/etc/passwd deleted

Gurumanickam · ‎12-29-2006

hi all,

if my /etc/passwd file deleted? is it possible to recover my system? i don't have a backup?

Thanks in advance

Be an expert

Victor Fridyev · ‎12-29-2006

Hi,

If you are logged in as root, copy the strings below into the /etc/passwd file
root::0:3::/:/sbin/sh
daemon:*:1:5::/:/sbin/sh
bin:*:2:2::/usr/bin:/sbin/sh
sys:*:3:3::/:
adm:*:4:4::/var/adm:/sbin/sh
uucp:*:5:3::/var/spool/uucppublic:/usr/lbin/uucp/uucico
lp:*:9:7::/var/spool/lp:/sbin/sh
nuucp:*:11:11::/var/spool/uucppublic:/usr/lbin/uucp/uucico
hpdb:*:27:1:ALLBASE:/:/sbin/sh
nobody:*:-2:-2::/:
www:*:30:1::/:
smbnull:*:101:101:DO NOT USE OR DELETE - needed by Samba:/home/smbnull:/sbin/sh
webadmin:*:40:1::/usr/obam/server/nologindir:/usr/bin/false
iwww:*:102:1::/home/iwww:/sbin/sh
owww:*:103:1::/home/owww:/sbin/sh
hpsmh:*:79:79:System Management Homepage:/home/hpsmh:/sbin/sh
sshd:*:104:102:sshd privsep:/var/empty:/bin/false
mysql:*:105:103::/home/mysql:/sbin/sh

The file is good for a fresh system.

If you can not log in, reboot the system for single user mode and create /etc/password file withe strings above.
After that you will have to find UIDs for all existnig users and insert them into /etc/passwd either manually or by useradd.

Good Luck

Entities are not to be multiplied beyond necessity - RTFM

Bill Hassell · ‎12-30-2006

This would be a major problem. First, only the root user can delete files in /etc so do not give the root password to anyone that is not properly trained as a system administrator. And if your system is Trusted, recovering your system is much more complicated. Your first step is to completely backup your system -- use SAM and create an fbackup tape. Then make a second tape using Ignite so you can recover from a dead boot disk.

Now if the passwd file has truly been removed and you have no backup, you can re-create the original file like this:

cp /usr/newconfig/etc/passwd /etc/passwd
chmod 755 /etc/passwd

Now all of this assumes you are logged on as root. If not logged in as root or you can't login at all, then you may be able to use the core HP-UX CDROM to boot up and recover the passwd file that way.

Bill Hassell, sysadmin

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

/etc/passwd deleted

/etc/passwd deleted

Re: /etc/passwd deleted

Re: /etc/passwd deleted