Browsing the archives for the file permissions tag

Restoring File Permissions in Solaris

Jan 22, 2009
admin
Solaris, UNIX

Have you ever done something like this accidentally?

# chmod -R 777 /usr
^C^C^C

Oops – You just changed some files in /usr to 777 before you were able to cancel. You don’t know how many or which files were affected. pkgchk can save you here.

In Solaris, there is a software “registry” file, /var/sadm/install/contents, which gives us information on every file installed on the system, or at least every file associated with a Solaris package. This file includes information about file permissions, owner and group information, file size and checksum. Here’s an excerpt from the contents file:

/etc/opt/SUNWexplo/t3files.txt f none 0444 root bin 123 11760 1208943439 SUNWexplu
/etc/opt/SUNWexplo/t3input.txt e build 0400 root bin 590 45160 1208943439 SUNWexplu
/etc/opt/SUNWexplo/tapeinput.txt e build 0400 root bin 885 6403 1208943439 SUNWexplu
/etc/opt/SUNWexplo/xscfinput.txt e build 0400 root bin 758 60717 1208943439 SUNWexplu
/etc/pam.conf e pamconf 0644 root sys 3103 17166 1219679093 SUNWcsr
/etc/passwd e passwd 0644 root sys 672 56039 1219679093 SUNWcsr
/etc/patch d none 0755 root sys SUNWppror
/etc/patch/patch.conf v preserve 0644 root sys 365 31670 1186005379 SUNWppror
/etc/patch/secret.conf v preserve 0600 root sys 207 17050 1186005379 SUNWppror
/etc/path_to_inst v preserve 0444 root root 26 2566 1106347450 SUNWcsd
/etc/power.conf e powerconf 0644 root sys 488 40965 1106350205 SUNWpmr
/etc/printers.conf e preserve 0644 root sys 162 13902 1106350198 SUNWpcr
/etc/profile e etcprofile 0644 root sys 712 51625 1219679093 SUNWcsr

The pkgchck command can be used to fix the file attributes (owner and group) of any or all package-installed files.

# pkgchk -f

This command would check every file listed in /var/sadm/install/contents, and if needed, change the owner and permissions of the files on the system to match the registry. Yes, this is sort of a shotgun approach, and you may not want to invoke changes this widely across the system.

In my example, only /usr was affected, so you can narrow down the criteria with a find command:

# find /usr -perm 777 -exec pkgchk -f -p {} \;

Or if you only changed one file, and now want it to change it back to whatever it was, just tell pkgchk to only work on the file you specify:

# pkgchk -f -p /etc/crypto/kcf.conf

  • Share/Bookmark
1 Comment
Tagged ,