topic Re: system in Operating System - HP-UX

system

navin — Tue, 13 Feb 2007 13:42:09 GMT

Hi ,
Is it possible that the /etc configuration files(especially passwd/nsswitch,etc) would be modified ...when the system crashes.
Thanks

Re: system

Pete Randall — Tue, 13 Feb 2007 13:44:13 GMT

I don't see how, unless they were being written to when the crash occurred.

Pete

Re: system

Bill Hassell — Tue, 13 Feb 2007 16:58:16 GMT

There's a big difference between a crash and a modified file. If for some crazy reason the system crashed and wrote all over the filesystem, you would never know this because the system could not boot. So the contents of /etc/passwd and /etc/nsswitch.conf would not be slightly changed.

Now there are a couple of possibilities:

1. Someone edited /etc/passwd and left the session running. The machine reboots and the passwd file is left in the state it was when the vi session started, perhaps days ago.

2. There are custom startup scripts that replace certain files on reboot.

HP-UX does not care about files like passwd. It is just a place where login can look to authenticate a user and if OK, start a shell. Users change file contents.

Re: system

A. Clay Stephenson — Tue, 13 Feb 2007 17:08:45 GMT

Is is possible? Yes. Is it probable? Most decidedly not. Often these words are used interchangably when the meaning is quite different. If is far more probable that a filesystem might become corrupt upon a crash --- or that a corrupt filesystem might trigger a crash. It is most improbable that somehow the crash managed to zero in on these files. On the other hand, these are just the files that might be altered either intentionally or unintentionally by a user with super-user access --- or by an ordinary user if the mode on these files were incorrectly set.