How to Restore off a mounted slave disk (crash/hack/bad kernel)

How to Restore off a mounted slave disk on Redhat + Cpanel (crash/hack/bad kernel)

Warning: This is not to be done by the unexperienced admins bad things could happen. Hire someone.

Sometimes if you get hacked or boot with a bad kernel you need to have the datacenter mount your old drive, and install a new one with a fresh installation of redhat. First things first lets make sure you have an updated kernel, we will do it with up2date for ease of use:

Quote:

up2date -f kernel

check the grub.conf /or lilo config to ensure the settings are right. (if using lilo run this command aswell /sbin/lilo -v -v and check for errors)

Now reboot the server

Quote:

shutdown -r now

I. Mount the backup Drive

First check to see if there are any drives mounted.

Quote:

df -h

You should get something simular to this if it isent mounted yet:

Code:

[root@localhost root]# df -h Filesystem            Size  Used Avail Use% Mounted on /dev/hda2              37G  1.4G   33G   4% / /dev/hda1             101M  7.7M   88M   9% /boot none                  125M     0  125M   0% /dev/shm [root@localhost root]#

if it is mounted you will see something like this:

Code:

-bash-2.05b# df -h Filesystem            Size  Used Avail Use% Mounted on /dev/hda3              53G   31G   20G  62% / /dev/hda1              99M   14M   80M  15% /boot none                  248M     0  248M   0% /dev/shm /dev/hdc3              53G   31G   20G  61% /mnt/old -bash-2.05b#

as you can see hdc3 is the old drive, and it is mounted as /mnt/old. Yours will be diffent possibly. But keep in mind you need to know the mount point for the backup drive for the following steps.

Lets mount if not already mounted.

Quote:

fdisk -l

check for additional drives, in this tutorial we will use /dev/hdc3.

Quote:

mount /dev/hdb3 /mnt/old

now that the drive is mounted you can browse files like:

Quote:

ls /mnt/old/home

II. Rsync the files

Do these commands one by one,

Quote:

rsync -vrplogDtH /mnt/old/usr/local/apache/conf /usr/local/apache rsync -vrplogDtH /mnt/old/var/named /var rsync -vrplogDtH /mnt/old/home/* /home rsync -vrplogDtH /mnt/old/usr/local/cpanel /usr/local rsync -vrplogDtH /mnt/old/var/lib/mysql /var/lib rsync -vrplogDtH /mnt/old/var/cpanel /var rsync -vrplogDtH /mnt/old/usr/share/ssl /usr/share rsync -vrplogDtH /mnt/old/var/ssl /var rsync -vrplogDtH /mnt/old/usr/local/cpanel/3rdparty/mailman /usr/local/cpanel/3rdparty rsync -vrplogDtH /mnt/old/var/log/bandwidth /var/log rsync -vrplogDtH /mnt/old/usr/local/frontpage /usr/local rsync -vrplogDtH /mnt/old/var/spool/cron /var/spool

Next Step - Get some important files from etc:

Quote:

cd /mnt/old/etc rsync -vrplogDtH secondarymx domainalias valiases vfilters exim* proftpd* pure-ftpd* passwd* group* *domain* *named* wwwacct.conf cpupdate.conf quota.conf shadow* *rndc* ips* ipaddrpool* ssl /etc

Now would be a good time to change your password for root:

Quote:

passwd

III. Updating software and restarting services

Quote:

/scripts/upcp /scripts/updatenow /scripts/sysup /scripts/fixeverything /scripts/exim4 /scripts/easyapache /scripts/securetmp

This is needed to update cpanel information. Please note, sshd might fail and not start after running fixeverything. You have to login to whm, and go to the rpm installer and "FORCE" install opensshd-server, opensshd, opensshd-client and then restart sshd from whm.

IV. Restarting services

Quote:

/scripts/restartsrv httpd /scripts/restartsrv cpanel /scripts/restartsrv mysql /scripts/restartsrv named /scripts/restartsrv exim

After you are pleased that everything is working fine, restart the entire server.

This tutorial works 100% on redhat, 7.3, 8.0, 9.0 and fedora. it has been tested on those boxes. But remember, if you dont know what your doing them hire someone to check your server out.

Adobt from : http://www.webhostingtalk.com/showthread.php?t=232162