Answered By: Ben Okopnik, Thomas Adam
bonjour depuis un crash de mon serveur X j'ai sans cesse lors du reboot des messages rm : command not found
le serveur X ne se lance plus qu 'en faisant en mode console
init 3 /etc/init.d xfs start init 5 startx
bien sur je pense qu'il me faudrait d'abord recouvrer l'usage de cette commande rm , qui ne fonctionne plus , en root comme en user
I'll try and give this my best shot at translation...
"My X server crashed, and when I rebooted it, I got the following error:
rm: command not found
The X server doesn't do anything even though I type:
init 3 /etc/init.d/xfs start init 5 startx
of course, I cannot recover from the error messagem even as the root user."
[Ben] This is a much bigger problem than just an "X server crash", although I'm not sure in what way you're using the term "X server". However, one thing is apparent: your "rm" command is gone - and since it is part of "/bin", the directory that contains all your basic system commands, this is a sign of serious trouble.
[Thomas] I would summise X crased because it couldn't remove either the temp files stored in /tmp, or that the various lock files couldn't be removed from /var/run
[Ben] In order to delete "rm", someone would have to have root access to your system. If someone got it and deleted "rm" (which, by the way, is the command that is used for deleting files), there's nothing to say that they didn't delete the entire "/bin" directory - or anything else they wanted to.
[Thomas] If that were the case, Ben then the system would fail to boot at all, since "/bin/dmesg" and "/bin/login" woudn't run, hence a huge failure.
[Ben] This scenario gets just as bad as you want to imagine it, but in all cases, you need to reinstall the system, change all the passwords (particularly root), and make sure the system is properly secured.
There are other, somewhat milder possibilities - like someone with root access (maybe even you!) accidentally deleting "/bin/rm", or messing up the PATH variable used in the startup files in "/etc/init.d" (this is a best-case and very doubtful possibility.) If you're unfamiliar with the files in "/bin", you need to look at a working system and compare yours against it; in any case, "rm" should be in there.
Unless you can definitely establish that the problem was caused by your own mistake (or by anyone else who is authorized to have root access), I suggest reinstalling as I described above. If some cracker got into your system (a very incompetent one, if so - deleting "rm" is obvious _and stupid!), there's no way to tell what sort of traps or back-doors he may have left in place.
[Thomas] While it is true that it is often hard to see what a malicious cracker may or maynot have left behind in his/her wake, there are certain things known as rootkits which you can use to check to see if the security of your system has been comprimised or not. But as a general rule, a re-installation of the base files is usually a good idea.
|Meet the Gang 1 2 3 4|