Ownership Permissions of /var in Debian Squeeze

Suppose you happen to accidentally do sudo chown -R www-data:www-data * whilst the current directory is /var. Now that’s a fairly daft thing to do! but we all make mistakes. There doesn’t seem to be an easy way to correct this other than restore a backup or look at another machine with a similar setup. Rather than having to restore a backup I looked at a machine with a similar setup, the machine has lighttpd, mysql, and sendmail installed on it so I built the following script based on the permissions with those packages installed on a fresh install of Debian Squeeze

#!/bin/bash

echo "Setting Directory ownership" &&
chown -R root:root /var &&
chown -R man:root /var/cache/man &&
chown -R www-data:www-data /var/cache/lighttpd &&
chown -R libuuid:libuuid /var/lib/libuuid &&
chown -R smmta:smmsp /var/lib/sendmail &&
chown -R mysql:mysql /var/lib/mysql &&
chown -R www-data:www-data /var/log/lighttpd &&
chown -R mysql:adm /var/log/mysql &&
chown -R www-data:www-data /var/run/lighttpd &&
chown -R mysql:root /var/run/mysqld &&
chown -R smmsp:smmsp /var/run/sendmail/msp &&
chown -R smmta:smmsp /var/run/sendmail/mta &&
chown -R smmta:smmsp /var/spool/mqueue &&
chown -R smmsp:smmsp /var/spool/mqueue-client &&
chown -R root:staff /var/local &&
chown -R root:mail /var/mail &&
chown -R root:smmta /var/run/sendmail &&
chown -R root:smmsp /var/run/sendmail/stampdir &&
chown -R root:crontab /var/spool/cron/crontabs &&
chown -R www-data:www-data /var/www &&
echo "Setting File ownership" &&
chown root:smmsp /var/lib/sendmail/dead.letter &&
chown root:adm 
 /var/log/auth.log 
 /var/log/boot 
 /var/log/daemon.log 
 /var/log/debug 
 /var/log/dmesg* 
 /var/log/fsck/checkfs 
 /var/log/fsck/checkroot 
 /var/log/kern.log 
 /var/log/lpr.log 
 /var/log/mail.err 
 /var/log/mail.info 
 /var/log/mail.log 
 /var/log/mail.warn 
 /var/log/messages 
 /var/log/news/news.crit 
 /var/log/news/news.err 
 /var/log/news/news.notice 
 /var/log/syslog 
 /var/log/user.log &&
chown root:utmp 
 /var/log/lastlog 
 /var/log/btmp 
 /var/log/wtmp 
 /var/run/utmp &&
chown root:smmsp 
 /var/run/sendmail/mta/smsocket 
 /var/run/sendmail/stampdir/reload &&
chown -f root:smmsp /var/run/sendmail/mta/sendmail.pid &&
chown mysql:adm 
 /var/log/mysql.err 
 /var/log/musql.log &&
chown -f mysql:adm /var/run/mysqld.pid &&
echo "Done."

In addition you will need to set the ownership permissions of /var/spool/cron/crontabs/<user> and /var/mail/<user> depending on the users on the system.

Advertisements

7 thoughts on “Ownership Permissions of /var in Debian Squeeze”

  1. I did the same thing with /usr. I wanted to change /usr/eclipse and did not realize I was one directory back and now I changed ownership of all files in /usr. I am on the road and not able to look at another distro. Any ideas on where I can get the default ownership of Debian files in the /usr directory (including mysql). Thanks!

    1. /usr is a fairly large directory structure. Fortunately I can tell you it is almost exclusively owned by root:root

      giles@tandoori:~$ find /usr -! -user root
      /usr/bin/at

      /usr/bin/at on my system is owned by daemon:daemon

  2. I modified it to remove the && as I wasn’t concerned about every command succeeding. And I removed some of the ones that were not present on my system. Anyway, you’re a time saver! Thank you:)

    #!/bin/bash
    echo “Setting Directory ownership”
    chown -R root:root /var
    chown -R man:root /var/cache/man
    chown -R libuuid:libuuid /var/lib/libuuid
    chown -R mysql:mysql /var/lib/mysql
    chown -R www-data:www-data /var/log/lighttpd
    chown -R mysql:adm /var/log/mysql
    chown -R www-data:www-data /var/run/lighttpd
    chown -R mysql:root /var/run/mysqld
    chown -R smmsp:smmsp /var/run/sendmail/msp
    chown -R smmta:smmsp /var/run/sendmail/mta
    chown -R smmta:smmsp /var/spool/mqueue
    chown -R smmsp:smmsp /var/spool/mqueue-client
    chown -R root:staff /var/local
    chown -R root:mail /var/mail
    chown -R root:smmta /var/run/sendmail
    chown -R root:smmsp /var/run/sendmail/stampdir
    chown -R root:crontab /var/spool/cron/crontabs
    chown -R www-data:www-data /var/www
    echo “Setting File ownership”
    chown root:smmsp /var/lib/sendmail/dead.letter
    chown root:adm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s