HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Unable to change root password even though id says...
Operating System - HP-UX
1833758
Members
2730
Online
110063
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2003 04:36 PM
05-02-2003 04:36 PM
I have a quandry here. I boot into single user mode and run the command "id". It says I am root but when I try to change the password with:
passwd root it asks for the old password which I don't know. I believe the account is disabled because the /etc/passwd entry has an '*' in it. Is there any way around this?
Thanks.
passwd root it asks for the old password which I don't know. I believe the account is disabled because the /etc/passwd entry has an '*' in it. Is there any way around this?
Thanks.
Solved! Go to Solution.
4 REPLIES 4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2003 05:36 PM
05-02-2003 05:36 PM
Re: Unable to change root password even though id says root
1. make sure system is really running on single user mode:
# who -r
2. passwd root on single user mode, system should not ask for the old password
# who -r
2. passwd root on single user mode, system should not ask for the old password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2003 06:04 PM
05-02-2003 06:04 PM
Solution
Actually, who -r (and an attempted followon command called /sbin/getrunlvl which is also unstable as to single user mode. This is unfortunate since there is only one reliable way to get to single user mode: reboot and interrupt the boot sequence to use the hpux -is command.
Take a look at the rest of the user entries in /etc/passwd. If they all have * in the passwd field, then you are likely using a Trusted System and the passwords have been moved to the /tcb directory. If root is the only one with * in it, you can manually remove it. But first, verify you are in single user mode with the mount command: it should look like this:
# mount
/ on /dev/vg00/lvol3 log on Wed Mar 12 13:52:55 2003
/stand on /dev/vg00/lvol1 defaults on Wed Mar 12 13:52:58 2003
NOTHING ELSE. If /usr or other mountpoints are there, you haven't booted into single user mode. init s will *NOT* get you to single user mode. The man page clarifies this by stating you should not use init s to go from a higher level to single user mode,
To edit /etc/passwd, you need /usr, /tmp and /vasr mounted, so do this in single user mode:
mount /usr
mount /var
mount /tmp
Now run vipw (note: get used to using vipw rather than vi--it's safer to use in a multi-sysadmin environment) and remove the * character. But only do this *IF* there is no /tcb directory.
If there is a /tcb directory, you have a Trusted System and you'll have to bring up the system in single user mode. Now if another sysadmin has setup the option that entering single user mode requires the root password, you'll not get to a shell prompt.
If you can get to a shell prompt (and most important, you are logged on to the system console (not telnet, not a support modem, not a LAN connection, etc), the system should not ask for the old password. If it doesm you'll have to mount /var, /tmp and /usr, then run vi on the file:
/tcb/files/auth/r/root
and remove the line that looks like:
:u_pwd=t0.krNwxexKNYhw:
The expected behavior is to ask for a new password since one does not exist.
Bill Hassell, sysadmin
Take a look at the rest of the user entries in /etc/passwd. If they all have * in the passwd field, then you are likely using a Trusted System and the passwords have been moved to the /tcb directory. If root is the only one with * in it, you can manually remove it. But first, verify you are in single user mode with the mount command: it should look like this:
# mount
/ on /dev/vg00/lvol3 log on Wed Mar 12 13:52:55 2003
/stand on /dev/vg00/lvol1 defaults on Wed Mar 12 13:52:58 2003
NOTHING ELSE. If /usr or other mountpoints are there, you haven't booted into single user mode. init s will *NOT* get you to single user mode. The man page clarifies this by stating you should not use init s to go from a higher level to single user mode,
To edit /etc/passwd, you need /usr, /tmp and /vasr mounted, so do this in single user mode:
mount /usr
mount /var
mount /tmp
Now run vipw (note: get used to using vipw rather than vi--it's safer to use in a multi-sysadmin environment) and remove the * character. But only do this *IF* there is no /tcb directory.
If there is a /tcb directory, you have a Trusted System and you'll have to bring up the system in single user mode. Now if another sysadmin has setup the option that entering single user mode requires the root password, you'll not get to a shell prompt.
If you can get to a shell prompt (and most important, you are logged on to the system console (not telnet, not a support modem, not a LAN connection, etc), the system should not ask for the old password. If it doesm you'll have to mount /var, /tmp and /usr, then run vi on the file:
/tcb/files/auth/r/root
and remove the line that looks like:
:u_pwd=t0.krNwxexKNYhw:
The expected behavior is to ask for a new password since one does not exist.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-05-2003 09:54 AM
05-05-2003 09:54 AM
Re: Unable to change root password even though id says root
As usual, Bill offers good advice. I'd like to follow up on his vipw comments by stressing the importance of running pwck and authck after any manual editing of /etc/passwd or files under /tcb. Manual editing of these files is not a supported method of updating them and can lead to inconsistencies or corruption of critical files. It is very important to do integrity checks with pwck (and authck if you use trusted mode) to help detect any corruption you may have introduced with manual editing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-05-2003 11:53 AM
05-05-2003 11:53 AM
Re: Unable to change root password even though id says root
I don't think the id command works in single user mode until after you've mounted the /usr filesystem.
If you have not mounted /usr and id works you're not in single user mode.
Time to try again.
Also great advice to run pwck after ever manually editing /etc/passwd or /tcb files on trusted systems.
grpck is good if you've edited the /etc/group file.
Good luck.
http://www.isnamerica.com
Call me anything you want, just don't forget to call me to dinner.
Steven E. Protter
If you have not mounted /usr and id works you're not in single user mode.
Time to try again.
Also great advice to run pwck after ever manually editing /etc/passwd or /tcb files on trusted systems.
grpck is good if you've edited the /etc/group file.
Good luck.
http://www.isnamerica.com
Call me anything you want, just don't forget to call me to dinner.
Steven E. Protter
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP