I had run Lynis, a system-hardening auditor. At its suggestion, I
changed numerous permissions system-wide. I have also changed conf
files that alter book-time permissions. The following problems have
occured:
1) Upon reboot, my /dev/snd is in a state that makes ALSA fail to
recognize the audio devices. My user is in audio. The only way to make
ALSA recognize the /dev/snd devices is to add setguid, which resets
upon boot
2) My /var/lib is bonked. I am unable to run clamscan because clamscan
can not access the bytecode files. Again, I can fix it with chmod
which changes on the reboot.
I am unsure if there are other issues. I have not yet come accross
them. I changed my umask back to default, thoug my understanding on
umask is that it only affects the /home directory. My fault is not
logging what Lynis told me to do, and what I did in response. I did
not realize that hardening my system permissions would cause this.
I previously entered the IRC under an anonymous nick to fix more
problems caused not as a result of this, but as a result of attempting
to fix this. Those problems have been fixed. More-or-less my system is
now in a state as it was after the initial-run of Lynis.
Some output:
[03:09 se7en@lappy ~] > ls -ld /dev/snd
drwxr-x--- 3 root root 260 Jan 29 02:26 /dev/snd
[03:12 se7en@lappy ~] > ls -ld /dev/snd/*
ls: cannot a=ccess '/dev/snd/*': Permission denied
[03:12 root@lappy se7en] > ls -ld /dev/snd/*
# NOTE: Changing /dev/snd/by-path to audio:audo is enough to fix the
# ALSA problem but it resets on reboot
drwxr-xr-x 2 root root 60 Jan 29 02:26 /dev/snd/by-path
crw-rw---- 1 root audio 116, 9 Jan 29 02:26 /dev/snd/controlC1
crw-rw---- 1 root audio 116, 7 Jan 29 02:26 /dev/snd/hwC1D0
crw-rw---- 1 root audio 116, 8 Jan 29 02:26 /dev/snd/hwC1D3
crw-rw---- 1 root audio 116, 3 Jan 29 02:26 /dev/snd/pcmC1D0c
crw-rw---- 1 root audio 116, 2 Jan 29 02:26 /dev/snd/pcmC1D0p
crw-rw---- 1 root audio 116, 4 Jan 29 02:26 /dev/snd/pcmC1D3p
crw-rw---- 1 root audio 116, 5 Jan 29 02:26 /dev/snd/pcmC1D7p
crw-rw---- 1 root audio 116, 6 Jan 29 02:26 /dev/snd/pcmC1D8p
crw-rw---- 1 root audio 116, 1 Jan 29 02:26 /dev/snd/seq
crw-rw---- 1 root audio 116, 33 Jan 29 02:26 /dev/snd/timer
[03:13 se7en@lappy ~] > ls -ld /var/lib
drwxr-xr-x 72 root root 4.0K Jan 24 02:47 /var/lib
[03:14 se7en@lappy ~] > ls -ld /var/lib/* | grep clamav
drwxr-xr-x 2 clamav clamav 4.0K Jan 29 02:27 /var/lib/clamav
drwxr-xr-x 4 root root 4.0K Feb 3 2019 /var/lib/clamav-unofficial-sigs
[03:14 se7en@lappy ~] > ls -ld /var/lib/clamav/*
-rw-r--r-- 1 clamav clamav 283K Jan 24 00:12 /var/lib/clamav/blurl.ndb
-rw-r--r-- 1 clamav clamav 3.4K Oct 27 2019 /var/lib/clamav/bofhland_cracked_URL.ndb
-rw-r--r-- 1 clamav clamav 104K Apr 3 2019 /var/lib/clamav/bofhland_malware_attach.hdb
