HPE Community
Operating System - HP-UX
1848539 Members
6544 Online
104033 Solutions
New Discussion

Re: root is locked, helpful hints for a sysadmin.

 
generic_1
Respected Contributor

‎07-29-2005 05:23 AM

‎07-29-2005 05:23 AM

root is locked, helpful hints for a sysadmin.

Many folks believe their only option when root is locked is to reboot. Thats not entirely true, and if this is an important box and unwanted reboot can really suck.

Next time this happens restore the trusted file or password file with the password you know from your backup system :). This is the most common way I know that most people dont think of. You could even restore an edited version of the file hint hint if you completetly forgot.
/etc/passwd
or if trusted
/tcb/files/auth/r/root
Boom your fixed. :).
I would imagine you could restore cron configurations and such to that could kick off and run the later mentioned commands to fix things too :).
If you have any handydandy batch scheduler that can launch things as root. Schedule a /usr/lbin/modprpw -k root or a /usr/lbin/modprpw -v root to fix expired
you can use the usermod sam command to set a new password by specifying an encrypted password that you know :)
/usr/sam/lbin/usermod.sam -p "encryptedpasswordyouknowhere" username
These could probably be done with remsh
powerbroker
sshkeyed root account or any odd tool you might happen use
Check if one of your sysadmin buddies has a login as root currently to that box.
Also setting up your GSP on the lan would be good. You can not only reboot the system, but if root's account would become locked you could still gain access there if you knew the password without having to drive in.

You may want to consider adding sudo you your system before this event happens hint hint.

with that you could gain access to your acccount then set your account a as privledge to sudo to root
by using your password instead of roots.
Between this and the GSP you should not have to drive in again uless you get a major case of Fatfinger ehhehe. :).

If all this fails, your hosed reboot.
Hope this helps for the next time.
0 Kudos
Reply
3 REPLIES 3
Simon Hargrave
Honored Contributor

‎07-29-2005 06:55 AM

‎07-29-2005 06:55 AM

Re: root is locked, helpful hints for a sysadmin.

Some good hints there.

Worth also noting that if you have ITO installed you could gain access or provide a password reset mechanism as an application.
0 Kudos
Reply
Alan Meyer_4
Respected Contributor

‎07-29-2005 06:59 AM

‎07-29-2005 06:59 AM

Re: root is locked, helpful hints for a sysadmin.

Also if you have root rlogin setup from another node works too
" I may not be certified, but I am certifiable... "
0 Kudos
Reply
Marvin Strong
Honored Contributor

‎07-29-2005 07:01 AM

‎07-29-2005 07:01 AM

Re: root is locked, helpful hints for a sysadmin.

didn't see ssh listed there, As a prevention step. Much like sudo you could setup ssh as a another means to enter the system as root.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.