[03:18] <DerXero> rausch ausschlafen
[03:19] <mah> Sollst du Deutsch sprechen? :)
[03:19] <DerXero> ja
[09:28] <mdm1000> Hello.  anyone able to help me find out where Disk Manager went in Edgy, and how to add items to the Places list in nautilus?
[09:28] <owh> mdm1000: You should be in #ubuntu for that question, here we're going to see if we can help m0dY
[09:29] <mdm1000> ok, sorry
[09:29] <m0dY> owh, :)
[09:29] <m0dY> so now i have cloned sysctl.conf & passwd & shadow
[09:30] <owh> Ok, can I set some rules, or will someone smack me if I suggest that?
[09:30] <owh> For those sitting around, m0dY has done rm -rf /etc/*
[09:30] <Jordan_U> I always like a good "bring a comp back from the edge of death by it's bootstraps" challenge :)
[09:30] <owh> I strongly suspect that m0dY has already done too much "fixing" to recover it, but we'll see.
[09:31] <owh> I'd like to suggest that m0dY takes no actions until we are certain that the action won't make things worse.
[09:31] <owh> Can we agree on that?
[09:31] <m0dY> exactly at owh kindly stated, so for now althought i have passwd & shadow when i do reset the root password it gets changed in the shadow file but won't let me login with it through ssh
[09:31] <Jordan_U> I'm good with that
[09:32] <owh> Ok, first of all, I understand that m0dY's machine is Fedora, not Ubuntu. So bear that in mind if you make suggestions.
[09:32] <m0dY> owh,Jordan_U, im now in a stay still situation
[09:32] <owh> Let's get some data first.
[09:32] <m0dY> sure
[09:32] <owh> Where is the machine physically, is it with you?
[09:33] <m0dY> no, i only have ssh access to it through one session which im dying for not to loose it
[09:33] <owh> Is the machine in any way physically accessible by you?
[09:33] <m0dY> no way
[09:33] <owh> You like making things hard don't you?
[09:34] <owh> Ok, is this machine mission critical?
[09:34] <m0dY> not my choice :(
[09:34] <m0dY> yes
[09:34] <owh> Give me a $ per day figure if you can.
[09:34] <m0dY> i actually was having about 7 ssh sessionn opened and mis choosed the right window and gone through my way
[09:35] <nothlit> If you can't log in as root, its probably because the sshd_config isn't set to allow that
[09:35] <nothlit> but thats not a safe thing to do
[09:35] <owh> That's because there is no /etc directory left :-)
[09:36] <nothlit> oh
[09:36] <m0dY> nothlit, no, i have this option enabled in sshd_config
[09:36] <owh> So, are we talking big fish, or really annoying if we completely break it?
[09:36] <owh> m0dY: Not anymore you don't.
[09:36] <nothlit> m0dY, you shouldn't, you can always su/sudo
[09:36] <m0dY> no no, i have all FOLDERS in /etc/ but lost all FILES only
[09:36] <nothlit> people know the root account exists
[09:37] <owh> m0dY: Then you didn't do rm -rf /etc/*
[09:37] <nothlit> just reinstall all the progs that are missing configs
[09:37] <nothlit> or dpkg-reconfigure them
[09:37] <owh> Because if you did. there would be no directories.
[09:37] <Jordan_U> No he said he did an rm -f /etc/*
[09:37] <owh> nothlit: Can you please read back to what we started with?
[09:37] <m0dY> nothlit, i have ssh access tighted for one ip only which is my personal one
[09:37] <m0dY> owh, yes, only rm -f /etc/*
[09:37] <owh> *excellent*
[09:38] <nothlit> oh sorry
[09:38] <owh> Back in a tick.
[09:39] <m0dY> i now have /etc/{fstab,mtab,passwd,shadow,sysctl.conf,yum.conf} in place
[09:39] <owh> Hmm, that means that the *only* files missing are the ones in /etc/ directly, not any files in the sub directories.
[09:39] <owh> Wait up.
[09:39] <m0dY> i also check the proper permissions for those files when creating them
[09:40] <owh> That's not our immediate problem. Your users and password file is the first problem.
