注意：本人環境為centos，如果是ubuntu等其他系統，則下面第1步驟可能有些檔案報不存在的錯誤，不過不影響後面的步驟 修復步驟： 1.先用控制檯登入，敲下如下命令恢復遠端訪問 chmod o='' -R /etc/{sudoers,shadow,shadow-,libaudit.conf,gshadow,gshadow-,group-,audit,audisp} /etc/selinux/targeted/modules/active/modules/ /etc/ssh/{sshd_config,ssh_host_dsa_key,ssh_host_key,ssh_host_rsa_key,moduli} /etc/openldap/slapd.d/ /etc/{securetty,.pwd.lock,} /etc/security/opasswd /etc/openldap/certs/password 2.然後使用如下指令碼在正常的機器上執行： cat find_perm.sh #!/bin/bash echo > pp0 echo > pp4 echo > pp7 find /etc -perm 777 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' > pp7 find /etc -perm 700 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' > pp0 find /etc -perm 740 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0 find /etc -perm 760 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0 find /etc -perm 440 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0 find /etc -perm 640 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0 find /etc -perm 660 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0 find /etc -perm 000 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0 find /etc -perm 400 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0 find /etc -perm 600 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0 find /etc -perm 444 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' > pp4 find /etc -perm 644 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp4 find /etc -perm 664 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp4 find /etc -perm 764 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp4 find /etc -perm 744 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp4 3.產生3個檔案：pp0,pp4,pp7，把這三個檔案和如下指令碼一併上傳到問題機器： cat alter_perm.sh #!/bin/bash cat pp0 |xargs chmod o='' cat pp4 |xargs chmod o=r cat pp7 |xargs chmod o=rwx 4.執行alter_perm.sh指令碼，恢復被修改的許可權