backup problems

[jasonpng]

Hi there,

I've backup all the users on my server, more than 200++ using the reseller --> user backup functions.

I restore the entire backup on another new server, and i found that the user password being restored from the backup are old password that has been changed at least 1 month back.

I realised that so i try a new fresh backup by deleting all the backup tar.gz being created and then the server backup the users again.

Upon restoring the users on another server, the same happens again, old password, but the emails, websites are the latest. Nothing wrong with those.

Am i missing something here or is there any reason why DirectAdmin is restoring password that are outdated ?

Thanks.

 

[nobaloney]

That's a great question. I wasn't aware DA even stored old passwords and looking at the backups, I don't see where they could.

Anyone?

Jeff

 

[jasonpng]

I just went through the whole backup and restoration process again, and i realized that in every users' home directory, there is a file called ".shadow"

the file ".shadow" is owned by the user and group of mail, and surprisingly, the restore process seems to retrieve the users' password from this particular ".shadow" file. Correct me if i'm wrong.

when i compare the the encrypted password in ".shadow" with the password in "/etc/shadow" for the same user, the password isnt the same.

The ".shadow" file located in the user directory seems to be some really old password they had and again, the password has been changed since and i really wonder why isnt the password in ".shadow" tally with the password in "/etc/shadow"

It is in no particular that the ".shadow" file store the email password of virtual user for that particular domain. Instead, it stores the password of the *NIX user.

someone please help.

Thanks.

 

[nobaloney]

Interesting.

I have a theory but rather than be wrong, I'll just bring the post to DA staff's attention and see if I'm right .

Jeff

 

[DirectAdmin Support]

Hello,

There was a short period of time where the .shadow files were the DA process didn't escalates it's privileges to write the .shadow, so the rewriting of it for password changes. When a user changes his/her pass, this file was not updated. The backups would then store the older password, hence a restore would use that file to set the password on the new machine, which would give the user the old password. This file is used for exim authentication of the system user, and for the backed up password).

The problem should be fixed with the current version of DA.

Bug item: http://www.directadmin.com/features.php?id=553

John

 

[jasonpng]

Hi John,

Both the machines are running the latest version of DirectAdmin, v1.25.4

What is the best solutions now? Do i delete the ".shadow" files in machine A and re-run the reseller => backup process then transfer the files to machine B, and run the reseller => restore process ? Will this method create a backup with the latest password ?

Thanks in advance.