[09:40] <m0dY> owh, no.. thanks god sub directories wasn't touched
[09:40] <owh> Let me explain.
[09:40] <m0dY> yeah sure
[09:40] <owh> Each user when it is created gets assigned a number, called the UID.
[09:40] <m0dY> yeah, know that
[09:40] <owh> That number is used to allocate permissions to *all* the files on the system.
[09:41] <m0dY> yes
[09:41] <owh> If you just stuff any users into the machine, all the permissions will be broken.
[09:41] <owh> Including the permissions used to boot the machine.
[09:41] <owh> So, you cannot just create a user/password/group file and cross your fingers.
[09:41] <Jordan_U> ( curious ) including single user mode?
[09:41] <m0dY> owh, ok
[09:42] <nothlit> single user mode = root only
[09:42] <owh> In fact, the more users you create, the worse it gets.
[09:42] <m0dY> sure
[09:42] <owh> Hi Darst m0dY has just removed all the files in /etc :-)
[09:42] <Jordan_U> nothlit: I know, I was asking if you would still be able to boot in single user mode if you screwed up permissions
[09:42] <m0dY> i added only what was in,, i hardly used my memory to remember all
[09:42] <Darst> Hey Owh... m0dy... ouch...
[09:42] <owh> Now, the suggestion of booting into single user mode is valid, but only if there is enough information to boot.
[09:43] <m0dY> Darst, =(
[09:43] <Jordan_U> Darst: But none of the directories luckily
[09:43] <owh> Because the machine is remote, we cannot just stick a CD in the drive, boot into rescue mode and cross our fingers.
[09:43] <nothlit> all your init files are still intact?
[09:43] <owh> Yes
[09:43] <Darst> So we have the ability to rebuild ... make it stronger, faster?
[09:43] <Darst> :D
[09:43] <nothlit> but the service configs arent
[09:43] <owh> Correct.
[09:44] <m0dY> nothlit, all are in yes
[09:44] <owh> And stuff like resolv.conf, etc.
[09:44] <owh> Which we'll all need if we're going to be able to remote connect to this machine ever again.
[09:44] <owh> So, we won't be just fiddling :)
[09:44] <nothlit> can you grep the disc for those files?
[09:45] <owh> Not really.
[09:45] <nothlit> what filesystem are you using
[09:45] <m0dY> ext3
[09:45] <owh> There are undelete tools for ext2 file systems, but they require that the software is installed, we're not at that point yet :-)
[09:45] <owh> Also, they require that the drive is unmounted, bit hard if we're running off it.
[09:46] <owh> So, that's not yet an option.
[09:46] <owh> Also m0dY didn't help by starting to fix things :-)
[09:46] <Jordan_U> owh: Possibly eventually clever use of toram
[09:47] <m0dY> i only started cloning files with their default contents from another machine which have almost the same configuration and added users
[09:47] <owh> Hmm, if we can launch stuff, but likely we won't be able to do.
[09:47] <owh> m0dY: Which files have you now created?
[09:47] <owh> (You can run the ls command :-)
[09:48] <m0dY> passwd,shadow,sysctl.conf,resolv.conf,yum.conf,group,updatedb.conf
[09:48] <m0dY> shells,vimrc
[09:48] <nothlit> what about that military recovery tool on sourceforge
[09:48] <m0dY> sudoers
[09:49] <m0dY> nothlit, got no idea about it
[09:49] <owh> nothlit: How do you propose to use that if you cannot boot off a rescue cd, cannot get to the machine physically, and have one working ssh session left?
[09:49] <nothlit> can't install anything?
[09:49] <nothlit> I don't know how yum works so
[09:50] <owh> Ok, I'm opening up the floor for suggestions, keep it short, give some extra details if we need to understand your proposal.
[09:50] <m0dY> nothlit, well, all u need to know about yum is that you can't do a re-install-all-pkgs just like that
[09:50] <Jordan_U> owh: Is there any chance that the files which are still in use ( and thus not yet really deleted ) can somehow be recovered?
[09:50] <owh> So, one suggestion is to do the equivalent of dpkg-reconfigure --all.
