Hello Everyone:
One of our admins here accidently ran chmod -R 777 in the /usr folder on a V440 running Solaris 9. After that no one could run any command and could not login. I fixed most of the things by re-restricting some rights and applying the correct rights. Now there is a problem with the "su" command.
[discus/]/export/home0/usr/discus> su - root
Password:
su: Unable to join project "user.root"
[discus/]/export/home0/usr/discus>
-rwxr-xr-x 1 root sys 78 Apr 6 2002 project
Contents of project file from /etc
system:0::::
user.root:1::::
noproject:2::::
default:3::::
group.staff:10::::
Any help would be greatly appreciated.
/etc/project isn't supposed to be executable (should be 0644) but I wouldn't have thought that would actually cause your error...
Why not just recover the correct permissions from your backup's Table of Contents, then reapply them via a scripted chmod? That way you know you've got everything back the way it should be.
What's your backup software?
Alternatively, use another v440 sol9 build to provide you with the correct template, use the find command on the two systems and script a lookup to calculate the correct perms.
Let us know if you need a hand with these, it's a relatively straightforward problem and to debug each seperate issue one by one will have you busy for years - not to mention introducing questions about what caused it on every bug or issue you find on that box for ever more.
BTW, running chmod 0777 on anything is always avoidable, the only time you'll ever need 777 rights on a directory is when you'll also need the sticky bit set too.
Using a -R suggests that your admin was trying to solve a permissions problem by just making everything full rights; including execution rights which you never want on a data file (imagine if you accidentally ran it, you'd be piping random bytes of data at an interpretor, the kind of mess that could make is horrible).
Aside from the mistake over where to run it (that happens to everyone at some point, I've seen a recursive rm ran from /, I've had a chown -R go very wrong myself), I'd say you should be having a talk to them about security and safe practices.
Did you restore su suid bit ?
$ ls -l /usr/bin/su
-r-sr-xr-x 1 root sys 34780 f�vr. 9 01:50 /usr/bin/su
Thank you for the great replys. We fixed everything by restoring rights from backup. Everything is up an running except for the man pages. That I'll just rebuild, no big deal. By the way, our backup software is ARCServ.
Again, thanks for the great replys. All of you were a big help.