Rebuilding Ubuntu Server 8.04 Help!!
February 17, 2009 11:40 AM Subscribe
I recently lost a raid array on a ubuntu 8.04 server forcing me to rebuild it from scratch and/or restore data from backup. (I have copies of /var, /etc, and /home) The problem is I can't seem to rebuild the server so that it works exactly the way it did before, this is killing me!! (fyi... I inherited this system). My specific problem seems to be with Samba. I'm looking for help in two different ways... help 1) either figure out how to restore this system with what I've got backed up. Or fix samba so it works. See details below:
The previous system was Ubuntu 8.04. I've got good backups of /etc /var and /home.
What I want to do is simply build a basic install of ubuntu server 8.04 and restore /etc and /var. But this fails, because I am missing packages. I don't know what packages need to be installed to make this system complete. It seems like there should be something in my backup of /var/lib/apt should be able to tell me what packages are missing, need to installed, or reinstalled.
If I can't restore the server with the strategy above, I guess I need to rebuild the thing from scratch... which is what I've been doing and leads me to my next problem: Samba, LDAP, name resolution, and/or other unknown problems....
Samba user authenticate to openldap directory on another network. I've got nss working. I can do a #getent passwd and see ldap data. I've got my secrets.tdb setup and it seems like samba can query ldap. But I'm not sure all the naming services are working. In my /var/log/samba/log.smbd I see some errors "warning: failed to create BUILTIN\Administrators group! Can Winbind allocate gids?". (smb.conf log level = 5)
anyhow, I can post whatever log files or config files that might be helpful.
Another interesting clue to what might be wrong.... I have a win2k and wink3 server that both have shares with permissions for users from the domain that the failed Samba server was advertising. On the windows servers I've added the IP address of the WINS server on the network that the LDAP server is located... now the windows servers at least show user info in the permissions dialog box for the shares. But folks still can not authenticate to these windows shares... access is denied because of invalid credentials (or something).
Any ideas?
TIA,
Dave
The previous system was Ubuntu 8.04. I've got good backups of /etc /var and /home.
What I want to do is simply build a basic install of ubuntu server 8.04 and restore /etc and /var. But this fails, because I am missing packages. I don't know what packages need to be installed to make this system complete. It seems like there should be something in my backup of /var/lib/apt should be able to tell me what packages are missing, need to installed, or reinstalled.
If I can't restore the server with the strategy above, I guess I need to rebuild the thing from scratch... which is what I've been doing and leads me to my next problem: Samba, LDAP, name resolution, and/or other unknown problems....
Samba user authenticate to openldap directory on another network. I've got nss working. I can do a #getent passwd and see ldap data. I've got my secrets.tdb setup and it seems like samba can query ldap. But I'm not sure all the naming services are working. In my /var/log/samba/log.smbd I see some errors "warning: failed to create BUILTIN\Administrators group! Can Winbind allocate gids?". (smb.conf log level = 5)
anyhow, I can post whatever log files or config files that might be helpful.
Another interesting clue to what might be wrong.... I have a win2k and wink3 server that both have shares with permissions for users from the domain that the failed Samba server was advertising. On the windows servers I've added the IP address of the WINS server on the network that the LDAP server is located... now the windows servers at least show user info in the permissions dialog box for the shares. But folks still can not authenticate to these windows shares... access is denied because of invalid credentials (or something).
Any ideas?
TIA,
Dave
Response by poster: I've been using rsyn -aHv to move files from the backup server to the new install. I believe preserves permission, ownership, and hard links.