[09:50] <m0dY> also yum checks BUNCH of files under /etc so i don't suggest touching it also
[09:51] <owh> Excellent suggestion Jordan_U, I was reading about that last week.
[09:51] <owh> So, that's the second suggestion.
[09:51] <owh> Any other takers?
[09:51] <owh> I suppose one suggestion is to recreate each file manually.
[09:52] <owh> If we can get ssh working, we can copy stuff across.
[09:53] <owh> Ok, how does the room feel about attempting to ssh out of the broken box back to our console? Anyone know of any files that will break?
[09:53] <m0dY> owh, yeah i think that will be the most safe way and if i just could get ssh to work back again i could then restore each file even in a month but i won't be afraid of loosing totaly root access
[09:53] <nothlit> so why doesn't grepping the disc work?
[09:54] <owh> nothlit: Because the disc is live and has been written to, besides, Jordan_U's suggestion of recovering files that are open is a good one.
[09:54] <m0dY> owh, recover by using ?
[09:54] <Jordan_U> owh: If they are open they havn't been written over and therefore should be grepable
[09:54] <nothlit> that should work for some of the files
[09:54] <owh> Exactly. The ones that are open still.
[09:55] <owh> Ok, stop for a moment.
[09:55] <owh> Does anyone recall the process using /proc or /sys, or do I need to google that?
[09:56] <m0dY> owh, that's a briliant one
[09:56] <owh> Ok, m0dY on the broken machine, run the command "lsof|grep /etc"
[09:57] <owh> What that will do is list the open files in etc.
[09:57] <m0dY> ok
[09:57] <Jordan_U> Does that include open but "deleted" files?
[09:57] <m0dY> ok
[09:58] <m0dY> http://pastebin.ca/272804
[09:58] <owh> I expect it to.
[09:58] <m0dY> nothing good in that
[09:59] <owh> Hmm funnily enough, that's identical to mine :-)
[10:00] <owh> Ok, read this for background information: http://www.hackinglinuxexposed.com/articles/20020507.html
[10:00] <m0dY> i c
[10:01] <m0dY> ok
[10:02] <owh> Hmm.
[10:02] <owh> As I investigate my own machine, I notice no processes that appear to have any files open in /etc/
[10:02] <m0dY> so actually there could be places storing files under etc ?
[10:02] <owh> Huh?
[10:03] <owh> I do not understand what you are asking me.
[10:03] <m0dY> i mean under /proc there could be files loading some info from files under /etc/ so i could get what was in back
[10:04] <cafuego_> there are no files in /proc
[10:05] <m0dY> pointers or something?!
[10:05] <cafuego_> not quite, but you can think of them like that
[10:05] <m0dY> yeah
[10:05] <owh> No, proc is the representation of information in memory, including inodes which exist on disk, which is where the file still exists until it's closed.
[10:05] <cafuego_> they're hooks into the kernel that cause the kernel to print info when they're accessed
[10:06] <owh> Ok, on the broken machine, can you ping the Internet?
[10:06] <cafuego_> if you deleted an open file, then indeed the kernel won't free the disk space
[10:06] <m0dY> owh, after restoring resolv.conf, yes i can
[10:06] <owh> Have you already done that?
[10:07] <m0dY> yes
[10:07] <owh> So, you can now ping the Internet?
[10:07] <m0dY> yes
[10:07] <owh> On your working machine, is there a file called /etc/hosts.equiv
[10:08] <m0dY> only ..... "host.conf    hosts        hosts.allow  hosts.deny"
[10:09] <owh> Did you have the locate command installed on the broken machine?
[10:09] <m0dY> yes and i managed to bring it back to life
[10:09] <m0dY> both locate & find are now working
[10:09] <owh> How *exactly*?
[10:10] <m0dY> well, restored the updatedb config file and added the line for the users slocate and ran updatedb
[10:10] <owh> FUCK.
[10:11] <owh> All was fine until you ran updatedb.
[10:11] <m0dY> :S
[10:11] <owh> At that point you destroyed the list of files in /etc/
[10:11] <m0dY> what da hell have i done !?
