HPE Community
Operating System - HP-UX
1846865 Members
2609 Online
110256 Solutions
New Discussion

Manually edited passwd file. SAM no longer sees a majority of the accounts

 
Gus Mestousis
Frequent Advisor

‎04-28-2006 08:26 AM

‎04-28-2006 08:26 AM

Manually edited passwd file. SAM no longer sees a majority of the accounts

I have a client who has manually edited the passwd file. Basically they copied the /etc/passwd entries from one server to another in order to keep the passwd files in sync (to some extent). They are no reporting that when trying to use SAM to make changes in the accounts many of both existing accounts, such as root, and new accounts no longer show up.

Can anything be done so that SAM sees all the accounts?

Thank you.
Sure, let me just drop everything and work on your problem.
0 Kudos
Reply
5 REPLIES 5
A. Clay Stephenson
Acclaimed Contributor

‎04-28-2006 08:33 AM

‎04-28-2006 08:33 AM

Re: Manually edited passwd file. SAM no longer sees a majority of the accounts

First of all, SAM has an internal limit of the maximum number of users (500 off the top of my head) that it will display. Beyond that, filters are used to include the user's displayed. Moving passwd and group files is not necessarily a bad thing but several things need to be done: 1) Some mechanism must be used to ensure that UID's and GID's are kept consistant 2) If trusted the TCB database entries need to be copied as well.

The copy action may have left the passwd and group caching daemon hopelessly confused so pwgrd may need to be shutdown and restarted.

The far better approach to unifying the passwd files is NIS or LDAP.
If it ain't broke, I can fix that.
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎04-28-2006 11:47 AM

‎04-28-2006 11:47 AM

Re: Manually edited passwd file. SAM no longer sees a majority of the accounts

Hi Gus,

I would suspect a corrupted /etc/passwd file.
Run the following:

pwck

to check the integrity of the passwd file. And it may also point out problems in the group file & the you should run

grpck

to check it.

You don't state whether you're trusted or not, but if you are then you should also run

authck

to check the tcb.

BTW - I *always* copy passwd, group and /tcb if I'm trusted. They are *all* integral to each other. And I usually throw in /home to boot.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Gus Mestousis
Frequent Advisor

‎04-29-2006 11:54 AM

‎04-29-2006 11:54 AM

Re: Manually edited passwd file. SAM no longer sees a majority of the accounts

Hi,

pwck and grpck do not show any issues, other than a few accounts with missing home directories, but that is the same on both servers. I killed and restarted pwgrd and still, the same results. There are fewer than 50 user accounts currently on each of these servers. Neither servers are running in Trusted Mode.

Thanks.

Sure, let me just drop everything and work on your problem.
0 Kudos
Reply
TwoProc
Honored Contributor

‎05-01-2006 05:42 AM

‎05-01-2006 05:42 AM

Re: Manually edited passwd file. SAM no longer sees a majority of the accounts

You said that they "basically" copied the files from one server to another. I think that this was the intent, but something went awry and that the file has a field so corrupt that the rest of the file is unreadable.

If you can't view the file yourself, then ask them to repeat the process, and listen in on every step.

It's got to be two lines joined together, or the way they copied the files from one box to the other (maybe didn't use binary mode for the transfer). Maybe the opened editors on both files in a visual environment and copied and pasted using a buffer to get the files in relative sync.

I'd ask them to
1) open up vi on the source password file and using a numeric range write the users needed to be moved to the other server to a temp space.
2) Copy that new temp file (in binary form) to the other server and store in a matching temp space. (make sure to clean up temp spaces later).
3) On the new server, clean up the /etc/password file, and remove all the junk appended to it from the previous attempt, save it, and save a backup copy.
4) Append the temp file from the other server to the current (new) server's /etc/password file.
#cat /tmp/newfile >> /etc/passwd

vi the new /etc/passwd file and carefully assess the record structure at the append point, making sure that two password entries don't exist on the same line. Also make sure that there is no blank line between the top and appended point. It should look pretty smooth and even.

run pwck and resolve each issue

#pwck

Repeat the above process for /etc/group

run grpck and resolve each issue

#grpck

We are the people our parents warned us about --Jimmy Buffett
0 Kudos
Reply
TwoProc
Honored Contributor

‎05-01-2006 05:43 AM

‎05-01-2006 05:43 AM

Re: Manually edited passwd file. SAM no longer sees a majority of the accounts

You said that they "basically" copied the files from one server to another. I think that this was the intent, but something went awry and that the file has a field so corrupt that the rest of the file is unreadable.

If you can't view the file yourself, then ask them to repeat the process, and listen in on every step.

It's got to be two lines joined together, or the way they copied the files from one box to the other (maybe didn't use binary mode for the transfer). Maybe the opened editors on both files in a visual environment and copied and pasted using a buffer to get the files in relative sync.

I'd ask them to
1) open up vi on the source password file and using a numeric range write the users needed to be moved to the other server to a temp space.
2) Copy that new temp file (in binary form) to the other server and store in a matching temp space. (make sure to clean up temp spaces later).
3) On the new server, clean up the /etc/password file, and remove all the junk appended to it from the previous attempt, save it, and save a backup copy.
4) Append the temp file from the other server to the current (new) server's /etc/password file.
#cat /tmp/newfile >> /etc/passwd

vi the new /etc/passwd file and carefully assess the record structure at the append point, making sure that two password entries don't exist on the same line. Also make sure that there is no blank line between the top and appended point. It should look pretty smooth and even.

run pwck and resolve each issue

#pwck

Repeat the above process for /etc/group

run grpck and resolve each issue

#grpck

At this point, you should be good!
We are the people our parents warned us about --Jimmy Buffett
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.