HPE Community
Operating System - HP-UX
1821981 Members
3092 Online
109638 Solutions
New Discussion юеВ

corrupted root user name in passwd file

 
Philip Lunney
Occasional Advisor

тАО01-02-2006 09:33 PM

тАО01-02-2006 09:33 PM

corrupted root user name in passwd file

Hi,

I have mistakenly edit the username of root in the passwd file while doing maintainence work on another user.

The root username is now 'soot' as opposed to 'root'. I thought it might be as simple as using this username and reset the password file i.e. su - soot... but it does not work. I get the unknown ID error message.

Has anybody seen this before. I would like to try and resolve this before I reboot into single user mode...
thanks.
0 Kudos
Reply
8 REPLIES 8
Shameer.V.A
Respected Contributor

тАО01-02-2006 09:41 PM

тАО01-02-2006 09:41 PM

Re: corrupted root user name in passwd file

Hi Philip,
Do you have any other super user account??
Then change the soot to root by editing the passwd file.

Otherwise restart in single user mode & do the changes.

Please see the the following thread..

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=865159

regards,

shameer
.... See invisible, feel intangible and achieve impossible as everything is possible ....
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

тАО01-02-2006 09:45 PM

тАО01-02-2006 09:45 PM

Re: corrupted root user name in passwd file

Hi Philip,

I added a +root one time in the passwd file, the only way I could solve this was to reboot into single user mode.

Best regards,
Robert-Jan
0 Kudos
Reply
john korterman
Honored Contributor

тАО01-02-2006 09:47 PM

тАО01-02-2006 09:47 PM

Re: corrupted root user name in passwd file

Hi,

perhaps you have inserted some kind of garbage character in the username. Long shot, but try this:

$ grep soot /etc/passwd| awk -F: '{print $1}'| od -x

when I do it for root on a system here it shows:
0000000 726f 6f74 0a00
0000005

perhaps other than "72" (=r) is different in your output?

regards,
John K.
it would be nice if you always got a second chance
0 Kudos
Reply
Philip Lunney
Occasional Advisor

тАО01-02-2006 09:54 PM

тАО01-02-2006 09:54 PM

Re: corrupted root user name in passwd file

I am afraid that I was looking for spurious characters but found none ...

grep soot /etc/passwd| awk -F: '{print $1}'| od -x
0000000 736f 6f74 0a00
0000005
0 Kudos
Reply
Howard Marshall
Regular Advisor

тАО01-06-2006 03:21 AM

тАО01-06-2006 03:21 AM

Re: corrupted root user name in passwd file

Now is a good opportunity to try to hack your own system. If you don't have another account that has superuser authority see if there is a script in roots cron that has write permissions for anyone except root. If there is you can copy your password file to another name, fix the copy and then tack something onto the cron script to move the copy into place for you and you are back in business.

Barring something like that you are probably going to have to schedule a maint window to bring it down and reboot into single user mode. I would fix a copy and move it into place even with the reboot.
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО01-06-2006 06:04 AM

тАО01-06-2006 06:04 AM

Re: corrupted root user name in passwd file

Is this a Trusted system? (hint: ll /tcb) If there is a /tcb directory then the change to /etc/passwd has corrupted the /tcb database. In a simple (non-trusted) system, you can change a user name and still login, although the HOME directory will be incorrect. But in a Trusted system, the actual password is kept in a separate file using the user's login name as the filename and this will prevent soot and root from logging in.

In either case, it looks like single user mode is required but be sure you know whether to fix just /etc/passwd or also fix /tcb.


Bill Hassell, sysadmin
0 Kudos
Reply
Indrajit_1
Valued Contributor

тАО01-23-2006 03:43 AM

тАО01-23-2006 03:43 AM

Re: corrupted root user name in passwd file

Hi;

u need to boot the machine in single user mode and rename soot to root.

Do the following step..

#shutdown -yr 0
Press Esc key in keyboard

In the current menu press a to go to administrative mode. type..
boot pri isl
>hpux -is

This will bring u to single user mode..

cheers
indrajit
Never Ever Give Up
0 Kudos
Reply
Lolupee
Regular Advisor

тАО01-23-2006 06:11 AM

тАО01-23-2006 06:11 AM

Re: corrupted root user name in passwd file

check the ownership for files previously owned by root must have changed to soot.

If you do not have many cron from root, then you are ok. If you do and this is a production server, then be ready for a busy week.
If you have another server and you previuosly set the remsh or shell up, you could remsh, rlogin or rcp (security breach). If not, rebooting to single user is the answer.

If you have many adminstrators that could use root, you may contact them, one might have login shell still up.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.