I can now rule out that we were hacked or caught a virus.
As is so often the case, the problem was sitting right in front of the
monitor and keyboard: me. :-(
I was able to trace it using the backups from the backuppc server. By
default, /etc is backed up.
We use a Univention Corporate Server as a domain controller with a Samba
server for the AD domain.
When the change to config.pl took place, I tried to configure backuppc
to back up /etc of the domain controller.
It is not possible to change the ssh port on the domain controller, as
otherwise the Linux domain would not function properly.
Since it was not possible to back up the domain controller using either
tar or rsync, I had the "brilliant" idea of trying rsyncd.
In doing so, I accidentally saved the change in config.pl instead of
saving it in the domain controller's config files.
Before the change, config.pl contained $Conf{XferMethod}=rsync and
$Conf{RsyncClientPath}= "c:\\Program Files\\OpenSSH\\vss.exe".
Afterwards, $Conf{XferMethod}=rsyncd and
$Conf{RsyncClientPath}=/usr/bin/rsync. Of course, /usr/bin/rsync does
not exist on Windows clients.
Small change, big impact.
Thanks again for your help. Without you, I would probably still be
searching.
Greetings
Jörg
--
Unrast Verlag
Jörg Ehrchen
Fuggerstr. 13a
48165 Münster
Email:[email protected]
Tel: 02581/4580083
_______________________________________________
BackupPC-users mailing list
[email protected]
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: https://github.com/backuppc/backuppc/wiki
Project: https://backuppc.github.io/backuppc/
