ISPConfig blew away /etc/passwd and /etc/group
A short while ago I ran into a problem where it seemed that ISPConfig removed the contents of /etc/passwd and /etc/group during a failed backup or restart. Of course this caused all sorts of problems.
The reason we suspect ISPConfig did it was by checking the atime on the files in question and the time corresponded with the exact time in the ispconfig.log when it was doing some sort of processing. Additionally, there were no users logged in via SSH or any other remote access method. There was one person logged in to ISPConfig. That person made a change to a the php settings for a domain (apache directive), updated some mail settings, and added a database.
Up until this point, ISPConfig was doing great for us. Now, I'm wondering if anyone else has experienced this type of error and if anyone knows what causes it. I'm a bit nervous continuing to run ISPConfig.
some times ago i ave had the same problem, but i am NOT sure if this was because of ISPConfig.
i had this problem ONE time - never before and (hopefully) never at the future!
I run ISPConfig and its predecessor 42goISP for 4 or 5 years now on production servers and I never lost a password or user in /etc/passwd or /etc/shadow.
What you should do is to check the passwd file with the pwck command to make sure that it is consistent.
pwck is a handy tip, I wasn't aware of that. Thanks!
It definitely points out some nastiness. Lot's of work ahead of me :(
|All times are GMT +2. The time now is 00:43.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.