Hello!
Today I sat down to work on fixing a docker container that was misbehaving. I typically modify the docker-compose files from my PC over a Samba share. All was well and good until I restarted my server. *POOF* my shares disappeared. Normally I would expect for it to be some issue with Windows, but even my mapped drives wouldn't connect.
Sure enough, systemctl status smbd.service reported back that it was inactive and that it had failed to start. I ran journalctl -xe and started doing some looking around. The more I looked, the more I found the same type of error being reported; they were all along the lines of "root is not the owner of this file" or "wrong file owner." Here are some actual examples:
Apr 09 01:56:04 Maeve cron[1503]: (*system*anacron) WRONG FILE OWNER (/etc/cron.d/anacron)
Apr 09 01:56:04 Maeve cron[1503]: (*system*openmediavault-mkrrdgraph) WRONG FILE OWNER (/etc/cron.d/openmediavault-mkrrdgraph)
Apr 09 01:56:04 Maeve cron[1503]: (*system*php) WRONG FILE OWNER (/etc/cron.d/php)
Apr 09 01:56:04 Maeve cron[1503]: (*system*openmediavault-rsync) WRONG FILE OWNER (/etc/cron.d/openmediavault-rsync)
Apr 09 01:56:04 Maeve cron[1503]: (*system*openmediavault-userdefined) WRONG FILE OWNER (/etc/cron.d/openmediavault-userdefined)
Apr 09 01:56:04 Maeve cron[1503]: (*system*mdadm) WRONG FILE OWNER (/etc/cron.d/mdadm)
Apr 09 01:56:04 Maeve cron[1503]: (*system*openmediavault-powermngmt) WRONG FILE OWNER (/etc/cron.d/openmediavault-powermngmt)
Apr 09 01:56:04 Maeve cron[1503]: (*system*cron-apt) WRONG FILE OWNER (/etc/cron.d/cron-apt)
Apr 09 01:56:04 Maeve monit[1513]: Starting daemon monitor: monitThe control file '/etc/monit/monitrc' must be owned by you.
Apr 09 01:56:04 Maeve monit[1521]: The control file '/etc/monit/monitrc' must be owned by you.
Apr 09 01:56:04 Maeve monit[1513]: failed!
Apr 09 01:56:04 Maeve systemd[1]: monit.service: Control process exited, code=exited status=1
Apr 09 01:56:04 Maeve systemd[1]: Failed to start LSB: service and resource monitoring daemon.
-- Subject: Unit monit.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit monit.service has failed.
--
-- The result is failed.
Apr 09 01:56:07 Maeve postfix/postfix-script[4263]: warning: not owned by root: /etc/postfix/.
Apr 09 01:56:07 Maeve postfix/postfix-script[4269]: warning: not owned by root: /etc/postfix/./recipient_canonical.db
Apr 09 01:56:07 Maeve postfix/postfix-script[4280]: warning: not owned by root: /etc/postfix/./sasl_passwd
Apr 09 01:56:07 Maeve postfix/postfix-script[4286]: warning: not owned by root: /etc/postfix/./postfix-files
Apr 09 01:56:07 Maeve postfix/postfix-script[4287]: warning: not owned by root: /etc/postfix/./makedefs.out
Apr 09 01:56:07 Maeve postfix/postfix-script[4292]: warning: not owned by root: /etc/postfix/./master.cf
Apr 09 01:56:07 Maeve postfix/postfix-script[4306]: warning: not owned by root: /etc/postfix/./smtp_header_checks
Apr 09 01:56:10 Maeve postfix/postfix-script[7964]: warning: not owned by root: /var/spool/postfix/lib/x86_64-linux-gnu/libnss_dns.so.2
Apr 09 01:56:10 Maeve postfix/postfix-script[7966]: warning: not owned by root: /var/spool/postfix/lib/x86_64-linux-gnu/libnss_dns-2.24.so
Apr 09 01:56:10 Maeve postfix/postfix-script[7967]: warning: not owned by root: /var/spool/postfix/lib/x86_64-linux-gnu/libnss_compat.so.2
Apr 09 01:56:10 Maeve postfix/postfix-script[7968]: warning: not owned by root: /var/spool/postfix/lib/x86_64-linux-gnu/libnss_compat-2.24.so
