Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I accidentally set owner of root folder (/) and all subfolders to one user by command
$ sudo chown -R 'userName' /*
Now I wanna set owner back to root user by command
$ chown -R root:root /*
But I have no permission for this operation.
If i use command
$ sudo chown -R root:root /*
it returns
sudo: effective uid is not 0, is sudo installed setuid root?
What should I do to fix that?
I am guessing when you ran the first command you also ended up modifying the ownership of the /usr/bin/sudo executable.
It is saying that effective UID isn't 0 (since root has EUID equal to 0).
So try to change owner of /usr/bin/sudo, and then try change the ownership of other files.
You broke your system pretty badly. Next time be more careful using sudo.
Now, start your system using a rescue disk, probably your install disk.
Mount your broken file system in the rescue system.
Fix the permission/owner stuff.
Reboot using your original system.
Depending on how much you changed using that chown, you will have to fix a lot in step 3. You probably might want to have a look at a working proper installation of the same system to find out which user should be the owner of things like /dev/mem etc.
A re-install of the OS might be faster.
:O I offer my condolence!
The problem is that the sudo binary itself must be owned by root. If you have the root password you could just get root to fix the problem:
su
If not, you could boot using a rescue system, mount the partition and
chown root:root /mnt/usr/bin/sudo
or fix the whole problem using the rescue system.
But it will be hard to fix all that ownerships. I would suggest to craft a script that reads the file ownerships from a vanilla installation of your system (having installed the same packages as you) and applies them to the crashed system. (Custom files in the /home/... you'll have to chown yourself) Without such a script it will get really hard but it should be easy to code that
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I have a strange issue, trying to run mate-screensaver-dialog with root privileges using SUID bit:
[root#localhost ~]# ls -l /usr/libexec/mate-screensaver-dialog
-rwsr-s--t. 1 root root 72920 мар 22 2021 /usr/libexec/mate-screensaver-dialog
And with that, launching this (from a user user) and looking for the effective uid gives me info of the user, who ran this executable:
[root#localhost ~]# ps aux | grep screensaver-dialog
user 3673 0.6 0.4 894304 38504 pts/3 Sl+ 19:29 0:00 /usr/libexec/mate-screensaver-dialog
This case happens, when user session is locked by a timeout with a screensaver. So can anyone please help me, why could SUID bit do not work for this case? I would be glad for any advice.
Using OS: RedOS 7.3, x64
Browsing through the source code on github i have found this comment:
Initializations that potentially take place as a priveleged user:
If the executable is setuid root, then these initializations
are run as root, before discarding privileges.
The function which this comment addresses:
static gboolean privileged_initialization(int* argc, char** argv)
Is called from the main function here.
In addition to that, the privileged_initialization function calls another function hack_uid present in the setuid.h header in the same directory which has a similar comment above it:
If we've been run as setuid or setgid to someone else (most likely root)
turn off the extra permissions so that random user-specified programs
don't get special privileges.
Based on this i assume that the executable follows a common practice of dropping elevated privileges before running actual functionality. This is a popular approach of reducing impact of potential security holes.
Effectively, it means that the executable probably starts running as root, because of the SUID bit, performs any tasks that actually need root privileges and afterwards reduces the privileges to the user level.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed last year.
Improve this question
I installed go on ubuntu 16.04 from the archive and tried to test my installation by issuing the command go on my terminal. It keeps prompting me / not root-owned 1000:0.
I installed go on /usr/local folder and also included it into my path as instructed on the official golang installation. I removed go and tried to install it again, but found the same result. It sounds more of a linux root permission issue, but I have no clue how to fix it. I tried other commands that I installed from archive and they work perfectly fine. Any kind of help would be appreciated.
It seems to complain that the system root directory / has the wrong owner. This is a security problem because you don't want to have regular users changing system files at will. It looks like you changed this on purpose at some point in the past; change it back, or reinstall your system if you have wrecked more permissions than just this one.
sudo chown root /
For the record, the proper way to give yourself limited system access is to use sudo. Add yourself to sudoers (usually this is already set up by the OS installer on any reasonably consumer-oriented Linux distro) and when you need privileges for something, run that command with sudo.
