Blog

Fixing File Permissions on RPM-Based Linux Systems

If you’re here to resolve an unintended recursive chmod or chown command on an RPM-based Linux system, follow this quick solution with root privileges:

rpm --setugids -a
rpm --setperms -a

The –setugids option sets user/group ownership, and –setperms sets file permissions. If successful, great! For thoroughness or unresolved issues, read on.

Why Fix Permissions and Ownership?

Correcting improper file permissions or ownership is crucial to recover from unintended chmod or chown commands. It prevents the need for a complete system restore, saving time and resources.

Issues arise when someone mistakenly executes a recursive command on the file system, affecting multiple files. Identifying changed files can be challenging, making this procedure valuable.

Problems Caused by Incorrect Permissions:

Improper permissions hinder processes and services, leading to unexpected behavior, immediate stops, or failure to restart. For instance, a web server unable to read files it serves renders the service useless.

Services may fail to start if they can’t read their configuration files or encounter changed lock file permissions. Execute permissions may be lost, preventing services from starting.

Services like databases require proper permissions to write data. These issues highlight the importance of setting permissions correctly.

Examples of Errant chmod and chown Commands:

A simple mistake like adding a space in a chmod command can lead to unintended consequences. For instance, chown -R postgres / var/lib/pgsql changes ownership of every file to the postgres user.

Fixing with the RPM Command:

To restore stability, use the following commands with root privileges:

rpm --setugids -a
rpm --setperms -a

This ensures user/group ownership and permissions match the initial installation state.

Fixing Permissions for Files Not Known by RPM:

Check important services with:

systemctl restart SERVICE_NAME

Troubleshoot failed services using:

journalctl -xe

Address issues and restart the service until successful. Check failed services with:

systemctl list-units --failed

After a system reboot, use the command above to ensure all services started successfully.

Directories Not in the RPM Database:

Common directories outside the RPM database include:

/var/log/SERVICE_NAME/
/var/lib/SERVICE_NAME/
/var/spool/SERVICE_NAME/
/var/www
/usr/local
/run
/var/run/
/tmp
/var/tmp
/root
/home

Correcting Home Directory Ownership:

If user home directories were changed, assume each directory and its contents should be owned by the corresponding user. Use caution with the chown command to avoid creating further issues.

Why Not Just Restore from Backup?

Restoring from a recent backup is a viable option, especially if no critical data is lost. It ensures proper permissions and ownership but may be slower than the step-by-step process outlined above. A hybrid approach, selectively restoring parts of the system, is also an option.

Follow this process unless a backup for restoration is unavailable.

Scroll to Top