[10:11] <owh> Sigh.
[10:11] <owh> Ok, well, onwards and upwards. Sorry for the expletive.
[10:11] <m0dY> well, i think i cant tell what files exactly was under /etc/
[10:12] <owh> No, your computer could, you're just guessing.
[10:12] <m0dY> im hittin my head to the wall now anyhow
[10:12] <m0dY> no i can get it from the current machine
[10:12] <m0dY> the working one
[10:12] <m0dY> just the problem is in the contents
[10:12] <owh> No, they are different.
[10:13] <m0dY> different in names ?
[10:13] <owh> The OS is a different version, anything that is the same is accidental.
[10:13] <owh> I mean, that's overstating it, but essentially true.
[10:13] <m0dY> yeah with u in that
[10:14] <owh> The problem is this. The files in your /etc directory might have been modified since they were installed, either by you, by someone else, or by another application coming along and tweaking it when it was being installed.
[10:14] <owh> So, we have a problem.
[10:14] <m0dY> yes im awar of that
[10:15] <m0dY> *aware
[10:15] <owh> Ok.
[10:15] <owh> On the broken machine, try to ssh from the broken computer to the working computer. Nothing fancy, just an ssh.
[10:15] <nothlit> he just wants to restore basic functionality first though
[10:15] <m0dY> but actually if i even get the machine to its state as a newly installed machine then i would easily add the newly added stuff
[10:16] <m0dY> ok
[10:16] <owh> nothlit: Sure, but that basic functionality also includes the layout of his drives, essential services and usernames and passwords.
[10:16] <owh> nothlit: All of which are different from a standard config file.
[10:17] <owh> So, a newly installed machine might be what you think you want, but it isn't really.
[10:17] <owh> So, does the ssh out of the broken box work?
[10:17] <nothlit> its mostly the services really
[10:17] <nothlit> what was this machine's purpose?
[10:17] <owh> nothlit: Some of which we'll require to connect to it again.
[10:17] <m0dY> owh, no ssh out of box not working
[10:17] <owh> m0dY: What does it do?
[10:18] <m0dY> no, it works.
[10:18] <owh> Say that again, the ssh out of the broken box works?
[10:18] <m0dY> im in the working machine now through the broken one
[10:18] <m0dY> yes, it works
[10:18] <owh> Excellent.
[10:18] <nothlit> m0dY, did you recreate your fstab yet?
[10:19] <owh> Hold on, one thing at a time.
[10:19] <m0dY> yes, fstab & mtab
[10:19] <owh> m0dY: Go to the /root directory
[10:19] <owh> That is on the broken machine.
[10:19] <m0dY> in it
[10:19] <nothlit> well he's not unmounting the disc and using recovery tools, its better to do it now so he doesn't miss it
[10:20] <owh> So, you'll need to close the ssh session from the broken to the working machine, then go to the /root directory
[10:20] <m0dY> yes, i got u on that
[10:21] <owh> What I intend to do is copy the files from the working computer onto a backup directory on the broken machine, then deal with them one at a time. Any objections?
[10:21] <m0dY> now in the /root of the broken machine
[10:21] <m0dY> scp maybe ?
[10:21] <owh> Just to be sure, we're not talking /, we're talking the home directory of the root user.
[10:21] <m0dY> yeah man
[10:21] <m0dY> :)
[10:22] <owh> Ok, make a directory /root/working
[10:22] <m0dY> ok
[10:22] <owh> Go into it.
[10:22] <m0dY> ok
[10:23] <owh> scp -r root@working:/etc/ .
[10:23] <owh> That will copy the whole /etc tree from the working machine.
[10:23] <owh> We're going to do that to get a sense of differences between the two.
[10:24] <m0dY> ok
[10:24] <owh> Done?
[10:25] <m0dY> fixing some ssh issue and will be done now..
[10:26] <owh> Now we'll make a different directory with just the files we're going to play with: cd /root && mkdir working-files && cd working-files && scp root@working:/etc/* .
[10:26] <owh> That will copy just the files in /etc, not the directories.
