On 10 May 2016, at 2:24, Glen Barber wrote: > On Tue, May 10, 2016 at 08:18:44AM +0200, O. Hartmann wrote: >> >> It is not only master.passwd, it is also group and several other >> config files, I suspect it is the whole bunch of files located >> in /etc/ getting reset to their initial file values. >> >> My OpenLDAP environment isn't working anymore due to /etc/pam.d >> reset. X11 doesn't start anymore due to reset of /etc/ttys. also, >> sysctl.conf has been reset. > > The change (incorrectly) invoked the 'distribution' target, so > anything that gets "touched" by that will likely be affected. > > You are correct that we should have an additional failsafe for > this kind of thing, not just a subset of files arbitrarily placed > in /var/backups via a periodic(8) script. Hmm. When working on some non-BSD open-source system, I found it prudent to backup /etc. And I'm lazy, so I went with a simple tactic of: MLET=$(awk -v "MDIG=$(date +%m)" \ 'BEGIN { print substr("ABCDEFGHJKLMxyz", MDIG, 1); }') ETCTARNAME="/tmp/$(hostname -s)-etc-$(date +%Y${MLET}%d).tbz2" ETCLNKNAME="etc-$(hostname -s)-$(date +%Y${MLET}%d)" cd / ln -s etc "$ETCLNKNAME" nice tar cjf "$ETCTARNAME" "$ETCLNKNAME"/* scp -p "$ETCTARNAME" $ETCSAV_DEST:Downloads/SAV-etcs rm -f "$ETCTARNAME" "$ETCLNKNAME" The idea is to create a symlink of etc which includes a timestamp (eg: "etc-freefall-2016E10"), and create a compressed tar archive which saves all the files as being under that directory-name instead of /etc. I then copy that to a different host, and remove the archive file. Maybe I should add something like that to my own installworld script. Probably should adjust it somewhat to pay better attention to potential security issues. (you wouldn't want to copy that archive file to a public FTP server, for instance!) Then when something goes haywire, I would create a new archive and then compare the two complete sets of /etc files to see what has changed. -- Garance Alistair Drosehn = drosih_at_rpi.edu Senior Systems Programmer or gad_at_FreeBSD.org Rensselaer Polytechnic Institute; Troy, NY; USAReceived on Tue May 10 2016 - 16:28:49 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:04 UTC