0

Terribly sorry for this basic question, I'm a newbie to the linux world.

Currently I have a RHEL 7.5 machine which should normally have the following stuff under /var directory: adm, cache, crash, db, empty, games, gopher, kerberos, lib, local, lock, log, mail, nis, opt, preserve, run, spool, tmp, yp

and now the directories: "kerberos", "local", "mail", "nis", "opt", "preserve", "yp" were missed.

This RHEL 7.5 machine is used to run Cassandra.

After some googling and thinking, I collected 2 critical options to restore these missing directories:

  1. restore from other RHEL's backup(there's more than one such RHEL 7.5 machines running Cassandra and they all have almost the same config., system, directories, accounts and files.)
  2. using the RHEL installation ISO(rescue mode).

I examined other RHEL machines (which are 99% identical to the one that missed directories) to see the importance of the missing directories and found that the "kerberos", "local", "nis", "opt","preserve","yp" are empty and the size are 4.0K respectively. Only the "mail" directory do have some user accounts' data in sub-directories.

So I assumed that recreating the "mail" directory might be the most important task despite I'm not sure about how to rebuild the "mail".(seemed that other directories can be created manually and I know it's easy.)

Can anyone give me some hints about how to restore directories with minimum impact to the current system? I hope I don't need to reinstall the whole system...

Thanks in advance!

*Added:

Currently, I got some output listed below,

  1. df -h
Filesystem Size Used Avail Use% Mounted on /dev/mapper/rhel-root 87G 4.3G 78G 6% / devtmpfs 16G 0 16G 0% /dev tmpfs 16G 0 16G 0% /dev/shm tmpfs 16G 33M 16G 1% /run tmpfs 16G 0 16G 0% /sys/fs/cgroup /dev/sda2 976M 112M 798M 13% /boot /dev/mapper/rhel-home 2.0T 763G 1.1T 41% /home tmpfs 3.2G 0 3.2G 0% /run/user/0
  1. df /var
Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/rhel-root 90695520 4479244 81586160 6% /
  1. the result of journalctl -b |grep /var including the following messages:(some of them are repeating)
rsyslogd[1337]: $WorkDirectory: /var/lib/rsyslog can not be accessed, probably does not exist - directive ignored [v8.24.0 try http://www.rsyslog.com/e/2181 ] postfix/sendmail[1387]: fatal: chdir /var/spool/postfix: No such file or directory
  1. the output of journalctl |grep /var/log only showed 4 messages:
auditd[792]: Could not open dir /var/log/audit (No such file or directory) systemd[1]: Starting Dump dmesg to /var/log/dmesg... systemd[1]: Started Dump dmesg to /var/log/dmesg. sa1[807]: Cannot open /var/log/sa/sa27: No such file or directory

It seemed that the situation is still confusing due to insufficient clues from logs... but again, I still appreciate everyone's assistance.

Improve this question
4
  • 1
    It would help to know how you ended up in this situation - please edit your question and include what steps lead up to this. Commented Jan 27, 2022 at 12:42
  • thank you Panki. The trouble is this situation isn't caused by me and it is too difficult to trace back. I checked the bash history but couldn't (or maybe due to lack of linux knowledge) found any useful clues. Really sorry. Commented Jan 28, 2022 at 5:20
  • Try to examine the output of journalctl -b (all syslog messages for the current boot). What does df /var output? Commented Feb 3, 2022 at 21:12
  • @U.Windl thanks for the hints. however, I dont see clues that are helpful, guess this situation already happened long time ago therefore the traces are hard to find. Commented Feb 8, 2022 at 9:11

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.