to get my system back as it was earlier.. Or is there any way to restore my system back? Thanks in advance... -- Regards RAKESH KUMAR ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
On 08/10/2012 02:09 AM, Raakesh kumar wrote: Today i changed the permission of my /etc directory and it's sub directories and files using sudo nautilus. And now my everything including servers and all have stopped working. That's the most worst change any newbie like you can do. You should know what you're doing particularly when fiddling with the system files and, or directories. When i type sudo anywhere to use it shows an error as - sudo: /etc/sudoers is mode 0446, should be 0440 sudo: no valid sudoers sources found, quitting sudo: unable to initialize policy plugin Can somebody help me to get my system back as it was earlier.. Or is there any way to restore my system back? You did not tell what was the exact command or what indeed you typed, hence all I can do is just guess or provide you a hint. Try booting your system with a live/rescue CD/DVD and executing the following: $ sudo mount /dev/partition /mnt $ sudo chmod -R o-w /mnt/etc Substitute the partition with root partition of your Ubuntu installation. WARNING: The above is also as dangerous as was your attempt to make your system unusable. NOTE: All directories in your /etc including /etc should/can be 0555 or 0755 and the files 0444 or 644, but some sensitive directories and, or files containing passwords or serious things should/must not even be readable by others i.e. these directories should/must be 0550 or 0750 and files 0440 or 0640. Reboot your system; hope that helps. -- Balwinder S bdheeman Dheeman (http://werc.homelinux.net/contact/) ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Ubuntu sudo command problem
On Friday 10 Aug 2012, Raakesh kumar wrote: Today i changed the permission of my /etc directory and it's sub directories and files using sudo nautilus. And now my everything including servers and all have stopped working. When i type sudo anywhere to use it shows an error as - sudo: /etc/sudoers is mode 0446, should be 0440 sudo: no valid sudoers sources found, quitting sudo: unable to initialize policy plugin Can somebody help me to get my system back as it was earlier.. Or is there any way to restore my system back? 1. Get a list of permissions of critical files in /etc/ from the 'net, a friend's machine, wherever. 2. Boot into root. I won't tell you how, there are enough pointers on the 'net. 3. Apply the correct permissions to your own /etc files. 4. Reboot. 5. Pay me. Regards, -- Raj -- Raj Mathur || r...@kandalaya.org || GPG: http://otheronepercent.blogspot.com || http://kandalaya.org || CC68 It is the mind that moves || http://schizoid.in || D17F ___ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd