Siduction Forum

Siduction Forum => Upgrade Warnings => Topic started by: ReinerS on 2014/08/19, 13:33:34

Title: /usr gehört plötzlich 501.501
Post by: ReinerS on 2014/08/19, 13:33:34
Hmm, strange,
Since yesterday evening I had strange effects on my laptop. Virtual-Box refused to start, some other programs like htop were just hanging until closed via CTRL+C.
I examined this today morning and found that /usr and anyhing beneath it was owned by user/group 501.501.
For why this is so I have no explanation at all as normal user/group numbers start nowadays at 1000.1000. Earlier times (long ago) they started at 500.500.
501 doesn't exist on my box neither as user nor as group. My system was uptodate.
I am resetting that to root with find and chown. We will see wether this helps

Hmm,
komische Geschichte.
Seit gestern Abend habe ich seltsame Effekte auf meinem Laptop. Virtual-Box startete nicht mehr, andere Progaramme wie htop hingen einfach bis sie mit CRTL+C bendet wurden.
Habe es heute morgen nochmal untersucht und festgestellt dass auf einmal /usr und alles was dahinter liegt dem user/group 501.501 gehört.
Warum und wieso ist mir absolut unerklärlich da die normalen User/Group nummern heutzutage be 1000.1000 beginnen. Früher (Sehr viel früher) war das mal 500.500.
501 gibt es auf meinem Rechner weder als User noch als group. Mein System war auf dem aktuellen Stand.
Ich setzte das mal mit find und chown auf root zurück, mal sehen ob das reicht.


Grüße

Reiner

Edit:Virtual-Box refused to run because /usr  wasn't owned by root
Virtual-Box wollte nicht starten weil /usr nicht root gehörte.
Title: Re: /usr gehört plötzlich 501.501
Post by: michaa7 on 2014/08/19, 20:28:34
habt ihr schon nach geschaut, ob bei euch /usr auch 501.501 gehört, ist bei nämlich auch so.

Google (http://www.google.de/search?q=/usr+501.501) bringt das mit "condor" (was immer das ist), oder mit flash (https://debianforum.de/forum/viewtopic.php?f=33&t=139161) in verbindung.

Same here, /usr und some subdirectories are owend by 501:501 .

First, /usr is supposed to be owend by root:root, second there is no user 501
Quote
~$ cat /etc/passwd | grep 501
<user>@<pc>:~$
Title: Re: /usr gehört plötzlich 501.501
Post by: reddark on 2014/08/19, 21:10:36
bei mir ist besitzer root.
Letztes update ist aber auch schon ein paar tage her ....
Title: Re: /usr gehört plötzlich 501.501
Post by: michaa7 on 2014/08/19, 21:21:47
...
Ich setzte das mal mit find und chown auf root zurück, mal sehen ob das reicht.

Du setzt setzt dafür wohl das ergebnis vom "find ? ? ?" als variable in
chown root:root ${?}, oder? Wie genau geht das?
Title: Re: /usr gehört plötzlich 501.501
Post by: cryptosteve on 2014/08/19, 21:41:08
bei mir ist besitzer root.

dito hier ...

Letztes update ist aber auch schon ein paar tage her ....

hier nicht, minutenaktuell ...
Title: Re: /usr gehört plötzlich 501.501
Post by: ReinerS on 2014/08/19, 22:10:55
I have done that in 3 steps in a terminal/console as root:
Ich habe das in 3 Schritten innerhalb eines Terminals / einer Konsole als root duchgeführt:Grüße


Reiner
Title: Re: /usr gehört plötzlich 501.501
Post by: michaa7 on 2014/08/19, 22:32:08
Are you sure *all* directories and files in /usr belong to root? If so, you could achive this much easier: chown -R root:root /usr

I did use your command, but aborted it until I am sure about this ques
tion.

ist das egal ob root.root oder root:root ?
Und verzeichnisse und dateien ausserhalb vom /usr findest du so nicht.

Wie lange dauert das etwas?

Ich frage weil ich immer wieder probleme mit "find" habe, was sehr schnell alle resourcen belegt und weiteres hantieren mit dem rechner unmöglich wird, ich komme dann nichtmal mehr an eine konsole, kann den grafikserven nicht abschießen, gar nichts.

Does it matter whether I use root.root or root:root ?
And directories or files outside of /usr you won't find.

How long does it take?

sidenote:
I am asking because I tried and find catches all ressources and I cannot do anything with the computer after a few minutes. I have this problem quite each day when find deamon chronjob (I have no clue) jumps in and completly take over my computer. If I do not notice it within a few minutes I lose the all means to steer my computer (no mouse, no successfull login to terminal or konsole, nothing), so  "find" is a problem here,
/sidenote
Title: Re: /usr gehört plötzlich 501.501
Post by: cas on 2014/08/19, 22:32:49
/usr/local and subdirectories are ownend by group "staff" on one box (32), but not one another (64, du sometime ago) . This group exists (GID 50), but nobody is inside this group. So I think I have to change it like ReinerS did.

Greetings, C

Code: [Select]
cas@lifo:/etc$ ls -l /usr/local/
insgesamt 32
drwxrwsr-x 2 root staff 4096 Dez 31  2013 bin
drwxrwsr-x 2 root staff 4096 Dez 31  2013 etc
drwxrwsr-x 2 root staff 4096 Dez 31  2013 games
drwxrwsr-x 2 root staff 4096 Dez 31  2013 include
drwxrwsr-x 8 root staff 4096 Jun  5 00:24 lib
lrwxrwxrwx 1 root staff    9 Dez 31  2013 man -> share/man
drwxrwsr-x 2 root staff 4096 Dez 31  2013 sbin
drwxrwsr-x 9 root staff 4096 Jun  5 00:24 share
drwxrwsr-x 2 root staff 4096 Dez 31  2013 src
Title: Re: /usr gehört plötzlich 501.501
Post by: cas on 2014/08/19, 22:39:35
man chown says ":". Never seen "user.group", but who knows.

It takes exactly as long, as find takes without "exec". As /etc is usually quite small, it shouldn't take too long.
Here a "find /etc" took 12 sec, where I have many files in /etc because of etckeeper.

Greetings, C
Title: Re: /usr gehört plötzlich 501.501
Post by: ReinerS on 2014/08/19, 22:56:22
Quote
man chown says ":". Never seen "user.group", but who knows.
Ooopps, I was just believing the other way around. I never used ":" until now. ???

I did only care for directories and files within /usr. If you want to find (and only to find) directories and files from the whole system you have to change to / and do:
find . -user 501 -group 501.
But beware: Do not change directories and files automaticly as some or a lot of them might need to belong to other users (i.e. /home, /var etc).

Well and it looks really that is was caused by flash. I just looked into the tar packages and found "501.501" all over there.
And therefore in this case only /usr was effected.

Hopefully we get rid of this stuff in not too far away future !! >:( :P

regards

Reiner

Edit: As I just found out (http://www.jux-net.info/jux2/docs/sys100/comm_26.html) chown user.group seems to be vaild too.  ::)
Title: Re: /usr gehört plötzlich 501.501
Post by: ReinerS on 2014/08/19, 23:18:55
@michaa7:
Quote
re you sure *all* directories and files in /usr belong to root? If so, you could achive this much easier: chown -R root:root /usr
No I am not sure of that. But hoped it would do no harm as I donot /cannot know about the real owner of eachs directory or file within /usr.

Yes you are right, a chown -R root:root /usr would have been sufficient.
But as I use the find-solution quite often on other purposes it came first into my mind. ;)

I could also better have explicitly have done a find for items belonging to user 501 and group 501 and only change those to root:root, but this just now came into my mind. This propably would have been more exact and much faster. :-[
 

regards

Reiner
Title: Re: /usr gehört plötzlich 501.501
Post by: michaa7 on 2014/08/19, 23:30:02
...
Here a "find /etc" took 12 sec, where I have many files in /etc because of etckeeper.

