执行chmod -R 777 命令误操作根目录补救的方法

发表于 更新于 分类于

使用 chmod -R 777 ./* 命令在更改某个目录下文件的权限时,由于操作失误,误用为 chmod -R 777 /*,在零点几秒的反应过后,果断 ctrl + c,奈何电脑反应更快,一切为时已晚(切记不要关闭该终端)。若何?

查看当前根目录权限,如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
[root@hadoop-centos-03` /]# ll
total 24
lrwxrwxrwx.   1 root root    7 Apr 28 07:32 bin -> usr/bin
drwxrwxrwx.   5 root root 4096 Apr 28 07:58 boot
drwxrwxrwx.  20 root root 3320 Aug 14 21:58 dev
drwxrwxrwx. 138 root root 8192 May 12 21:05 etc
drwxrwxrwx.   3 root root   20 Apr 28 08:18 home
lrwxrwxrwx.   1 root root    7 Apr 28 07:32 lib -> usr/lib
lrwxrwxrwx.   1 root root    9 Apr 28 07:32 lib64 -> usr/lib64
drwxrwxrwx.   2 root root    6 Apr 11  2018 media
drwxrwxrwx.   2 root root    6 Apr 11  2018 mnt
drwxrwxrwx.   6 root root   77 Aug 14 22:10 opt
drwxrwxrwx. 189 root root    0 Aug 14 21:57 proc
drwxrwxrwx.  19 root root 4096 Aug 14 22:09 root
drwxr-xr-x.  39 root root 1220 Aug 14 21:58 run
lrwxrwxrwx.   1 root root    8 Apr 28 07:32 sbin -> usr/sbin
drwxr-xr-x.   2 root root    6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root    0 Aug 14 21:58 sys
drwxrwxrwt.  22 root root 4096 Aug 14 22:12 tmp
drwxr-xr-x.  13 root root  155 Apr 28 07:32 usr
drwxr-xr-x.  20 root root  282 Apr 28 08:00 var

由于 /etc 目录已经被更改,显示如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
[root@hadoop-centos-03` etc]# ll | head
total 1384
drwxrwxrwx.  3 root root      101 Apr 28 07:36 abrt
-rwxrwxrwx.  1 root root       16 Apr 28 07:57 adjtime
-rwxrwxrwx.  1 root root     1518 Jun  7  2013 aliases
-rwxrwxrwx.  1 root root    12288 Apr 28 08:00 aliases.db
drwxrwxrwx.  3 root root       65 Apr 28 07:45 alsa
drwxrwxrwx.  2 root root     4096 May  6 07:03 alternatives
-rwxrwxrwx.  1 root root      541 Apr 11  2018 anacrontab
-rwxrwxrwx.  1 root root       55 Oct 30  2018 asound.conf
-rwxrwxrwx.  1 root root        1 Oct 31  2018 at.deny
[root@hadoop-centos-03` etc]# ll | tail
-rwxrwxrwx.  1 root root     4479 Oct 31  2018 wgetrc
drwxrwxrwx.  2 root root       33 Apr 28 07:36 wpa_supplicant
-rwxrwxrwx.  1 root root        0 Jun 10  2014 wvdial.conf
drwxrwxrwx.  6 root root      103 Apr 28 07:35 X11
drwxrwxrwx.  6 root root      116 Apr 28 07:39 xdg
drwxrwxrwx.  2 root root        6 Apr 11  2018 xinetd.d
drwxrwxrwx.  2 root root       21 Apr 28 07:33 xml
drwxrwxrwx.  6 root root      100 Apr 28 07:35 yum
-rwxrwxrwx.  1 root root      970 Nov  5  2018 yum.conf
drwxrwxrwx.  2 root root      187 Nov  5  2018 yum.repos.d

故已无法通过ssh连接该节点,提示如下:

1
2
3
4
5
6
Session stopped
    - Press <return> to exit tab
    - Press R to restart session
    - Press S to save terminal output to file

Server unexpectedly closed network connection

ssh 登录相关的文件信息在/etc/ssh目录下,相关文件可能还有passwd、group、shadow等,查找另外一台正常机器该目录的权限及相关文件的权限,根据其修改当前出错机器/etc/ssh目录下的文件及相关文件的权限,我试着将/etc/ssh目录下的文件更改为600,即执行chmod 600 /etc/ssh,发现通过ssh可以连接,示例如下:

1
2
3
4
5
6
7
8
# 未修改前
[root@hadoop-centos-01 ~]# ssh hadoop-centos-03
ssh_exchange_identification: read: Connection reset by peer

# 修改后
[root@hadoop-centos-01 etc]# ssh hadoop-centos-03
root@hadoop-centos-03's password:
Last login: Wed Aug 14 22:48:39 2019 from 192.168.244.6

最头疼的问题(登陆问题)已经解决,只要能进去,剩下的就要慢慢折腾喽。

导出系统文件权限

如果你是在集群中出现上述情况,可以找一个相似的机器,如果你是单机模式,那就找一个比较干净(没有安装过多的额外应用)的机器,导出系统各目录层级的文件权限。

导出命令:

1
getfacl -R /* > /home/chmod.bak  # 存储路径及文件名可以自定义

修改出错机器系统文件权限

命令:

1
setfacl --restore=/home/chmod.bak

上述命令执行完后:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
[root@hadoop-centos-03` /]# ll
total 24
lrwxrwxrwx.   1 root root    7 Apr 28 07:32 bin -> usr/bin
dr-xr-xr-x.   5 root root 4096 Apr 28 07:58 boot
drwxr-xr-x.  20 root root 3320 Aug 14 21:58 dev
drwxr-xr-x. 138 root root 8192 May 12 21:05 etc
drwxr-xr-x.   3 root root   20 Apr 28 08:18 home
lrwxrwxrwx.   1 root root    7 Apr 28 07:32 lib -> usr/lib
lrwxrwxrwx.   1 root root    9 Apr 28 07:32 lib64 -> usr/lib64
drwxr-xr-x.   2 root root    6 Apr 11  2018 media
drwxr-xr-x.   2 root root    6 Apr 11  2018 mnt
drwxr-xr-x.   6 root root   77 Aug 14 22:10 opt
dr-xr-xr-x. 234 root root    0 Aug 14 21:57 proc
dr-xr-x---.  19 root root 4096 Aug 14 22:48 root
drwxr-xr-x.  40 root root 1240 Aug 14 23:06 run
lrwxrwxrwx.   1 root root    8 Apr 28 07:32 sbin -> usr/sbin
drwxr-xr-x.   2 root root    6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root    0 Aug 14 21:58 sys
drwxrwxrwt.  26 root root 4096 Aug 14 23:06 tmp
drwxr-xr-x.  13 root root  155 Apr 28 07:32 usr
drwxr-xr-x.  20 root root  282 Apr 28 08:00 var

到目前为止,一切看似已恢复正常,如果重启方便,建议重启。

总结

  • 操作失误后,切记不要关闭该终端,或许还可以回到从前;
  • 更改/etc/ 目录下的 passwd、group、shadow、ssh等文件可恢复ssh远程登陆;
  • 导出系统文件对应的权限可通过getfacl -R /* > /home/chmod.bak命令实现;
  • 更新系统文件的权限可通过setfacl --restore=/home/chmod.bak命令实现。

参考
传送门

-------------本文结束感谢您的阅读-------------