/etc/group damaged

Discussion in 'General' started by ronee, Apr 25, 2013.

  1. ronee

    ronee Member HowtoForge Supporter


    This has been discussed extensively however have not found an answer that addresses our specific issue.

    We have an ispconfig 2 server that has been running for years without issue and that we have not yet had time to migrate to ispconfig 3. This morning users were reporting issues receiving email and we found a wide variety of system problems stemming from the /etc/group file being mostly empty. We found one line in it only listing one group and that's it.

    This caused numerous issues with apache, postfix, etc. To get things basically functioning, we copied the system portions of /etc/group from a similar server and that helped quite a bit, we were able to restart apache and postfix successfully.

    We have tried a variety of solutions mentioned in other threads, such as observing the ispconfig.log for issues, making minor changes in all the sites on that server in hopes that the /etc/group will be properly written back out, as well as running this query on the ispconfig database and then modifying users:

    update isp_isp_user SET status = 'u' where status = '';

    We have managed to get some users back up and running by manually adding them back to their respective group entry (many are still missing) and then re-saving their user properties including their password.

    But we have not yet found the underlying cause of the problem and it seems that our manual changes in /etc/group are being overwritten by ispconfig.

    Any rapid input would be greatly appreciated.
  2. ronee

    ronee Member HowtoForge Supporter

    update to this - we ran pwck and fixed a variety of corrupt lines and so forth with /etc/passwd and /etc/shadow, in some cases some users began magically working again without issue and in other cases user passwords must be re-established by resaving the password for a given user in ispconfig

    Any recommendations on how this can happen and how to prevent would be extremely appreciated.
  3. bpmee

    bpmee Member

    Sorry I just happened upon your post facing a similar problem.

    My /etc/group file had been emptied. The only file with *most* of the correct group info was /etc/group- (the "-" on purpose).

    I did the following:
    ]# cp /etc/group- /etc/group
    Then I manually ran ISPConfig 2's writeconf.php script, using ISPConfig 2's own php:

    ]# /root/ispconfig/php/php /root/ispconfig/scripts/writeconf.php
    If the writeconf.php script produces an error even after copying the group- file to group, you might have to rebuild some elements manually.

    I had this problem happen before and started running a backup script for /etc/group, /etc/shadow, etc files to avoid disruption. It can be run via Cron daily, hourly, or whenever

    Warning: This script force copies the respective files to a [filename]-bak-[current date] copy. If you run it daily, your /etc folder will fill up with many days worth of backup copies. If disk space is low, you should probably add some code that erases backup copies older than x days....

    # Backup Passwd and Shadow Files
    cp -f /etc/passwd /etc/passwd-bak-$(date +%Y%m%d%H%M%S);
    cp -f /etc/shadow /etc/shadow-bak-$(date +%Y%m%d%H%M%S);
    cp -f /etc/group /etc/group-bak-$(date +%Y%m%d%H%M%S);
    cp -f /etc/gshadow /etc/gshadow-bak-$(date +%Y%m%d%H%M%S);
    echo Finished;

Share This Page