0
Today a colleague was told to reformat their Ubuntu 10.04 drive since someone had hacked the root user password.
So, I attached my backup drive and did
sudo rsync -routi /home/user /media/backup/
sudo rsync -routi /usr/local /media/backup/
sudo rsync -routi /etc /media/backup/
Rsync took a long time on the home directory, and the output indicated that the files were being copied to the correct location on the backup drive, although I did not confirm this after the rsync by listing the files in the backup directory.
They then did a fresh reinstall of Ubuntu. However, now, I can not find the files that I had rsynced, although no work was lost since the /home/user/work directory had been backed up daily.
Can anyone help me figure out where these files might have gone? Is it possible that this is related to the fact that the system's security had been compromised?
David LeBauer
Posted 2010-11-01T23:07:35.000
Reputation: 700
I will try find tomorrow and let you know. I backed up /etc as recommended by the sys admin and /usr/local as recommended elsewhere (http://superuser.com/questions/65346/how-can-i-copy-my-ubuntu-9-04-linux-filesystem-to-another-computer)
– David LeBauer – 2010-11-02T01:51:15.240I can see backing up /etc and /usr/local for your own machine, not sure why it's required for you to back up your colleague's... but if it makes sense to you then by all means do it. – hotei – 2010-11-02T04:04:10.467
find didn't work, but thanks for the suggestion. I am trying to help my colleague get back up and running, so I am doing the same for him as I would for myself. – David LeBauer – 2010-11-02T14:10:06.780