[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] CMU on a RaQ3 - Error

Subject: Re: [cobalt-users] CMU on a RaQ3 - Error
From: Jeff Bilicki <jeff@xxxxxxxxxxx>
Date: Fri Mar 2 11:21:45 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> Jeff,
> How would I use the latest CMU to move all existing web sites and users off
> a hacked Raq3i,
> temporarily onto a Raq4 (without installing them on the Raq4), and then
> restore them onto
> the Raq3 once it's been reformatted while PRESERVING both the Site Number
> and the users passwords.
> The last run with the CMU tool trashed all the site numbers as well as all
> the passwords.

The password bug was fixed in the 1.1-13 release. This utility will _NEVER_ restore the same site number and/or exact gid. There are way too many problems with doing this, although CMU can be used as a backup utility it is not designed for taking a snap shot of a RaQ and then restoring it. It should however give correct ownership to users and site groups of the remapped uids/gids. If you are hardcoding site group name into anything, I would suggest using /home/sites/www.domain.com/ instead. 

Even though migrating off a unit, rebuilding the unit, then re-importing might
help clean the hacked system.   It might not take care of trojans or nasties left is
user dotfiles and/or cgi scripts in /home/sites directories. 

If you have been hacked, please change all of your admin passwords and ask your
users to do the same, most trojans caputre users passwords (in clear text) if 
they login.  So rebuilding the box with the same passwords will not get rid of
the crackers/script kiddies/etc.

Prev by Date: Re: [cobalt-users] chkrootkit
Next by Date: [cobalt-users] raq4 forbidden
Previous by thread: RE: [cobalt-users] CMU on a RaQ3 - Error
Next by thread: Re: [cobalt-users] CMU on a RaQ3 - Error

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index