Ubuntu become read only with data disappearance

Recently an group was created in ubuntu 12.04 server and the user created when OS was installed was added in the group, but somehow the user got deleted from root privilege groups and privilege commands were not working So rebooted the system did #mount -rw -o remount / then added that user to multiple default groups like sudo,lpadmin,dip,cdrom etc, then rebooted the server and found to my horror that all the data in /home is gone and I am not even able to create anything it says permission denied even for touch command. Where it went wrong, any ideas on how to recitfy this is highly appreciated. Thanks in advance.

Maybe your hdd is not working corretly.
Check this with smartmontools.

Please post the result of the command:

Code:

whoami && groups

muser
muser adm cdrom sudo dip plugdev lpadmin sambashare sapp.

After rebooting I was able to make RW operations in the hoem directory, but now the problem is data has disappeared. Also it was
muser:sapp was there, now it has become muser:muser and data is gone. Also history has disappeared after taking the system to recovery mode and issuing the command #mount -rw -o remount /

I believe that your data is not gone. You just do not have access to it.
Run these commands and post the result.
To identify the /home partition:

Code:

cat /etc/fstab

To identify the ownership in /home:

Code:

ls -l /home && ls -l $HOME

To list the partitions:

Code:

sudo blkid -o list

I think his data is gone. He created a new user with the same user name. This, of course, creates a new /home/<user name> directory. As the new user had the same user name as the old user the new home directory over wrote the old.

Usually when a user is deleted that users home directory is deleted to unless saved at the time of user deletion.

That said it brings four things to mind that folks should consider when creating new users and deleting old users.
1>use a different user name
2>save the old user directory to a data partition or somewhere else
3>do back ups daily - at all times not just when messing with users
4>when doing anything with users or groups do a complete backup of the system first

I know I don't follow that advice myself as I should. Have had things bite me on the butt because of it too.

Which brings up that fine tool for the person that didn't follow that advice; testdisk.

The data should be recoverable. Doing so as soon as possible is best, each mounting of the system makes recovery a little more iffy.

You should dd the current content to a clean drive first and use it as your main drive from now on.

Recover the data on the current drive and copy to the new.

Reformat old drive and do a rsync back up daily to it. The first will take some time as everything needs copied. From then on, however, it is very fast as only changes in the system are dealt with.

cat /etc/fstab


proc /proc proc nodev,noexec,nosuid 0 0
/dev/mapper/uat--vg-root / ext4 errors=remount-ro 0 1
# /boot was on /dev/sda1 during installation
UUID=4ec88340-ce2c-463f-92ad-130da45e8393 /boot ext2 defaults 0 2
/dev/mapper/uat--vg-swap_1 none swap sw 0 0
/dev/mapper/cryptswap1 none swap sw 0 0
/usr/tmp /tmp ext4 defaults,loop 0 0


ls -l /home && ls -l $HOME

drwxr-xr-x 5 muser muser 4096 Feb 13 10:39 muser
total 8
lrwxrwxrwx 1 muser muser 56 Jun 3 2014 Access-Your-Private-Data.desktop -> /usr/share/ecryptfs-utils/ecryptfs-mount-private.desktop
-rw-rw-r-- 1 muser muser 8 Feb 12 17:35 new
lrwxrwxrwx 1 muser muser 52 Jun 3 2014 README.txt -> /usr/share/ecryptfs -utils/ecryptfs-mount-private.txt
drwxrwxr-x 2 muser muser 4096 Feb 12 14:55 t


sudo blkid -o list

device fs_type label mount point UUID
--------------------------------------------------------------------------------------------------------------------------------------
/dev/sr0 iso9660 Ubuntu-Server 12.04.4 LTS amd64 (not mounted)
/dev/sda1 ext2 (not mounted) 4ec88340-ce2c-463f-92ad-130da45e8393
/dev/sda5 LVM2_member (in use) 2VlZJi-U2NE-1WOZ-7Fj7-sg3l-AG3P-aeLECj
/dev/mapper/uat--vg-root ext4 / c5452662-0e86-4466-8e82-626f13d4c5f8
/dev/mapper/cryptswap1 swap <swap> 336c36e2-3f34-4b28-92e3-94d00fa8367f


BTW I haven't created a new user, I did usermod -a -G sudo cdrom sap lpadmin sambashare plugdev sapp muser then rebooted the system.