Apr 09 01:56:10 Maeve postfix/postfix-script[7969]: warning: not owned by root: /var/spool/postfix/lib/x86_64-linux-gnu/libgcc_s.so.1
Apr 09 01:56:10 Maeve postfix/postfix-script[8004]: starting the Postfix mail system
Apr 09 01:56:10 Maeve postfix/master[8022]: fatal: open lock file /var/lib/postfix/master.lock: cannot open file: Permission denied
Apr 09 01:56:10 Maeve kernel: eth0: renamed from veth2af778f
Apr 09 01:56:10 Maeve kernel: eth0: renamed from vethf665d13
Apr 09 01:56:10 Maeve kernel: br-5e746883afda: port 10(veth55cbca3) entered blocking state
Apr 09 01:56:10 Maeve kernel: br-5e746883afda: port 10(veth55cbca3) entered forwarding state
Apr 09 01:56:10 Maeve kernel: br-5e746883afda: port 5(veth5b9c5fd) entered blocking state
Apr 09 01:56:10 Maeve kernel: br-5e746883afda: port 5(veth5b9c5fd) entered forwarding state
Apr 09 01:56:11 Maeve postfix/master[8008]: fatal: daemon initialization failure
When I looked far enough up, I found that samba was failing to start because of similar reasons; not having access to var/lib/samba. Once I saw this, I figured I'd check out the permission of /var/lib. Almost every directory was owned by my user, not root. In fact, when I ls -l /, it's the same thing; almost all directories are owned by my user. Output of ls -l
-rw-rw-r-- 1 nlitz88 1000 40 Jan 10 2019 README.md
drwxr-xr-x 2 nlitz88 1000 4096 Apr 4 02:02 bin
drwxr-xr-x 3 nlitz88 1000 4096 Apr 4 01:59 boot
drwxr-xr-x 19 root root 3760 Apr 9 01:56 dev
drwxrwxr-x 104 nlitz88 1000 4096 Apr 8 00:15 etc
drwxr-xr-x 2 nlitz88 1000 4096 Apr 8 2019 export
drwxr-xr-x 2 nlitz88 1000 4096 Mar 28 2019 home
lrwxrwxrwx 1 nlitz88 1000 36 Apr 4 01:59 initrd.img -> boot/initrd.img-4.19.0-0.bpo.8-amd64
lrwxrwxrwx 1 nlitz88 1000 36 Apr 4 01:59 initrd.img.old -> boot/initrd.img-4.19.0-0.bpo.6-amd64
drwxr-xr-x 16 nlitz88 1000 4096 Apr 4 02:02 lib
drwxr-xr-x 2 nlitz88 1000 4096 Aug 13 2019 lib64
drwx------ 2 nlitz88 1000 16384 Aug 13 2019 lost+found
drwxr-xr-x 3 nlitz88 1000 4096 Aug 13 2019 media
drwxr-xr-x 2 nlitz88 1000 4096 May 17 2019 mnt
drwxr-xr-x 3 nlitz88 1000 4096 Aug 14 2019 opt
dr-xr-xr-x 360 root root 0 Apr 9 01:55 proc
drwx------ 10 nlitz88 1000 4096 Apr 9 01:53 root
drwxr-xr-x 29 root root 1220 Apr 9 01:56 run
drwxr-xr-x 2 nlitz88 1000 12288 Apr 4 01:59 sbin
drwxr-xr-x 10 nlitz88 1000 4096 Apr 4 02:25 sharedfolders
drwxr-xr-x 10 nlitz88 1000 4096 Dec 14 01:33 srv
dr-xr-xr-x 13 root root 0 Apr 9 02:09 sys
drwxrwxrwt 7 root root 140 Apr 9 02:09 tmp
drwxr-xr-x 11 nlitz88 1000 4096 Aug 14 2019 usr
drwxr-xr-x 13 nlitz88 1000 4096 Aug 14 2019 var
lrwxrwxrwx 1 nlitz88 1000 33 Apr 4 01:59 vmlinuz -> boot/vmlinuz-4.19.0-0.bpo.8-amd64
lrwxrwxrwx 1 nlitz88 1000 33 Apr 4 01:59 vmlinuz.old -> boot/vmlinuz-4.19.0-0.bpo.6-amd64
I ran chown -R root /var/lib/samba/, restarted the samba service, and now samba is up and running again.
My questions after all of this:
- Should all of these system directories be owned by my user and not root? (something tells me root should own them, no?).
- if the permissions should be root, how would you suspect something like this happened? Would it have to be me at some point running chmod on / without realizing? Or could an application have done this?
I'm more than happy to post any additional logs or info should anyone need it. Thanks for the read, any correspondence is appreciated!