Greetings, C
But we were talking about /usr not /etc

and don't change user "staff", that is a regular debian user with *limited* root privileges.

@ Rainer

Thanks!
Title: Re: /usr gehört plötzlich 501.501
Post by: der_bud on 2014/08/20, 08:22:05
Are you sure *all* directories and files in /usr belong to root?...

Here on 32bit all but /usr/local belong to root:root, while local and the dirs inside belong to root:staff (0 50).
Code: [Select]
ls -lan /usr
insgesamt 176
drwxr-xr-x  10 0  0  4096 Jan  8  2014 .
drwxr-xr-x  22 0  0  4096 Aug 19 08:34 ..
drwxr-xr-x   2 0  0 69632 Aug 20 08:00 bin
drwxr-xr-x   2 0  0  4096 Mai  6  2013 games
drwxr-xr-x  32 0  0 20480 Aug 18 10:21 include                                                                                                                   
drwxr-xr-x 102 0  0 36864 Aug 19 09:36 lib                                                                                                                       
drwxrwsr-x  10 0 50  4096 Jan  8  2014 local                                                                                                                     
drwxr-xr-x   2 0  0 12288 Aug 19 09:41 sbin                                                                                                                     
drwxr-xr-x 216 0  0 12288 Aug 19 09:41 share                                                                                                                     
drwxr-xr-x   7 0  0  4096 Aug 19 08:33 src


ls -lan /usr/local
insgesamt 40
drwxrwsr-x 10 0 50 4096 Jan  8  2014 .
drwxr-xr-x 10 0  0 4096 Jan  8  2014 ..
drwxrwsr-x  2 0 50 4096 Dez 31  2013 bin
drwxrwsr-x  2 0 50 4096 Dez 31  2013 etc
drwxrwsr-x  2 0 50 4096 Dez 31  2013 games
drwxrwsr-x  2 0 50 4096 Dez 31  2013 include
drwxrwsr-x  7 0 50 4096 Jun  6 10:14 lib
lrwxrwxrwx  1 0 50    9 Dez 31  2013 man -> share/man
drwxrwsr-x  2 0 50 4096 Dez 31  2013 sbin
drwxrwsr-x  8 0 50 4096 Jun  6 10:14 share
drwxrwsr-x  2 0 50 4096 Dez 31  2013 src

Meanwhile, /etc/passwd has no entry for ID 50 or staff, but as michaa7 said that seems to be a debian default.

---

... As I just found out (http://www.jux-net.info/jux2/docs/sys100/comm_26.html) chown user.group seems to be vaild too.  ::) ...
man chown tells us for complete documentation one could use
Code: [Select]
$ info coreutils 'chown invocation'
There one can find
Code: [Select]
  Some older scripts may still use `.' in place of the `:' separator.
POSIX 1003.1-2001 (*note Standards conformance::) does not require
support for that, but for backward compatibility GNU `chown' supports
`.' so long as no ambiguity results.  New scripts should avoid the use
of `.' because it is not portable, and because it has undesirable
results if the entire OWNER`.'GROUP happens to identify a user whose
name contains `.'.
Title: Re: /usr gehört plötzlich 501.501
Post by: michaa7 on 2014/08/20, 15:16:21
Are you sure *all* directories and files in /usr belong to root?...

Here on 32bit all but /usr/local belong to root:root, while local and the dirs inside belong to root:staff (0 50).
Thanks der_bud for the info. I change it accordingly.