-rw-r--r-- 1 clamav clamav 610 Oct 26 2019 /var/lib/clamav/bofhland_malware_URL.ndb
-rw-r--r-- 1 clamav clamav 9.5K Oct 27 2019 /var/lib/clamav/bofhland_phishing_URL.ndb
-rw-r--r-- 1 clamav clamav 1.4M Sep 19 2019 /var/lib/clamav/bytecode.cld
-rw-r--r-- 1 clamav clamav 82 Jul 13 2016 /var/lib/clamav/crdfam.clamav.hdb
-rw-r--r-- 1 clamav clamav 323M Jan 27 05:10 /var/lib/clamav/daily.cld
-rw-r--r-- 1 clamav clamav 65 Jul 26 2013 /var/lib/clamav/doppelstern.hdb
-rw-r--r-- 1 clamav clamav 7.2M Jan 18 08:09 /var/lib/clamav/junk.ndb
-rw-r--r-- 1 clamav clamav 184K Jan 23 19:12 /var/lib/clamav/jurlbl.ndb
-rw-r--r-- 1 clamav clamav 294M Nov 25 2019 /var/lib/clamav/main.cld
-rw-r--r-- 1 clamav clamav 256 Feb 10 2020 /var/lib/clamav/mirrors.dat
-rw-r--r-- 1 clamav clamav 4.0M Jan 19 08:11 /var/lib/clamav/phish.ndb
-rw-r--r-- 1 clamav clamav 1.4M Jan 24 00:00 /var/lib/clamav/phishtank.ndb
-rw-r--r-- 1 clamav clamav 620K Jan 24 00:00 /var/lib/clamav/porcupine.ndb
-rw-r--r-- 1 clamav clamav 41K Jan 22 01:11 /var/lib/clamav/rogue.hdb
-rw-r--r-- 1 clamav clamav 11K Oct 18 2016 /var/lib/clamav/sanesecurity.ftm
-rw-r--r-- 1 clamav clamav 1.9M Jan 19 12:09 /var/lib/clamav/scam.ndb
-rw-r--r-- 1 clamav clamav 285 Jan 4 05:08 /var/lib/clamav/sigwhitelist.ign2
-rw-r--r-- 1 clamav clamav 1.4K Apr 28 2017 /var/lib/clamav/spamattach.hdb
-rw-r--r-- 1 clamav clamav 19K Nov 6 01:12 /var/lib/clamav/spamimg.hdb
-rw-r--r-- 1 root root 49 Dec 13 00:54 /var/lib/clamav/whitelist-files.txt
-rw-r--r-- 1 clamav clamav 15K Jul 16 2018 /var/lib/clamav/winnow.attachments.hdb
-rw-r--r-- 1 clamav clamav 66 Mar 5 2018 /var/lib/clamav/winnow_bad_cw.hdb
-rw-r--r-- 1 clamav clamav 16K Mar 5 2018 /var/lib/clamav/winnow_extended_malware.hdb
-rw-r--r-- 1 clamav clamav 18K Mar 5 2018 /var/lib/clamav/winnow_malware.hdb
-rw-r--r-- 1 clamav clamav 15K Nov 26 2019 /var/lib/clamav/winnow_malware_links.ndb
[03:14 se7en@lappy ~] > alsamixer
cannot open mixer: Permission denied
[03:14 se7en@lappy ~] > aplay -l
aplay: device_list:272: no soundcards found...
[03:13 root@lappy se7en] > alsamixer
cannot open mixer: No such file or directory
[03:15 root@lappy se7en] > aplay -l
**** List of PLAYBACK Hardware Devices ****
card 1: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC Analog]
Subdevices: 1/1
Subdevice #0: subdevice #0
card 1: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI 0]
Subdevices: 1/1
Subdevice #0: subdevice #0
card 1: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
Subdevices: 1/1
Subdevice #0: subdevice #0
card 1: PCH [HDA Intel PCH], device 8: HDMI 2 [HDMI 2]
Subdevices: 1/1
Subdevice #0: subdevice #0
--
|-----/ | Se7en
/ The One and Only! | se7en@???
/ | 0x0F83F93882CF6116
/ | https://se7en-site.neocities.org
::
[DNG] [Devuan 3] [Chmod] [Lynis] Bo…