[10:28] <owh> The intention is to diff the /etc on the working machine with that of the broken machine, so you can determine what things are different, that is, differences in configurations, packages, etc. Don't think of it in terms of actual options, think big picture.
[10:29] <m0dY> ok its now transferring
[10:29] <owh> The next step is to one by one move a file from working-files into /etc and fix them locally one at a time.
[10:29] <owh> That won't get everything done, but it should be most of it.
[10:29] <owh> Are there any comments people want to make?
[10:29] <m0dY> that would be the good way to go
[10:30] <owh> Any thing I've forgotten?
[10:30] <owh> As nothlit suggests, make sure that fstab and mtab are correct, without them nothing will mount.
[10:30] <nothlit> nah, pretty great simple solution to get a working system
[10:31] <owh> The fdisk -l command should help you determine your mount points.
[10:32] <nothlit> m0dY, do you remember any services you may have installed on this broken machine that aren't on the working one?
[10:32] <owh> I'm going to be eating dinner shortly, I'll leave this session open. I'll be back after some digestion. Feel free to stick around. Anyone who needs to reach me: http://itmaze.com.au/
[10:32] <m0dY> nothlit, both are almost clones in all services/settings/configurations
[10:32] <nothlit> also make absolutely sure all the networking files are set up correctly
[10:32] <owh> My single recommendation is to take it very slowly, do one file at a time, nothing in bulk, check and re-check, assume the worst.
[10:32] <m0dY> oh yeah
[10:33] <owh> Oh, and do a backup :-)
[10:33] <m0dY> owh, definitely will =''(
[10:33] <owh> Have fun :-)
[10:34] <m0dY> owh, bunch of THANKS for sticking along with me all this
[10:34] <m0dY> and many big THANKS for all in this room
[10:34] <m0dY> ill go with my way now and will update if i faced any problems
[10:35] <nothlit> that sucks that yum can't resolve those issues
[10:35] <m0dY> nothlit, thats suck that im using fedora on a production box
[10:35] <m0dY> which i would definitely won't be doing anymore
[10:40] <Jordan_U> What sucks is that you neglected to back up, which you DEFINATELY won't be doing any more :)
[10:46] <m0dY> Jordan_U, i will be doing backups in future
[10:47] <nothlit> mondo is a great tool for backups, cd, dvd, tape, nfs
[10:48] <m0dY> will check it out
[10:49] <nothlit> its gpl
[10:49] <nothlit> ' Mondo is in use by Lockheed-Martin, Nortel Networks, Siemens, HP, IBM, NASA's JPL, the US Dept of Agriculture, dozens of smaller companies, and tens of thousands of users.'
[10:50] <m0dY> and gpl !?
[10:50] <nothlit> yup :)
[10:50] <m0dY> www.mondorescue.org/ ?
[10:51] <nothlit> and the rescue discs it burns are bootable/restore themselves and yep
[10:52] <nothlit> you might be able to install it with yum
[10:52] <nothlit> after you finish doing all your recovery
[10:54] <m0dY> yeah im wokrin on it
[10:55] <nothlit> quintuple check your work
[10:56] <nothlit> also you can use make recovery isos to burn
[11:07] <owh> So, how did it go?
[11:11] <nothlit> i think hes still working on it
[11:11] <owh> Cool, well I'll be off for the evening if that's the case.
[11:12] <owh> Thanks for your input nothlit and Jordan_U!
[11:48] <m0dY> for all who helped me out here, the trick is done and box is fully functional again =D
[11:49] <m0dY> thanks owh, nothlit, Jordan_U....
[05:16] <ken> hi
[05:30] <jrib> bye
[06:12] <nalioth> jrib: you about?
[06:12] <jrib> nalioth: yep
[06:12] <jrib> what's up?
[06:12] <nalioth> you wanted something fixed ?
[06:13] <nalioth> 1165682117 10:35 < jrib> Can someone add a link to the schedule in -classroom?
[06:14] <nalioth> you can deop yourself when you're done  :)
[06:14] <jrib> thanks
[06:19] <nalioth> fanks?
[06:34] <JurB> irc.gnome.org