Nobody can login our productive server

From: Marques, Virginia (virginia.marques_at_eds.com)
Date: 06/26/03

  • Next message: Bruntel, Mitchell L, SOLCM: "ksh as root (snipped)" 
    To: sunmanagers@sunmanagers.org
Date: Thu, 26 Jun 2003 14:35:11 +0100

    One person this morning did a rm * on / partition with user root. After that
    no one can login to the server this person logoff before notifying us what
    he did.
    The problem was that no one has access to ksh because in the / partition
    there is a link that was removed:

    #pwd
    /
    #ls -l bin
    lrwxrwxrwx 1 root root 9 Jun 26 09:35 bin -> ./usr/bin

    and every user in my /etc/passwd has the shell /bin/ksh (also root)

    We decided to ask the customer to shutdown the server in order to start-up
    from cdrom, recreate the links and start-up again. But the main problem is
    that we have VxVM with encapsulated boot disk(s). So we had to:

    - Shutdown (Stop-A)
    - Ok> Boot cdrom -sw
    - mount / partition:
            #mount -F ufs /dev/dsk/c0t0d0s0 /a
    - recreate removed links
            # cd /a
            # ln -s ./usr/bin bin
            # ln -s ./usr/lib lib
    - Now comes the VxVM section we had to modify /etc/system and /etc/vfstab
    files in order to tell VxVM not to start. And also in directory
    /etc/vx/reconfig.d/state.d we had to:

            # rm root-done
            # touch install-db
            # init 0
                    ok> boot disk

    - Next step: encapsulate boot disk with vxinstall and leave other disks
    alone.
    - After two more reboots system is up with VxVM now we had to mount all
    other partitions and customers begin to work again.

    (now we have to initialise three other disks we had in rootdg and make the
    boot disk mirror)

    That all took 50 minutes. My question is (and please, excuse the long mail
    and the bad English): is there a better way to do this in order to reduce
    the time in then the server is down?. I mean to reduce the reboots (4 in
    this version).

    Kind regards,
    Virginia
    _______________________________________________
    sunmanagers mailing list
    sunmanagers@sunmanagers.org
    http://www.sunmanagers.org/mailman/listinfo/sunmanagers

  • Next message: Bruntel, Mitchell L, SOLCM: "ksh as root (snipped)"

    Relevant Pages

    • Re: Rebuilding SBS Server 2003 SP2
      ... issues with exchange system manager because the SSL server name ... figured a rebuild was the perfect time to investigate these (chuck more RAM ... lot with re-installs but havent a clue with partition sizes with SBS, ...
      (microsoft.public.windows.server.sbs)
    • Software Raid for clones
      ... Personally I inherited this E6750 ASUS motherboard and wanted thought I'd build a nice server for general use. ... I added 4 SATA 250 Gb disc drives and after reading about the horrors & failures of the cheapie Raid controllers, I decided to try Linux software raid. ... I got a message from every MD partition that there were not ... Disk partitions and LVM limits ...
      (RedHat)
    • Re: SBS2003 Partitioning
      ... sell a server to a customer to maximise billing hours. ... I realise that capacity is all down to the business that you are selling to ... just makes our experiences different. ... If the partition is on the same set of spindles then I could care ...
      (microsoft.public.windows.server.sbs)
    • Re: Is it possible to redirect the default user shares?
      ... The server is a rack mounted HP ProLiant ML 350 G4 and the integrated NIC ... I understand most people thatr design a server around W2k3 SBS Premium start ... OS partition and only a single additional partition if the underlying drive ... RAID1+RAID5) it may be worthwhile putting the shadowcopies from one array on ...
      (microsoft.public.windows.server.sbs)
    • RE: use of base image / delta image for automated recovery from a ttacks
      ... base disk image shared by multiple virtual machine instances. ... your basic web application might have a web server ... partition and the changeable datafiles on another partition. ... Apache to install a trojan or a backdoor on the more exposed web server. ...
      (SecProg)