# Accidentally 'chown -R' to /usr/local in jail as root



## tekkon (Mar 6, 2009)

I am running Freebsd 7.1 release. I have an 'ezjail' created jail and I was logged in as root with 'jexec'.

I wanted to "chown -R www:www /usr/local/www" because of some permission issue.
Instead I accidentally "chown -R www:www /usr/local"

Now the all the file and directories in '/usr/local' is own by user "www"

I think I might have done some serious damage to the jail. I haven't executed any further commands after that. Is there any way to revert the last action made in Freebsd? Or could I restore the original permissions for '/usr/local' with 'ezjail-admin'?


----------



## crsd (Mar 6, 2009)

It should be pretty safe to `chown -R root:wheel /usr/local` with some exceptions, running `find /usr/local/ -not -user root -or -not -group wheel` gives me etc/sasldb2.db owned by cyrus:mail and all directories in /usr/local/man owned by man:wheel (recursively, not files). YMMV, however.


----------



## anomie (Mar 6, 2009)

I'd add that you need to get into the habit of backing up your jail regularly, and especially just before performing maintenance or upgrades. The cpdup program (in ports) is great for this purpose.


----------



## Mel_Flynn (Mar 7, 2009)

```
for mfile in /var/db/pkg/*/+MTREE_DIRS; do
    mtree -ude -f ${mfile} -p /usr/local
done
```
That takes care of all _directories_ created by installed ports. Don't worry about the messages.

Then again, you could also reinstall all ports.


----------



## tekkon (Mar 7, 2009)

Mel_Flynn said:
			
		

> ```
> for mfile in /var/db/pkg/*/+MTREE_DIRS; do
> mtree -ude -f ${mfile} -p /usr/local
> done
> ...



Thank you for the solution. For the code you provided, is it a shell script? I've yet to attempt shell scripting however would like to try. To be sure, do I add a shebang to the code above, then save to a .sh file and run it?

I am interested to know how the code works too.


----------



## Mel_Flynn (Mar 7, 2009)

You can simply type it on the command line. The shell will execute after 'done'.

As for how it works:
When a port is installed it saves modes and ownerships of directories it uses in /var/db/pkg/<pkgname>/+MTREE_DIRS. This code walks all MTREE_DIRS files and restores those modes and ownerships if they have been changed.
See mtree(8) for details.


----------



## tekkon (Mar 9, 2009)

Thank you for the description. I have tried entering the commands you've provided. From the output, changes was made only to '/usr/local/man'.

I then reinstalled all ports which seems to have fixed the ownerships issues.


----------