Simple, in the command line:
sudo chown root:root /
In addition to the root permission issue I had, I also found that I installed go using snap to: snap install --classic go, which wasn't a good idea. I was also unable to remove the go folder in /snap, even as root. I now reinstall my system and hopefully the issue will be solved.
sudo chown root /var
This will solve your problem
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
After a typo in a change to /etc/pam.d/sudo no user can sudo at all. The package cannot be modified as it requires sudo privileges, but all attempts result in rm: cannot remove ‘/etc/pam.d/sudo’: Permission denied and attemps to escalate to sudo result in sudo: PAM authentication error: Module is unknown. The package cannot be removed as it requires sudo. What is there to be done?
My account was part of the sudoers group, was able to pkexec vi /etc/pam.d/sudo and make the appropriate changes to the file as described here
In this situation where root access is required you have 2 options: (1) acquire the root password and fix pam.d/sudo or (2) boot with the install media with init=/bin/bash (or linux init=/bin/bash using LILO).
If you can't get the root password and must rely on the install media, then you will need to boot the install media, at the grub or lilo menu choose Boot Options and set:
init=/bin/bash (if you are using GRUB Boot loader)
linux init=/bin/bash (if you are using LILO Boot Loader)
Then check that the / filesystem is mounted read/write with the mount command. If not rw, then:
mount -o remount,rw /
You can then modify/replace pam.d/sudo. Reboot or telinit. (Note: you will need to modify the commands for systemd)
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I am trying to install python2.7 on a VM which is centos 6.5. I followed a following guide to install it
http://toomuchdata.com/2014/02/16/how-to-install-python-on-centos/
However when I try to install run python as sudo i get the following error.
-bash: python2.7: command not found
running just python2.7 works. It even works when i run it as a root user. Also I noticed that:
which python2.7
returns
/usr/bin/which: no python2.7
when I do sudo -i and then run the command.
Any idea why it is like that?
If you're using CentOS 6.5, this is likely due to the fact that sudo does not set /usr/local/bin as part of the PATH.
CentOS 6.x's /etc/sudoers file sets the secure_path (which is used during sudo sessions) to a very restricted set of paths.
Use the visudo command and look at the contents of your /etc/sudoers file. You will likely find this section:
#
# Adding HOME to env_keep may enable a user to run unrestricted
# commands via sudo.
#
# Defaults env_keep += "HOME"
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
So sudo doesn't use the /usr/local/bin path.
You can solve your problem in a couple ways:
Add /usr/local/bin to the secure_path - This can open up security problems if you don't know what's gonna be in your /usr/local/bin directory. Though typically, this is probably not a huge concern because only root has write access to /usr/local/bin by default.
Disable secure_path entirely by commenting it out - again, you're overriding a feature designed to restrict access and improve security.
Try the following
sudo env PATH=$PATH python2.7
What this does is copy the current path you have into your new sudo's environment.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I'm new to linux. I have Ubuntu and I would like to run a .run installer in my Downloads folder. The name of the run file is "xampp.run"
I've read that you first have to run
chmod +x xampp.run
to change mode to installer and then run
./xampp.run
to run the installer. However, nothing happens when I try these. I'm running from root#ubuntu.
This is what I've done in my shell.
Download and install XAMPP for x86_64 Linux.
.run files are executables, not unlike windows-installers(M$)
You may need root permission to execute the file.
su to root, and enter the root password, or use sudo before your command
then either cd to the directory where the .run file is
or use "absolute addressing" and
type in a terminal shell...
sh (filename).run
Generally you can evoke a help screen (not always) by adding --help on the end.
sh (filename).run --help
(this may give you options to apply to the install script.)
Hope this helps
You should download 64bit version of Xampp.
this steps is for ubuntu user
sudo chmod 755 xampp-linux-1.8.2.0-installer.run
sudo ./xampp-linux-1.8.2.0-installer.run
(This will extract all the packages to the /opt/lampp directory)
Then start the service
/opt/lampp/lampp start