HPE Community
Operating System - HP-UX
1833589 Members
4236 Online
110061 Solutions
New Discussion

root login locked out

 
SOLVED
Go to solution
Thiyagarajan.s
Frequent Advisor

‎03-11-2005 11:56 AM

‎03-11-2005 11:56 AM

root login locked out

Hi
we have root and an equivalent super user on the trusted system. both the accounts got locked out. we are not able to login through the console from both user ids.
/etc/securetty is enabled for root
ssh is enabled and telnet is disabled.
plz help us in logging to the system without re booting bcoz this is the production system running critical Database running on it.

Thanks
Thiyagarajan



0 Kudos
Reply
8 REPLIES 8
Bill Hassell
Honored Contributor

‎03-11-2005 01:56 PM

‎03-11-2005 01:56 PM

Solution

Re: root login locked out

Since this is a Trusted system, once the root account is disabled, su will no longer work (it says that the root account is disabled). The only choice is to run sudo which doesn't really login and does not need to root password to attain root privileges. If you did not load sudo from your Internet Express CD, then there is no choice but to shutdown what processes you can and then powerfail the machine. During bootup, interrupt the normal boot process when you see the 10-second message and boot into single user mode to fix the root password.

sudo can also be downloaded from http://software.hp.com


Bill Hassell, sysadmin
Reply
Thiyagarajan.s
Frequent Advisor

‎03-12-2005 06:28 AM

‎03-12-2005 06:28 AM

Re: root login locked out

hi Billl
Thanks for reply !
Soory for delay, i was not ble to try
suudo immeditely
ii have tried , but it was asking me password

sudo /usr/lbin/modprpw

Thanks
Thiyagarajan

0 Kudos
Reply
SS_6
Valued Contributor

‎03-12-2005 08:35 AM

‎03-12-2005 08:35 AM

Re: root login locked out

Provide your own login id password. If you have "SUDO ALL" access you must be able to run commands as root. If you use sudo again it will not ask for password within five minutes of sudo activity. last option is to rebiit into single user mode.
SS
By providing solutions I am helping myself
Reply
Bill Hassell
Honored Contributor

‎03-12-2005 01:35 PM

‎03-12-2005 01:35 PM

Re: root login locked out

When sudo is first installed, you need to configure the users that are allowed to use sudo. The users do not need to know the root password, but if the user is not in the sudoers file, supplying the user's will give you a warning message and a log entry is made. So if sudo has not been configured or you don't know which user(s) are allowed to use sudo, it won't help.


Bill Hassell, sysadmin
Reply
Peyman Javaheri
Frequent Advisor

‎03-15-2005 05:17 AM

‎03-15-2005 05:17 AM

Re: root login locked out

Hi Thiyagarajan,

Does your backup/recovery software to restore individual files still work? If your backup software allows you to backup a file and restore it anywhere on the system you could overwrite files.

You could probably rebuild /etc/passwd, /tcb/.../root, /etc/suduers, or anything for that matter.....

take care,
peyman;
Reply
Alexey_12
Occasional Advisor

‎03-15-2005 07:03 AM

‎03-15-2005 07:03 AM

Re: root login locked out

Hi Thiyagarajan,

On trusted system if you can get somehow write access to /tcb/files/auth/r/root file you might clean encrypted password after :u_pwd: in the file and then you should be able sign on using root account without any password. There was an earlier post regarding this technique here.
Reply
Steven E. Protter
Exalted Contributor

‎03-15-2005 07:22 AM

‎03-15-2005 07:22 AM

Re: root login locked out

To unlock the root password (simply not dealing with the other issues).

boot

interupt at the 10 second prompt

bo

Y Interact

hpux -is


mount /var
mount /usr

cd /tcb/files/auth/r
vi root

null out the root password entry.

Save it.

Immediately set a root password with the passwd command.

Use that user id to unlock your equivalent root user.

shutdown -ry now

As to how to do the initial shutdown? Hopefully you have a operations user authorized to boot the box. If not, you are in power switch mode.

This is the only way I know of resetting the root password on a trusted system. Downtime required.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Thiyagarajan.s
Frequent Advisor

‎03-20-2005 08:09 PM

‎03-20-2005 08:09 PM

Re: root login locked out

hi all

sorry for late reply i was on leave for a week
i couldn't work on this issue

SS , i have tried with sudo it was not working, because it was not configured

peyman, - that's the good idea , we will be able to recover files from tape , but how i will be able to change the password

alex, we dont have any root login session opened to get the write access to any of these files

atlast we reboot the server on the scheduled downtime as "SEP" told and we reset the password

still i am working on why the root account got disabled in console

Thanks for u people
Thiyagarajan
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.