Last night I decided to migrate all my users/sites to my ISPConfig server.
All appeared to be going well....
After adding maybe 10 sites and over 100 email accounts, I noticed a strange problem. Files that were usually owned by root root where now showing root 1
I looked at the /etc/group file and to my horror all my groups had disappeared and the only lines left in there where the last 5 groups added by ISPConfig.
I am uncertain why this happened but I am guessing it may be because my usernames had hyphens in them (-). Can anyone confirm that this may be true or is true ?
On further investigation, I found that each time I added/changed users in ISPConfig, a grpconv command was executed which ran at 100% cpu and 100% mem, and eventually was killed with an Out Of Memory message in the messages file.
After googling for a while, I found that grpconv can go into an endless loop until killed with an OOM.
I do not know whether the original corruption of /etc/group and /etc/gshadow was a result of the grpconv hanging or whether the grpconv hanging was a result of the corruption.
After manually fixing the group and gshadow files, I ran grpck which found some duplicate entries and some other small problems.
grpconv now executes fast and without problems.
One thing I do notice however, is that groups created by ISPConfig, for instance:
When web1 has been deleted, this group remains and is not deleted. Is this normal or have I got another problem here ? If it IS normal, would it not be better for the group to be deleted also, once the web has been removed from the recycle bin ?
This brings me onto another issue..... after playing around with ISPConfig, and removing it and reinstalling it etc, ISPConfig seems to have no regard for already assigned UIDs. It seems to always start with 10001 regardless of whether this is already in use or not.
.This causes immediate problems with /etc/passwd and /etc/group (and may have been the initial cause of my problems).
ISPConfig needs to check that UIDs are not in use before it decides to use them itself !!
My advice to anyone would be to make a backup of /etc/passwd /etc/shadow /etc/group and /etc/gshadow before installing ISPConfig just in case there are problems later, in fact after this experience I will be making backups of these 4 files on every server that I have.
Any comments Falko/Till ? My server seems to be running spot on now so I am happy again, but it's been a hell of a 24hrs
If I add a new group manually for something, for instance:
this group is assinged the next ID, which will be 1 higher than the last ispconfig site.
If you then add a new site in ISPConfig, it doesn't check for the next id, it just knows the last one it created itself so uses the same one that testgroup took.