posted by purenitrous at 12:10 PM on February 17, 2009
posted by purenitrous at 12:10 PM on February 17, 2009
Response by poster: Also, I did do a #apt-get install samba samba-doc smbldap-tools
posted by purenitrous at 12:11 PM on February 17, 2009
posted by purenitrous at 12:11 PM on February 17, 2009
Response by poster: uhh... that would have been #rsync -aHv
(sorry for the typo)
posted by purenitrous at 12:44 PM on February 17, 2009
(sorry for the typo)
posted by purenitrous at 12:44 PM on February 17, 2009
Response by poster: also did a #apt-get install auth-client-config libpam-ldap libnss-ldap
posted by purenitrous at 12:50 PM on February 17, 2009
posted by purenitrous at 12:50 PM on February 17, 2009
Best answer: The package preseeds (used to generate some default config files, most of which are in /etc and you will overwrite later anyway) are in
Restore them:
Restore the package repository indexes:
Restore the package selections (/var/lib/dpkg/status and /var/backups/dpkg.status.0) and enforce them:
Overwrite /etc, /var, etc (you may need to pass --delete to rsync, but be careful if the backups omitted some subfolders):
(these commands may need tweaking, the chroot stuff may need to be done some other way if you don't have enough stuff in $OLDROOT)
posted by Tobu at 1:49 PM on February 17, 2009 [1 favorite]
$OLDROOT/var/cache/debconf.Restore them:
sudo sh -c 'chroot $OLDROOT debconf-get-selections | debconf-set-selections'
Restore the package repository indexes:
sudo sh -c 'chroot $OLDROOT aptitude-create-state-bundle /tmp/apt-state; aptitude-run-state-bundle $OLDROOT/tmp/apt-state'
Restore the package selections (/var/lib/dpkg/status and /var/backups/dpkg.status.0) and enforce them:
sudo sh -c 'dpkg --clear-selections; chroot $OLDROOT dpkg --get-selections | dpkg --set-selections; aptitude install'
Overwrite /etc, /var, etc (you may need to pass --delete to rsync, but be careful if the backups omitted some subfolders):
sudo rsync -avH {$OLDROOT,}/etc
(these commands may need tweaking, the chroot stuff may need to be done some other way if you don't have enough stuff in $OLDROOT)
posted by Tobu at 1:49 PM on February 17, 2009 [1 favorite]
can you get to the old /etc/samba/smb.conf and see what it says?
posted by gjc at 4:37 PM on February 17, 2009
posted by gjc at 4:37 PM on February 17, 2009
Response by poster: I lost two drives on the raid during a reboot. Bad luck I guess.
Tobu's advice pointed me in the right direction. (THANK YOU!!!) I ended up calling an experienced sysadmin/friend here in my area to help me walk through the process. Here's what we did:
1) fresh install of Ubuntu 8.04
2) copied backup versions of /var and /etc to /home/tmp/ (I used /home because it had the largest free space based on my partitioning scheme for the new drives). And of course also restored /home back to its original location.
3)friend used some perl/regular expression voodoo to compare packages between fresh install and what was backed up... I'll try and recreate the exact syntax... not sure this will be totally accurate.
#apt-get update
#apt-get upgrade
#reboot
#ls /home/tmp/var/lib/dpkg/install | perl -pe 's/\.[^.]+$/\n/' | sort -u >/home/tmp/list.orig
#ls /var/lib/dpkg/install | perl -pe 's/\.[^.]+$/\n/' | sort -u >/home/tmp/list.new
#cd /home/tmp
#diff list.orig list.new | grep '<>pkglist
#!!NOTE!! I bleive we then edited pkglist removing any kernel related packages that would have been updates when we did the #apt-get upgrade
#apt-get install `cat pkglist`
#reboot
Tried to figure out what the differences were in /home/tmp/var and /var as well as /home/tmp/etc/ /etc/ and copy important changes back into /var and /etc.
#diff -r /home/tmp/etc /etc >etc-diffs
#diff -r /home/tmp/var /var >var-diffs
then sitting in /home/tmp/etc executed the following copy commands:
cp /etc/ldap.conf /etc/ldap.conf.bak
cp ldap.conf /etc/ldap.conf
cp aliases aliases.bak
cp /etc/exports /etc/exports.bak
cp exports /etc/exports
cp /etc/group /etc/group.bak
cp group /etc/group
cp /etc/gshadow /etc/gshadow.bak
cp gshadow /etc/gshadow
less /etc/init.d/dhcp3-server
cp ldap.secret /etc/ldap.secret
cp /etc/nsswitch.conf /etc/nsswitch.conf.bak
cp nsswitch.conf /etc/nsswitch.conf
cp /etc/ntp.conf /etc/ntp.conf.bak
cp ntp.conf /etc/ntp.conf
cp /etc/pam.d/samba /etc/pam.d.bak
cp pam.d/samba /etc/pam.d/samba
cp /etc/syslog.conf /etc/syslog.conf.bak
cp syslog.conf /etc/syslog.conf
less /etc/samba/dhcp.conf
rm /etc/samba/dhcp.conf
cp samba/lmhosts /etc/samba
cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
cp samba/smb.conf /etc/samba/smb.conf
cd /home/tmp/etc/dhcp3/
cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.bak
cp dhcpd.conf /etc/dhcp3/dhcpd.conf
For Samba I needed to recreate the secrets.tdb file using the following command
#smbpasswd -w [passwd]
We ended up not really copying anything into /var. I did need to recreate a folder /var/log/samba3 for my samba logging.
