linux运维排查问题过程中,看到一串下面的报错,记录一下
root@dtsite:~# ufw status
WARN: /etc/default/ufw is world writable!
WARN: /etc/default is world writable!
WARN: /etc is world writable!
WARN: /etc/ufw/ufw.conf is world writable!
WARN: /etc/ufw is world writable!
WARN: /etc/ufw/applications.d is world writable!
WARN: /etc/ufw/user.rules is world writable!
WARN: /etc/ufw/before.rules is world writable!
WARN: /etc/ufw/after.rules is world writable!
WARN: /etc/ufw/user6.rules is world writable!
WARN: /etc/ufw/before6.rules is world writable!
WARN: /etc/ufw/after6.rules is world writable!
WARN: /etc/ufw/applications.d/openssh-server is world writable!
有人把服务器的/etc目录权限改成777,全局可写,导致了上面的警告
可以使用下面的命令把权限改回来
chmod 640 /etc/ufw/{after.rules,/after.init,after6.rules,before.init,before.rules,before6.rules,user.rules,user6.rules}
chmod 644 /etc/ufw/{sysctl.conf,ufw.conf}
chmod 755 /etc/ufw /etc/ufw/applications.d /etc/default /etc
chmod 644 -R /etc/ufw/applications.d/* /etc/default/ufw