@ all
Does anyone still have older flash...tar.gz files stored (I overwrite the old file with each newone as supposably most people do)? The newest version has all directories and files owned by 501:501. I'd like to verify whether or not this is limited to the newest version or not. So please let me know flash version+owner+arch32/64 as I want to write a bug report or get in direct contact with the author of flashplugin-update.
Title: Re: /usr gehört plötzlich 501.501
Post by: der_bud on 2014/08/20, 16:08:05
In a virtualbox machine where I did not update flash for two weeks there is a /var/cache/flashplugin-nonfree/install_flash_player_11_linux.i386.tar.gz, dating from August 04 (Flash Player Version 11.2.202.400 according to readme.txt).

Inside that .tar.gz file is a /usr-directory dating from July 27 with 501:501 :) (but,to repeat, on that system with that flashplayer my /usr has 0:0, so the flash-update two weeks ago did nothing wrong).

---
EDIT: I just did update-flashplugin -ivv just to realize that the version above already is the newest available one.
Title: Re: /usr gehört plötzlich 501.501
Post by: michaa7 on 2014/08/20, 17:04:24
Inside that .tar.gz file is a /usr-directory dating from July 27 with 501:501 :) (but,to repeat, on that system with that flashplayer my /usr has 0:0, so the flash-update two weeks ago did nothing wrong).

Yes, the same here *when using the update-script*. And looking at the output reveals the culprit gives a hint:
Quote
downloading http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.400/install_flash_player_11_linux.i386.tar.gz ...
verifying checksum install_flash_player_11_linux.i386.tar.gz ...
unpacking install_flash_player_11_linux.i386.tar.gz ...
verifying checksum contents of install_flash_player_11_linux.i386.tar.gz ...
moving libflashplayer.so to /usr/lib/flashplugin-nonfree ...
setting permissions and ownership of /usr/lib/flashplugin-nonfree/libflashplayer.so ...

I assume all people not using the script but cp-ing the extracted content of the flash-tar.gz to the appropriate directory have this 501:501 ownership.
This assumption is wrong. at least here. I don't know how cp is supposed to work when copying files, preserve attributes of the old file for the new file? This is how it works here.

ReinerS, how did you update flash last time?

I think there is no need do file a bug report but we need to warn our users who update manually to change ownership of the extracted files to root:root before cp-ing them.

Waiting for someone or other to verify.

So still no real clue what exactly causes the change of ownership.


Edit:
It seems using mc (midnight commander) for copying those file causes the ownership to be changed to the one of the copied file. I in mc have set the option "preserve attributes" which to me isn't really unambiguous. Preserve whichone, the ones of the copied file or the existing.

I remember that I once used mc for updateing flash. And I think I checked the "preserve attributes" box.
Title: Re: /usr gehört plötzlich 501.501
Post by: ReinerS on 2014/08/20, 20:22:17
I have here the 11.2.202.400 package.
As the script, to my knowledge/memory, at this time wasn't ready for that I have copied the content via mc.
So this probably might have caused the problem.

The script might have taken care of that.

regards


Reiner

Edit: Well just played around with it and unchecking "preserve attributes" does the trick.
Title: Re: /usr gehört plötzlich 501.501
Post by: michaa7 on 2014/08/28, 01:19:02
Are you sure *all* directories and files in /usr belong to root?...

Here on 32bit all but /usr/local belong to root:root, while local and the dirs inside belong to root:staff (0 50).
...

... which unfortunatly isn't true:

#1
You won't be able to use mlocate as user until after you change owner and mod.
Note owner and SUID for group
Quote
$ dir -l /usr/bin/mlocate
-rwxr-sr-x 1 root mlocate 35816 Jun 13  2013 /usr/bin/mlocate

#2
chromium won't start anymore. When starting in VT you'll see that the chromium sandbox needs file mode bits different from what they are after you issued "chown -R root:root /usr/"

I can't await for more to come ... :-(


BTW: I won't mind if a mod moved this thread away from "upgrade-warnings", because it isn't and wasn't. And, again btw, this section should be called "dist-upgrade-warnings", you know why.