The system is now more or less functional however I'm still having weird WINS problems. This server is unable to register with our primary Samba/WINS server on another network... and is causing some naming and authentication problems on this network.
Whew! Thanks again for your help.
posted by purenitrous at 12:25 PM on February 18, 2009
Tobu's advice pointed me in the right direction. (THANK YOU!!!) I ended up calling an experienced sysadmin/friend here in my area to help me walk through the process. Here's what we did:
1) fresh install of Ubuntu 8.04
2) copied backup versions of /var and /etc to /home/tmp/ (I used /home because it had the largest free space based on my partitioning scheme for the new drives). And of course also restored /home back to its original location.
3)friend used some perl/regular expression voodoo to compare packages between fresh install and what was backed up... I'll try and recreate the exact syntax... not sure this will be totally accurate.
#apt-get update
#apt-get upgrade
#reboot
#ls /home/tmp/var/lib/dpkg/install | perl -pe 's/\.[^.]+$/\n/' | sort -u >/home/tmp/list.orig
#ls /var/lib/dpkg/install | perl -pe 's/\.[^.]+$/\n/' | sort -u >/home/tmp/list.new
#cd /home/tmp
#diff list.orig list.new | grep '<>pkglist
#!!NOTE!! I bleive we then edited pkglist removing any kernel related packages that would have been updates when we did the #apt-get upgrade
#apt-get install `cat pkglist`
#reboot
Tried to figure out what the differences were in /home/tmp/var and /var as well as /home/tmp/etc/ /etc/ and copy important changes back into /var and /etc.
#diff -r /home/tmp/etc /etc >etc-diffs
#diff -r /home/tmp/var /var >var-diffs
then sitting in /home/tmp/etc executed the following copy commands:
cp /etc/ldap.conf /etc/ldap.conf.bak
cp ldap.conf /etc/ldap.conf
cp aliases aliases.bak
cp /etc/exports /etc/exports.bak
cp exports /etc/exports
cp /etc/group /etc/group.bak
cp group /etc/group
cp /etc/gshadow /etc/gshadow.bak
cp gshadow /etc/gshadow
less /etc/init.d/dhcp3-server
cp ldap.secret /etc/ldap.secret
cp /etc/nsswitch.conf /etc/nsswitch.conf.bak
cp nsswitch.conf /etc/nsswitch.conf
cp /etc/ntp.conf /etc/ntp.conf.bak
cp ntp.conf /etc/ntp.conf
cp /etc/pam.d/samba /etc/pam.d.bak
cp pam.d/samba /etc/pam.d/samba
cp /etc/syslog.conf /etc/syslog.conf.bak
cp syslog.conf /etc/syslog.conf
less /etc/samba/dhcp.conf
rm /etc/samba/dhcp.conf
cp samba/lmhosts /etc/samba
cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
cp samba/smb.conf /etc/samba/smb.conf
cd /home/tmp/etc/dhcp3/
cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.bak
cp dhcpd.conf /etc/dhcp3/dhcpd.conf
For Samba I needed to recreate the secrets.tdb file using the following command
#smbpasswd -w [passwd]
We ended up not really copying anything into /var. I did need to recreate a folder /var/log/samba3 for my samba logging.
The system is now more or less functional however I'm still having weird WINS problems. This server is unable to register with our primary Samba/WINS server on another network... and is causing some naming and authentication problems on this network.
Whew! Thanks again for your help.
posted by purenitrous at 12:25 PM on February 18, 2009
« Older Help me find academic lectures in Japanese! | Space for a 50-person video conference in LA? Newer »
This thread is closed to new comments.
posted by ijoyner at 11:47 AM on February 17, 2009