The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

restoring server from backup

Discussion in 'General Discussion' started by Aerethorn, Jul 28, 2006.

  1. Aerethorn

    Aerethorn Registered

    Joined:
    Aug 18, 2005
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    hello all, a client of the company i work for, had his server compromised (r00ted), the bakcup that was done only has the following

    root@www1 [/old]# ls
    ./ ../ home/ home2/ httpd/ lost+found/ var/ root/.my.cnf
    root@www1 [/old]# ls var
    ./ ../ cpanel/ lib/ log/ named/ spool/
    root@www1 [/old]#
    root@www1 [/old/var]# ls cpanel
    ./ addonwhmversions/ deleteddomains futex-test* mmpass proftpdconvert updatelogs/
    ../ adminsessions/ dnsrequests hordepass mysqlup quotawarned usecpphp
    accounting.log bandwidth/ eximstatspass iclevels.conf neomail/ repquota.cache users/
    accts.db buildapache.config.pl eximup ipchangeinprogress newaccts/ root.accts useup2date
    activate/ bwlimited/ features/ jailshell2 noanonftp sessions/ version/
    addoncpanelversions/ clevels.conf fileprotect lang.cache/ notifications/ smtpgidonlytweak whmtheme
    addonmodules Counters/ fixedsqlstatment lastrun/ objcache/ suexecpatch zonetemplates/
    addonmoduleversions/ cp76maillists fpconvert13 logs/ packages/ suspended/
    addonscripts cpanel.config frontpagepassthrough4.2 mailman2 perl/ suspendinfo/
    addonscriptsversions/ CPDNSLib.dat ftpup mailman2converted phpopendomains upcpcheck


    is there any way to restore this data without risks of missing information?

    the httpd configuration files and named zones are on the backups.
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Are you sure these files are not blank? Does he have *.tar.gz or incremental backup for his sites and DBs? Or all of that is gone?
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Without the files from /etc you might be in for a bit of a struggle. Obviously the /home data is fine for the user files. The important files in /var/cpanel are users/ features/ packages/ if you restore those plus the home files, plus /var/lib/mysql/ and /var/named and the httpd.conf files.

    The next major hurdle will be recreating /etc/passwd which can be done using:

    /scripts/rebuildetcpasswd

    However, you have to be very careful with that script and be sure to backup /etc/passwd /etc/shadow /etc/gshadow and etc/group before playing with it.

    After that's been run all none of the cPanel accounts will have passwords set. Next step would be to try running through the following:

    /scripts/rebuildnamedconf
    /scripts/updateuserdomains
    /scripts/fullhordereset
    /scripts/fixeverything
    /scripts/upcp --force


    Hopefully that will recreate most of what you need, but there are likely to be big holes and you'll have to set each and every cPanel account password.

    Ultimately, it might be simpler to recreate each account through WHM individually and then restore the /home data for the account and then correct the files ownerships.
     
Loading...

Share This Page