HPE Community
Operating System - HP-UX
1753774 Members
7490 Online
108799 Solutions
New Discussion юеВ

Re: can not change root password on trusted system.

 
Patrol
Advisor

тАО08-17-2006 07:56 AM

тАО08-17-2006 07:56 AM

can not change root password on trusted system.

This is a basic question for most of you but I can not figure out why.

when I enter the old password, I am getting a "sorry" message and that is it.

I know password is correct because I logged in with it from the system console a minute before change attempt.

getprpw root output is the same comparing to a system without this problem

/tcb/files/auth/r/root ownership and permissions are not different from the problem-free system and I aslo checked the intermediate directory permissions too.

what is wrong with this system ?
0 Kudos
Reply
14 REPLIES 14
Steven E. Protter
Exalted Contributor

тАО08-17-2006 07:59 AM

тАО08-17-2006 07:59 AM

Re: can not change root password on trusted system.

Shalom,

Possibilities:
1) root fs is full
2) permissions wrong in /tcb or below.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
IT_2007
Honored Contributor

тАО08-17-2006 08:49 AM

тАО08-17-2006 08:49 AM

Re: can not change root password on trusted system.

Might be CAPS lock on? or typo error?

Are you able to login your self and su -
and check root password.
0 Kudos
Reply
Patrol
Advisor

тАО08-17-2006 09:21 AM

тАО08-17-2006 09:21 AM

Re: can not change root password on trusted system.

Steven,

1 root fs has nothing to do with it as it only is 9% full
2 even though I have said there is no difference between a working system and a this oen, you seem either not reading or not beliving. So here is the output from a working system and the problem one:

PROBLEM SYSTEM

test # ll -d /tcb
dr-xr-x--x 3 root sys 96 Oct 5 2003 /tcb
test # ll -d /tcb/files
drwxrwx--x 3 root sys 96 Apr 9 2005 /tcb/files
test # ll -d /tcb/files/auth
drwxrwx--x 55 root sys 8192 Oct 5 2003 /tcb/files/auth
test # ll -d /tcb/files/auth/r
drwxrwx--- 2 root sys 8192 Aug 17 12:20 /tcb/files/auth/r
test # ll -d /tcb/files/auth/r/root
-rw-rw-r-- 1 root root 308 Aug 17 12:20 /tcb/files/auth/r/root
test # /usr/lbin/getprpw root
uid=0, bootpw=YES, audid=0, audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1, spwchg=Mon Aug 14 00:00:01 2006, upwchg=Thu Aug 17 13:29:15 2006, acctexp=-1, llog=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Thu Aug 17 12:20:44 2006, ulogint=Thu Aug 17 11:56:08 2006, sloginy=console, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=0000000



WORKING SYSTEM

prod:root:/root> ll -d /tcb
dr-xr-x--x 3 root sys 96 Oct 5 2003 /tcb
prod:root:/root>ll -d /tcb/files
drwxrwx--x 3 root sys 96 Oct 30 2005 /tcb/files
prod:root:/root>ll -d /tcb/files/auth
drwxrwx--x 55 root sys 1024 Oct 5 2003 /tcb/files/auth
prod:root:/root>ll -d /tcb/files/auth/r
drwxrwx--- 2 root sys 1024 Aug 17 13:16 /tcb/files/auth/r
prod:root:/root>ll -d /tcb/files/auth/r/root
-rw-rw-r-- 1 root root 245 Aug 17 13:16 /tcb/files/auth/r/root
prod:root:/root>/usr/lbin/getprpw root
uid=0, bootpw=YES, audid=0, audflg=1, mintm=-1, maxpwln=-1, exptm=-1, lftm=-1, spwchg=Sun Aug 13 00:05:00 2006, upwchg=Mon Jul 19 09:06:47 2004, acctexp=-1, llog=-1, expwarn=-1, usrpick=DFT, syspnpw=DFT, rstrpw=DFT, nullpw=DFT, admnum=-1, syschpw=DFT, sysltpw=DFT, timeod=-1, slogint=Thu Aug 17 13:16:38 2006, ulogint=Sat Jan 28 08:06:13 2006, sloginy=console, culogin=-1, uloginy=-1, umaxlntr=-1, alock=NO, lockout=0000000


Srini,

Please read my original post. I said I am able to login a minute before.
0 Kudos
Reply
DCE
Honored Contributor

тАО08-17-2006 09:49 AM

тАО08-17-2006 09:49 AM

Re: can not change root password on trusted system.



did you check the permissions on the password program itself, and compare it tot the other systesm?

anything in /etc/default/security?
0 Kudos
Reply
John Kittel
Trusted Contributor

тАО08-17-2006 10:52 AM

тАО08-17-2006 10:52 AM

Re: can not change root password on trusted system.

Did you just recently convert to trusted? If untrusted root pasword was > 8 characters, then you changed to trusted, now when logging in it works with full > 8 character password, but passwd command will fail if you supply > 8 characters. Just give the 1st 8 characters to the passwd command when prompted for old password.

- John
0 Kudos
Reply
florin_10
Frequent Advisor

тАО08-17-2006 02:57 PM

тАО08-17-2006 02:57 PM

Re: can not change root password on trusted system.

Hi,

John's previous answer explains very well your problem. Also the account can be locked for a while, due to too many wrong passwd entries.
0 Kudos
Reply
Peter Godron
Honored Contributor

тАО08-17-2006 06:57 PM

тАО08-17-2006 06:57 PM

Re: can not change root password on trusted system.

Hi,
from:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1050656

/usr/sam/lbin/usermod.sam -F -p "" root
0 Kudos
Reply
RAC_1
Honored Contributor

тАО08-17-2006 07:03 PM

тАО08-17-2006 07:03 PM

Re: can not change root password on trusted system.

Null out old password and change it.
/usr/sam/lbin/usermod.sam -F -p "" root

You can also do this by modifying /tcb/files/auth/r/root. But not advised.
There is no substitute to HARDWORK
0 Kudos
Reply
Patrol
Advisor

тАО08-18-2006 04:04 AM

тАО08-18-2006 04:04 AM

Re: can not change root password on trusted system.

First off, nullifying the password is something I do not want to do for audit reasons, so that option is not available to me.

passwd program permissions were exactly the same with the working system in the above post

system was not converted to trusted. It was an ignite install from an already trusted system.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.