Hi.. I was installing one IBM s/w on RHEL 5.9. It got stuck and we killed the process at terminal Again we installed the s/w succesfully. But
after that I tried to change the user.
i.e., su testuser
it was giving error. Permission denied.
So I restarted the system. Now its going into maintenance mode. Please help me to bring it into run level 3 mode.
and if you can make me understand what realy bad happened.
Thanks,
So, what IBM software were you installing or have I misread this. Are you installing RHEL onto IBM hardware?
Can you give us a bit more detail please?
Robin
Liverpool/Blackburn
UK
No IBM Hardware.
Its Intel, RHEL 5.9 64bit
So where does IBM come in? Give us more information and we might be able to help.
I don't know what happened somehow server is up.
But not the issue is I'm not able to acces my user.
below is the details.
[root@test db2inst1]# su db2inst1
su: /bin/bash: Permission denied
all the permissions are there.
[root@test db2inst1]# ll -a
total 10632
drwxrwxrwx 5 db2inst1 db2iadm1 4096 Jun 12 16:14 .
drwxr-xr-x 10 root root 4096 Jun 19 22:18 ..
-rwxrwxrwx 1 db2inst1 db2iadm1 12136 Jun 18 01:07 .bash_history
-rwxrwxrwx 1 db2inst1 db2iadm1 33 Jan 26 05:56 .bash_logout
-rwxrwxrwx 1 db2inst1 db2iadm1 269 May 7 12:07 .bash_profile
-rwxrwxrwx 1 db2inst1 db2iadm1 274 Jan 26 05:56 .bashrc
drwxr-x--- 3 db2inst1 db2iadm1 4096 May 9 10:58 db2inst1
-rwxr-x--- 1 wcsuser wcsuser 1715 Jun 7 16:58 db.sh
-rwxrwxrwx 1 db2inst1 db2iadm1 515 Jan 26 05:56 .emacs
drwxrwxrwx 4 db2inst1 db2iadm1 4096 Jan 26 05:56 .mozilla
lrwxrwxrwx 1 root root 28 May 7 12:07 .profile -> /home/db2inst1/.bash_profile
-rwxr-x--- 1 db2inst1 db2iadm1 734 Jun 7 09:49 .viminfo
Hope I have provided the required info...
Please post what you get from these:-
ls -l /bin/bash /etc/shells
cat /etc/shells
Thanks,
Robin
ls -l /bin/bash /etc/shells
-rwxr-x--- 1 root root 801528 May 13 2011 /bin/bash
-rwxr-x--- 1 root root 60 Jan 20 05:05 /etc/shells
cat /etc/shells
/bin/sh
/bin/bash
/sbin/nologin
/bin/tcsh
/bin/csh
/bin/ksh
So, this tells us that any users not in the group root cannot start the bash shell, therefore they cannot log in either. Is there a reason that the permissions are set this way? Normal permissions would be -rwxr-xr-x
It would suggest that a blanket chmod has been performed as both /bin/bash and /etc/shells have the same. /etc/shells would normally be rw-r--r--
Has someone done a rather wild change, such as:-
find / -exec chmod 750 {} \;
If this is the case, then you have a problem and there could be all sorts of other things wrong. Don't just try to reverse it with another find to set them all to something else. That could make things 'different'. Some things could start working again, but your security could be all over the place.
What do you have for:-
ls -l /bin/rm /etc/securetty /etc/sudoers /etc/shadow
and various other directories?
Robin
due to some installation problm permission got set that way. no body set that way.
Here it is what you ask for:
ls -l /bin/rm /etc/securetty /etc/sudoers /etc/shadow
-rwxr-x--- 1 root root 47088 Mar 14 2012 /bin/rm
-rwxr-x--- 1 root root 122 Feb 17 2003 /etc/securetty
-rwxr-x--- 1 root root 1372 Jun 19 22:18 /etc/shadow
-rwxr-x--- 1 root root 3412 Jan 28 03:15 /etc/sudoers
help me out to make things right.
and thanks a lot m learning things.
---------- Post updated at 08:00 AM ---------- Previous update was at 07:45 AM ----------
what you mean by various other directories?
What I was wondering was if you explore other directories, do you find that all the files there have the same ownership and permissions. This might include where you put data, reference files or code even. It is possible that they have all been adjusted.
The standard directories you could have a look in are things like:-
You could also look in user home directories wherever they are. Some have them in /home, others have them in /usr/home and yet more move them away completely. We have some in /actuarial even!
You also need to consider what your backup position is. We may end up having to get back with them. Not necessarily a restore, but depending what and how you have things, you may be able to get the permissions from there. Failing that, if you have a RH support contract then they may be able to direct you to run something that verifies/resets all the critical system permissions.
Robin
I got the scene what had happened there.
I checked for the permission for above said directories. I have attached the file of command output. I fear about backup, Might not possible. Without RHN support is there any funda I can reset whole system permissions, Without reinstalling the system? Please provide your points:
Attached is the file, take a look at it please.
Thanks,
That doesn't look too good.
I found this:- How to: Linux reset the permissions of the installed rpm packages with -setperms option which might help a bit. Read it very carefully. I'm not sure how effective it will be. You might need to loop round every installed package, perhaps with rpm -qa giving you the list to work through.
Have a think if that is a good plan. Backups at this point before you start would be a good thing. Make sure you can restore a blank machine with your method. There isn't an easy "make me a boot tape" process like you get with AIX & HP-UX, but I hope you have procedures for what works for you already.
Let us know how you get on. Any other suggestions from other member would be gratefully received! 