I think it is strange that your fstab mounts sda1, but blkid says sda1 is not mounted.
But that does not address the /home problem, which does not look good.
I would expect ls -l $HOME to list all the default folders - Desktop, Downloads, etc.
dan@skynet1 ~ $ ls -l /home && ls -l $HOME
total 12
drwxr-xr-x 60 dan dan 4096 Feb 14 04:48 dan
drwxr-xr-x 19 guest guest 4096 Dec 14 13:31 guest
drwxr-xr-x 19 guest guest 4096 Oct 29 05:50 lisa
total 336
drwxr-xr-x 2 dan dan 4096 Dec 28 05:04 bin
-rw-r--r-- 1 dan dan 97681 Jan 21 05:25 bootinfoscript2014.txt
drwxr-xr-x 2 dan dan 4096 Feb 13 11:52 Desktop
drwxr-xr-x 2 dan dan 4096 Dec 4 14:12 Documents
drwxr-xr-x 4 dan dan 16384 Feb 10 07:10 Downloads
-rw-r--r-- 1 dan dan 59516 Feb 5 06:42 mintsources.txt
drwxrwxrwx 2 dan dan 4096 Jul 2 2014 Music
drwxr-xr-x 2 dan dan 4096 Aug 21 12:22 Pictures
drwxrwxr-x 9 dan dan 4096 Feb 5 12:02 sdb2_data
drwxr-xr-x 3 dan dan 4096 Nov 18 17:06 Videos
drwxr-xr-x 3 dan dan 4096 Mar 14 2014 VirtualBox VMs
dan@skynet1 ~ $

You should tread lightly, as widget advised, and try recovery.
Hopefully, someone who knows more about LVM and encryption than I do might have an alternative.

Quote:

Originally Posted by geekslinux BTW I haven't created a new user, I did usermod -a -G sudo cdrom sap lpadmin sambashare plugdev sapp muser then rebooted the system.

When working on the cli it is a good idea to keep in mind one important thing. White space is important.

At the prompt you give commands.

The first commnad is the application that is being called to do the work. Then there is a space.

After that space comes what you want done, in this case options a and G which would be written as -aG. Then white space again.

Next would be modifiers such as the groups you want included which are listed in this fashion (from "man usermod");

Code:

-G, --groups GROUP1[,GROUP2,...[,GROUPN]]]
           A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no
           intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option.

which would look like this;
sudo,cdrom,sap,lpadmin,sambashare,plugdev,sapp

And then a white space before indicating the user "muser".

As written in your post this is not going to give much result and would hopefully generate a good bit of output in the way of errors. If it didn't do that then there are some deeper problems with your install.

If this is an example of your work in cli I would say that using LVM and Encryption, particularly encryption, is not a real good idea.

Data recovery should always be kept in mind on any type of storage device on any OS. Things happen. Do you have the needed keys to decrypt a copy of your removed data? If not you are wasting your time recovering the data.

I don't know how many people access this server but if you have a /home/<user name> on there I would assume there are other users. You can, if you don't want other users accessing your data smply use chmod to set your /home directory to 700 so that only the owner can access it.

A system can be also hardened a number of ways. It is really only after all other security measures are taken and still for some reason don't fit the use case that encryption should be considered.

In all things you need to balance ease of use, which should always take into consideration, particularly without daily backups, recovery of critical data. Encryption makes that recovery somewhat more iffy. All hardening also has draw backs in just time to get into the system.

Having a good grounding in hardening, however, will make you more articulate in expressing what you have done and better at doing those things. This in turn will make using encryption more of a tool to protect your data and less of a way to ensure absolute loss of data.