You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2019-11-09 10:43:24
- Roken
- Member
- From: South Wales, UK
- Registered: 2012-01-16
- Posts: 1,253
[SOLVED] Which files need setuid
Some time ago (maybe 4 years) made a mess in the terminal and changed the ownership of every file on my system to $USER, which of course resulted in a completely borked system. (Clearly I wasn't paying attention to what I was doing, I seem to remember it was a Saturday morning after a Friday night out).
Unwilling to reinstall from scratch, I spent the next couple of days fixing everything with the aid of an external bootable installation, and thought I was done.
During this week after an issue with an AUR package I identified some files still owned by $USER rather than root, and so I'm setting about fixing that.
I now have all ownership corrected, but the process removed setuid from some files. I fixed sudo from the bootable drive, and fixed others by comparing with my laptop installation, but I want to know if I've caught them all (the laptop installation has far less installed than my desktop).
Is there a way to identify, in a single process, which files should have setuid (whether it is actually set or not) so that I can go through and fix, or is it a case of fix as I go (if I haven't caught them all)?
Last edited by Roken (2019-11-09 20:26:43)
Ryzen 5900X 12 core/24 thread - RTX 3090 FE 24 Gb, Asus Prime B450 Plus, 32Gb Corsair DDR4, Cooler Master N300 chassis, 5 HD (1 NvME PCI, 4SSD) + 1 x optical.
Linux user #545703
Offline
#2 2019-11-09 12:59:17
- Nickolas0
- Member
- Registered: 2019-02-16
- Posts: 30
Re: [SOLVED] Which files need setuid
Generally something like sudo pacman -Qkk |grep warning
sudo pacman -Qkk > /dev/nullshould list files that permissions differ from their origins from Arch packages. You may re-install all packages that owns those files to restore permissions.
Last edited by Nickolas0 (2019-11-09 13:36:35)
Offline
#3 2019-11-09 13:13:06
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,523
- Website
Re: [SOLVED] Which files need setuid
While the command above works by coincidence, the grep command doesn't actually do anything useful. You'll get the same results with `pacman -Qkk | grep nosuchmatch`, and for the same reason `pacman -Qkk > /dev/null` which certainly simpler. (Also note there's no reason to use sudo for that command at all). More on point, though, if your goal is just to filter out all the non-warning/error output, just use the -q flag `pacman -Qkkq`. As a nice side effect, this puts the package names without a colon making it even easier to get just the package names to pipe to pacman to reinstall:
pacman -Qkkq | cut -d' ' -f1 | sudo pacman -S -Note though that this will find permission mismatches (including suid) but not ownership issues which was the original problem. It sounds like you just manually hunted for those ... use find. Assuming you have a seperate home partition the following will find any remaining user-owned files in the root fs:
sudo find / -xdev -user $USERLast edited by Trilby (2019-11-09 13:17:29)
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
#4 2019-11-09 13:42:19
- Nickolas0
- Member
- Registered: 2019-02-16
- Posts: 30
Re: [SOLVED] Which files need setuid
Your are right, /dev/null instead of grep is more appropriate.
As for other recommendations: I used sudo to filter out "Permission denied" noise. "-q" flag will hide the reason why files are being listed and I expect there will be a lot of "Modification time mismatch" warnings on this system. Also "pacman -Qkk" already warns about UID/GID mismatches so there's no need for using find for that.
Offline
#5 2019-11-09 13:50:04
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 29,523
- Website
Re: [SOLVED] Which files need setuid
Ah cool, I didn't know Qkk caught ownership issues, the man page seems vague on this point, but I did confirm it does catch these mismatches.
You are right about masking the reason the files are listed and a few permission denied listings if run as a normal user, but it'd be harmless to reinstall a few extra packages (from the local cache).
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
#6 2019-11-09 16:01:40
- WorMzy
- Forum Moderator
- From: Scotland
- Registered: 2010-06-16
- Posts: 11,845
- Website
Re: [SOLVED] Which files need setuid
Mod note: not an installation issue, moving to NC.
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Offline
#7 2019-11-09 20:26:25
- Roken
- Member
- From: South Wales, UK
- Registered: 2012-01-16
- Posts: 1,253
Re: [SOLVED] Which files need setuid
Honestly - you guys have awesome knowledge (and I generally know my way around).
Seems like I had caught everything the hard way (by hand), but nice to have it confirmed.
Thank you so much.
Ryzen 5900X 12 core/24 thread - RTX 3090 FE 24 Gb, Asus Prime B450 Plus, 32Gb Corsair DDR4, Cooler Master N300 chassis, 5 HD (1 NvME PCI, 4SSD) + 1 x optical.
Linux user #545703
Offline
Pages: 1