誤修改/etc目錄下所有檔案許可權導致無法遠端訪問
阿新 • • 發佈:2019-02-01
注意:本人環境為centos,如果是ubuntu等其他系統,則下面第1步驟可能有些檔案報不存在的錯誤,不過不影響後面的步驟
修復步驟:
1.先用控制檯登入,敲下如下命令恢復遠端訪問
chmod o='' -R /etc/{sudoers,shadow,shadow-,libaudit.conf,gshadow,gshadow-,group-,audit,audisp} /etc/selinux/targeted/modules/active/modules/ /etc/ssh/{sshd_config,ssh_host_dsa_key,ssh_host_key,ssh_host_rsa_key,moduli}
/etc/openldap/slapd.d/ /etc/{securetty,.pwd.lock,} /etc/security/opasswd /etc/openldap/certs/password
2.然後使用如下指令碼在正常的機器上執行:
cat find_perm.sh
#!/bin/bash
echo > pp0
echo > pp4
echo > pp7
find /etc -perm 777 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' > pp7
find /etc -perm 700 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' > pp0
find /etc -perm 740 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0
find /etc -perm 760 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0
find /etc -perm 440 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0
find /etc -perm 640 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0
find /etc -perm 660 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0
find /etc -perm 000 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0
find /etc -perm 400 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0
find /etc -perm 600 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp0
find /etc -perm 444 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' > pp4
find /etc -perm 644 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp4
find /etc -perm 664 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp4
find /etc -perm 764 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp4
find /etc -perm 744 -exec ls -lh {} \; |awk '{print $9}' |grep '^/' >> pp4
3.產生3個檔案:pp0,pp4,pp7,把這三個檔案和如下指令碼一併上傳到問題機器:
cat alter_perm.sh
#!/bin/bash
cat pp0 |xargs chmod o=''
cat pp4 |xargs chmod o=r
cat pp7 |xargs chmod o=rwx
4.執行alter_perm.sh指令碼,恢復被修改的許可權