# ssl cert root cannot remove - nightmare!

## namaman

Ok.  In all my gentooing I have never seen this happen at all.   :Sad: 

Im still not sure why, but my firefox started acting reeeally slow. and as I was entering in a https address the whole screen froze.  Because it was non responsive I did a hard reboot *ouch*.  NOW I have an SSL cert that wont delete because its locked for some reason.  As root:

ls -la /etc/ssl/certs/README.RootCerts

ls: cannot access /etc/ssl/certs/README.RootCerts:Permission denied

rm -f /etc/ssl/certs/README.RootCerts

rm: cannot access /etc/ssl/certs/README.RootCerts:Permission denied

I have tried stat and chattr, rm of course...  Im guessing because the user is an unknown user (when i look it says all question marks ??????) that its not allowing root to erase that file because it doesnt belong to root but chmod and chown didnt work either.  AND i cant reach the internet because nothing ssh, net, etc. wont start up!  What an ugly mess.

Now the kicker.  I have already thought about just inserting the live cd and see what that does.  The new 2008 live cd doesnt have my new mobo sata chipset compatibility so all live cds (other than gentoo too ie knoppix) that i have tried DO NOT find my sata drives either!  SO i downloaded gparted (reading another post) and gparted wont bring up X for some reason so I cant run the diagnostic HD programs, BUT it did give me a terminal so I try that and it DID locate my sata drives, HOWEVER, it couldnt erase the file either spitting up a ton of errors.  SO next, thinking this could be a filesystem problem I tried fsck to no avail.

I thought in the Linux world root is the top, but cant seem to fix this!

Worst part about this is that because the gentoo live cd has problems with my new mobo I CANT EVEN REINSTALL IF I WANT TO!

ANYONE have an idea how I can get out of this nightmare???  Thanks in advance.

----------

## desultory

The file system is corrupted. Use fsck, on that partition to fix the problems. It is generally preferable to use a live CD or the equivalent, but you could shutdown -F $when then use the local copy of fsck when the system next boots. Once that is done, you should be able to delete the file normally.

----------

## namaman

No such luck...  did as you said.  Executed with message after shutdown -F.  Full FSCK on next start up.  Rebooted.  fsck was done, but...

rm /etc/ssl/certs/*

rm: cannot remove '/etc/ssl/certs/README.RootCerts":Permission denied

SO thought I would try fsck /etc/ssl/certs/*

fsck 1.41.3

e2fsck 1.41.3

fsck.ext2: Permission denied while trying to open /etc/ssl/certs/README.RootCerts

You must have r/w access to the filesystem or be root

BUT I AM ROOT   :Laughing: 

----------

## desultory

 *namaman wrote:*   

> No such luck...  did as you said.  Executed with message after shutdown -F.  Full FSCK on next start up.  Rebooted.  fsck was done, but...

 Just to be sure, were any errors found when it ran? What messages did it present? Did it ask any questions at all?

 *namaman wrote:*   

> SO thought I would try fsck /etc/ssl/certs/*
> 
> fsck 1.41.3
> 
> e2fsck 1.41.3
> ...

 There is no provision that I am aware of in any variant of fsck to check the integrity of the entries relevant to a given file, even if there are invoking it in that manner is in effect attempting to treat that file as an image of a file system which is very much not what is desired at this point.

----------

## namaman

Thanks for your help.

I just checked the output on reboot.  For some reason it looks like its fsck'n the wrong partitiion.  On bootup it says:

* Checking all filesystems ...

* A full fsck has been forced

/dev/sda1: 81/36144 files (44.4% non-contiguous), 68580/144552 blocks

How can I make it fsck /dev/sda2 (system partition) on bootup?

Also another post says to try single user mode.  Im going to try that now and see if that gets me any further.

----------

## namaman

Trying to delete the file in single user mode did nothing either   :Rolling Eyes: 

----------

## desultory

 *namaman wrote:*   

> Also another post says to try single user mode.

 As in, try to use fsck in single user mode?

----------

## namaman

Everything I try seems to fail.  I just tried in runlevels 1 and 3 to shutdown -F.  I still cannot delete this stupid file!  I checked dmesg and it says:

ReiserFS: sda2: warning: vs-13070: reiserfs_read_locked_inode: i/o failure occured trying to find stat data of [5682217 5682219 0X0 SD]

Still have no idea how to repair the filesystem   :Confused: 

----------

## desultory

Switch to single user mode, verify that /dev/sda2 is mounted read only, run reiserfsck --check /dev/sda2, that should tell you what needs to be done to fix the corruption.

----------

## namaman

Thanks for all the help guys.  Unfortunately, it was all a lost cause...   :Crying or Very sad: 

For those reading this with the same problem as I had.  I went into single user mode and I fsck'd the drive and then re-fsckd the drive with

reiserfsck --rebuild-tree

... but it must of screwed up the filesystem table data because I couldnt even mount the partition after I did it.

That really got me panicing!  Unfortunately it has been a little while since I backed up my HD and then I started thinking about the data I would lose by this little incident.  I then started to care more about backup recovery rather than saving the OS.

IF you ever have this trouble, I HIGHLY recommend dd_rescue for data recovery!  I just found this precious gem and its become part of my utils.  Theres lots of info on the web about it so Im not going to go into how to use it here, but it recovered my partition up to 90%   :Shocked: 

In the end, it was a bad sector prol caused from a hard boot of my computer I believe.  Got another HD and rebuilding now.

----------

