Linux Mint

/usr ownership issues

Bug #928784 reported by bruno.braga
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Linux Mint
New
Undecided
Unassigned

Bug Description

I have a recently installed Mint 12 32-bit, and I got surprised while installing openssh-server package, which complained with the following:

WARN: uid is 0 but '/usr' is owned by 501
WARN: /usr is group writable!

Checking it carefully:

bruno@dynabook-laptop ~/Downloads $ ls -lh /
total 84K
drwxr-xr-x 2 root root 4.0K 2011-12-07 00:17 bin
drwxr-xr-x 3 root root 4.0K 2011-12-07 09:39 boot
drwxr-xr-x 15 root root 4.1K 2012-02-08 19:51 dev
drwxr-xr-x 148 root root 12K 2012-02-08 21:17 etc
drwxr-xr-x 3 root root 4.0K 2011-12-06 23:31 home
lrwxrwxrwx 1 root root 32 2011-12-06 23:33 initrd.img -> boot/initrd.img-3.0.0-12-generic
drwxr-xr-x 19 root root 4.0K 2011-12-07 00:21 lib
drwx------ 2 root root 16K 2011-12-06 23:25 lost+found
drwxr-xr-x 2 root root 4.0K 2012-02-01 22:59 media
drwxr-xr-x 2 root root 4.0K 2011-10-09 17:29 mnt
drwxr-xr-x 4 root root 4.0K 2012-02-08 20:21 opt
dr-xr-xr-x 159 root root 0 2012-02-08 19:51 proc
drwx------ 7 root root 4.0K 2011-12-11 17:49 root
drwxr-xr-x 23 root root 840 2012-02-08 21:17 run
drwxr-xr-x 2 root root 4.0K 2011-12-07 00:21 sbin
drwxr-xr-x 2 root root 4.0K 2011-06-22 04:43 selinux
drwxr-xr-x 2 root root 4.0K 2011-10-13 00:27 srv
drwxr-xr-x 12 root root 0 2012-02-08 19:51 sys
drwxrwxrwt 17 root root 4.0K 2012-02-08 21:17 tmp
drwxrwxr-x 10 501 501 4.0K 2011-11-01 17:58 usr
drwxr-xr-x 13 root root 4.0K 2012-02-06 08:09 var
lrwxrwxrwx 1 root root 29 2011-12-06 23:33 vmlinuz -> boot/vmlinuz-3.0.0-12-generic
bruno@dynabook-laptop ~/Downloads $ ls -lh /usr/
total 156K
drwxrwxr-x 2 501 501 44K 2012-02-08 21:17 bin
drwxr-xr-x 2 root root 4.0K 2011-12-28 10:20 games
drwxr-xr-x 49 root root 4.0K 2011-12-06 23:53 include
drwxrwxr-x 233 501 501 68K 2012-02-08 21:17 lib
drwxr-xr-x 10 root root 4.0K 2011-10-13 00:27 local
drwxr-xr-x 2 root root 12K 2012-02-08 21:17 sbin
drwxrwxr-x 315 501 501 12K 2012-02-08 20:50 share
drwxr-xr-x 5 root root 4.0K 2011-11-02 00:40 src

It is really weird that, not only it is group writable, but also the user 501 does not even exist in the system:

bruno@dynabook-laptop ~/Downloads $ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
colord:x:102:105:colord colour management daemon,,,:/var/lib/colord:/bin/false
messagebus:x:103:107::/var/run/dbus:/bin/false
lightdm:x:104:108:Light Display Manager:/var/lib/lightdm:/bin/false
avahi-autoipd:x:105:112:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false
avahi:x:106:113:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false
usbmux:x:107:46:usbmux daemon,,,:/home/usbmux:/bin/false
kernoops:x:108:65534:Kernel Oops Tracking Daemon,,,:/:/bin/false
pulse:x:109:119:PulseAudio daemon,,,:/var/run/pulse:/bin/false
rtkit:x:110:122:RealtimeKit,,,:/proc:/bin/false
speech-dispatcher:x:111:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/sh
hplip:x:112:7:HPLIP system user,,,:/var/run/hplip:/bin/false
saned:x:113:123::/home/saned:/bin/false
bruno:x:1000:1000:Bruno Braga,,,:/home/bruno:/bin/bash
mysql:x:114:126:MySQL Server,,,:/nonexistent:/bin/false
sshd:x:115:65534::/var/run/sshd:/usr/sbin/nologin

I hope this did not come from another package installer that I have executed, but if it is reproduced in other machines, it might be something to look at, as it imposes a possible security risk.

Additional details:

bruno@dynabook-laptop ~/Downloads $ uname -a
Linux dynabook-laptop 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:50:42 UTC 2011 i686 i686 i386 GNU/Linux

Tags: chmod chown
Revision history for this message
bruno.braga (bruno-braga) wrote :
Revision history for this message
bruno.braga (bruno-braga) wrote :

Update: VirtualBox does not allow to run virtual machines if the /usr/* does not belong to root, for security reasons.

I had to manually fix this with the command:

 find / -group 501 -exec chown root:root {} \; 2>/dev/null

visibility: private → public
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.