From owner-freebsd-questions@FreeBSD.ORG Thu Nov 15 16:41:10 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4C888C01 for ; Thu, 15 Nov 2012 16:41:10 +0000 (UTC) (envelope-from dan@slightlystrange.org) Received: from lhscloud01.localhostservices.net (lhscloud01.localhostservices.net [83.222.226.222]) by mx1.freebsd.org (Postfix) with ESMTP id EF72B8FC19 for ; Thu, 15 Nov 2012 16:41:09 +0000 (UTC) Received: from client-86-31-248-156.oxfd.adsl.virginmedia.com ([86.31.248.156] helo=catflap.slightlystrange.org) by lhscloud01.localhostservices.net with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1TZ1on-000Pk9-Ie for freebsd-questions@freebsd.org; Thu, 15 Nov 2012 15:57:29 +0000 Received: from dan by catflap.slightlystrange.org with local (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1TZ1om-0005Mh-Bb for freebsd-questions@freebsd.org; Thu, 15 Nov 2012 15:57:28 +0000 Date: Thu, 15 Nov 2012 15:57:28 +0000 From: Daniel Bye To: freebsd-questions@freebsd.org Subject: Re: 9.1 permissions in the / directory Message-ID: <20121115155728.GA5234@catflap.slightlystrange.org> References: <816E535579724567A55D3EC28633CED6@win2snvu0x4eg9> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="XsQoSWH+UP9D9v3l" Content-Disposition: inline In-Reply-To: <816E535579724567A55D3EC28633CED6@win2snvu0x4eg9> X-PGP-Fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 User-Agent: Mutt/1.5.21 (2010-09-15) Sender: Daniel Bye X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Daniel Bye List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Nov 2012 16:41:10 -0000 --XsQoSWH+UP9D9v3l Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 14, 2012 at 05:12:59PM -0500, Joseph Mays wrote: > Have a recently set up 9.1 RC1 system. Someone (not me, just sayin') > did a chmod 600 in the / directory. Needless to say this caused > numerous problems. I tried to change them back as best I could by > comparing them to an older directory, but some things are still not > right. Trying to log in, via either console or ssh as anyone other > than root. Ssh gets: >=20 > %ssh mays@[redacted] > Password: > Last login: Wed Nov 14 15:50:37 2012 > Could not chdir to home directory /home/mays: Permission denied > /bin/tcsh: Permission denied > Connection to [redacted] closed. > % >=20 > followed by a disconnect. Console complains about the /home/user > directory not being there (though it is and the permissions look > normal), says it's logging in with slash instead, then says > "/bin/tcsh: no such file or directory", though /bin/tcsh is there > and permissions look fine. I'm attaching a screenshot of the message > log that shows up on console logins. >=20 > So, two questions. What is causing the problem, and does anyone have > anything that shows what the normal / directory permissions for 9.1 > RC1 should look like? First, login fails to read the user's home directory, because the permissions on either /usr or /home (depending on whether your /home is a directory, or a symlink to /usr/home) don't allow it to see any contained files or directories, even though, from what you say, all contained files and subdirectory permissions are correct. It then attempts to fall back to using / as an emergency home for this session, but then fails to find /bin/tcsh, because the permissions on /bin prevent it from seeing anything it contains. Second, you can restore most, if not all, of the correct permissions with the mtree tool. Log in as root, and then run this: # cd / # mtree -Uef /etc/mtree/BSD.root.dist The mtree specification file, /etc/mtree/BSD.root.dist, contains a list of the files and directories that are installed in a standard FreeBSD system, along with the correct ownership and permissions for those objects. The -U flag tells mtree to modify any objects that don't match the specification, and the -e flag tells it not to warn about files it finds on disk but not in the specification file. Dan --=20 Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ --XsQoSWH+UP9D9v3l Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (FreeBSD) iEYEARECAAYFAlClEOcACgkQixf5fBYiFmrgUQCcCO9+H7uuW42zeJk03NjzNtDM m/YAoKrzFKqf+Lj9aioaOgJVXPWQkZIv =U7GI -----END PGP SIGNATURE----- --XsQoSWH+UP9D9v3l--