[PLUG] chmod Question

[Keith Lofstrom]

On Fri, Nov 18, 2011 at 11:38:17AM -0800, Rich Shepard wrote:
>   I inadvertently changed permissions on all directories and files in my ~/
> to 755 (including the dot files, of course). Only the directories should
> have those perms; regular files should be 644.
> 
>   I want to correct this as quickly as possible, but I cannot find an option
> in the chmod man page that will ignore directories while changing all other
> files. There's probably a scripting approach using file and exec, but I've
> not done anything like this before so guidance on how to restore the
> appropriate perms will be very helpful.
> 
> Rich

I assume you have no backups, you naughty boy.  We should
spank you, and if we need to wear the black high-heeled
boots, it will cost you extra.  :-?


The problem is, you may have some executables and special files
in your personal directory (perhaps made by some of the apps
you use).  There are also files that want to be user-read-only
for security, and some system programs will get cranky (gnome
may fail to start, for example) with those files set to 644
"promiscuous read" mode.

So you do not want to chmod the files to 644.  A better way is
to chmod the files (and not the directories or executables) to
"a-x", which means user/group/others -not- executable.  That makes
fewer assumptions about permissions on the read and write bits.

First, set up another user and run your usual apps as that user.
That should create a lot of files with the correct permissions,
which you can reference as you fix your own account.  You
need to know what all the permissions are, including dot
directory files like the firefox/mozilla password database,
or ".dbus/session-bus", for example.  That could take a 
while, but you will have a reference to compare to, the next
time something gets goofed up.

The elegant method is to use "find" and "exec" and "chmod"
in one long line that looks like line noise.  But if you
aren't sure what you are doing, it could get you in even
more trouble.  So I suggest the slow and stupid way.

First, "find" all the files in your directory, and redirect
the list to a BIG text file ( 790K lines on my laptop )

    cd ~
    find . -type f > big_file

You will probably see a few errors about directories you
don't have permission to access.  Ignore them, you also did
not have permission to break them.  Unless you were root
when you broke them.  In that case, the revolver is in
the top right drawer, you must do the honorable thing ...

Rather than process big_file with a script, you should text
edit it, mostly to remove the names of files that should not
get changed, or be handled differently - refer to the files
of the example user.  While you edit, globally replace the
start of the line with "chmod a-x".  In vi:

    :%s/^/chmod a-x /

Then you can run "sh big_file" and all the lines in big_file
will execute as commands.  That is slow and inelegant, but a
lot more understandable.  It is critical that you understand
what is happening.

This is a surprisingly large amount of work, without backups
to refer to.  But imagine what it would be like with a GUI
and a mouse.

Another clinic activity, sounds like.  You really should do
nightly backups...

Keith

PS:  apropos of nothing much, the sign on the remodelled Village
Inn near our house has a small logo "vi" on it.  I want to use vi
on this restaurant to edit out all the diabetes-inducing carbs.

-- 
Keith Lofstrom          keithl at keithl.com         Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs