LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Where did ex-users files go? (https://www.linuxquestions.org/questions/linux-security-4/where-did-ex-users-files-go-262378/)

wmcase 12-04-2004 12:05 AM
Where did ex-users files go?
 
Hi ;

More a curiosity question than a deep cry for help, but I see how it could be.

I was fooling around creating users and groups, just to learn how.

I created a user. Logged in as the new user, created a couple of test files while trying out some programs and logged out.

Later without thinking it through, removed my new test user through the Fedora/Red Hat User Manger. His user space (is that the correct terminology) of course disappeared along with the test files. Where did the test files go? If I needed to recover them how would I go about doing that.

frob23 12-04-2004 02:26 AM
There is this magical thing known as the "bit bucket" where all the bits go when they die.

:) lol

Seriously, unless you define a different behavior the default action on almost every system is to delete all the files. Most systems have a way to achive them as part of the removal process (although a few might require you to hack something together) but if you didn't get asked where to save the files then it didn't save them.

Good thing you learned this with test files and not real data. Check the docs for your distro to see if they have a way to archive removed user's data.

dalek 12-04-2004 04:09 AM
I think frob23 is correct. In most distros when you delete the user the user directory, /home/<username>, gets deleted. If you don't have the user, why have the data that can only be accessed by him/her and root, of course?

Good luck. I think it is gone. :cry:

Later

:D :D :D :D

DavidPhillips 12-04-2004 04:28 PM
One thing that you could do is leave the user in the system and disable login for that user by setting the /etc/passwd entry for that person's login shell to something like /bin/false.

That would preserve the users files, name, and user id. Otherwise just remove the user and their files are removed as well.

frob23 12-05-2004 02:55 AM
Quote:
Originally posted by DavidPhillips
One thing that you could do is leave the user in the system and disable login for that user by setting the /etc/passwd entry for that person's login shell to something like /bin/false.

That would preserve the users files, name, and user id. Otherwise just remove the user and their files are removed as well.
While this is a good idea there are a few circumstances that might make it unfeasable. If you have a user that is causing problems they may have stuff sitting around still causing problems even if they can't log in.

After killing all their processes, it is wise to make sure they have no "cron" or "at" jobs. Then disable mail to their account. If you disable an account because they are running SETI or something on a machine and you don't allow that -- then you don't want their crontab to refire it up whenever you kill it.

It might be easier to just archive all their files with tar (you can even leave them on the disk if you want) and then delete the user. If the person needs their files you can give them the tarball. If you decide to let them back in, create the user and unpack the tarball again.


All times are GMT -5. The time now is 04:05 PM.