05-19-2006
As long as you can still log in as root run the command pwdadm -c root this should cure the problem. However the user root should really change the password on a regular basis for good security practice. You need to look in the /etc/security/passwd file. This is where all the flags are kept such ADMCHG. Hope this is helpful.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I knew it would happen sooner or later....
We have a requirement that specific individuals need "sudo root" authority. I knew it only a matter of time before someone decided to change the root password (at least they owned up to it).
Now the question is how can I grant all rights except... (4 Replies)
Discussion started by: scottsl
4 Replies
2. UNIX for Dummies Questions & Answers
Hello chiefs :)
I have a SUN Enterprise 250, running Solaris 8.5 - I have managed to be able to connect a dumb terminal to the box via a standard straight-through rj45 cable, to my ibm laptop. OK so Putty can connect to the box via ssh - nice! But I dont have the password for root - or any... (1 Reply)
Discussion started by: congo
1 Replies
3. UNIX for Dummies Questions & Answers
I booted up Sun V240 server with boot cdrom -s using the Sun Operating System CD. I now am at the # prompt and su - root . The system will not allow me to set password for root. Get following error:
# passwd
New Password: xxxxxxxx
Re-enter new Password: xxxxxxxx
passwd: Unexpected failure. ... (4 Replies)
Discussion started by: mayewil
4 Replies
4. Solaris
Any body pls let me know the procedure to recover ROOT password in Sun Netra 20 Server..I forgot the password. (5 Replies)
Discussion started by: gini
5 Replies
5. Solaris
I forget the Root Passwd of my Sun Netra 20 server and break the same by editing /etc/shadow.Now there is no passwd for Root.
And How to set new root passwd?Pls help.... (2 Replies)
Discussion started by: gini
2 Replies
6. UNIX for Dummies Questions & Answers
heyy
i forgot my root passwd but i cant reinstall due to some reason can anyone tell me hw to reterive root passwd (10 Replies)
Discussion started by: mightypp.nits
10 Replies
7. UNIX for Dummies Questions & Answers
Hi All,
Today I faced a problem trying to log in as root. The output error is
cannot execute sh: No such file....
I doubted there is something wrong with shell interpreter which resides in /etc/passwd file for every user who logs in.
I checked and the line for root account was... (4 Replies)
Discussion started by: elthox
4 Replies
8. Red Hat
hi
i have a RHEL 4 and have forgot root passwd
tried to boot in by singel user and then changing the passwd but it's not letting me do that ......throwing some weird error as .......manipulation
i also tried to make a new user from CLI but even though it's not letting me in from that user as... (12 Replies)
Discussion started by: techbravo
12 Replies
9. Red Hat
I accidentally changed root shell from /bin/bash to bash in /etc/password, then logged out from root. Now I can't login as root and got "No shell" error, although I have root password. "su -f -s /bin/bash" command does NOT work. There is no GUI interface for this system.
My question: Do I have... (7 Replies)
Discussion started by: aixlover
7 Replies
10. AIX
Does anyone know when AIX started using /etc/security/passwd instead of /etc/passwd to store encrypted passwords? (1 Reply)
Discussion started by: Anne Neville
1 Replies
LEARN ABOUT LINUX
sudo_root
sudo_root(8) System Manager's Manual sudo_root(8)
NAME
sudo_root - How to run administrative commands
SYNOPSIS
sudo command
sudo -i
INTRODUCTION
By default, the password for the user "root" (the system administrator) is locked. This means you cannot login as root or use su. Instead,
the installer will set up sudo to allow the user that is created during install to run all administrative commands.
This means that in the terminal you can use sudo for commands that require root privileges. All programs in the menu will use a graphical
sudo to prompt for a password. When sudo asks for a password, it needs your password, this means that a root password is not needed.
To run a command which requires root privileges in a terminal, simply prepend sudo in front of it. To get an interactive root shell, use
sudo -i.
ALLOWING OTHER USERS TO RUN SUDO
By default, only the user who installed the system is permitted to run sudo. To add more administrators, i. e. users who can run sudo, you
have to add these users to the group 'admin' by doing one of the following steps:
* In a shell, do
sudo adduser username admin
* Use the graphical "Users & Groups" program in the "System settings" menu to add the new user to the admin group.
BENEFITS OF USING SUDO
The benefits of leaving root disabled by default include the following:
* Users do not have to remember an extra password, which they are likely to forget.
* The installer is able to ask fewer questions.
* It avoids the "I can do anything" interactive login by default - you will be prompted for a password before major changes can happen,
which should make you think about the consequences of what you are doing.
* Sudo adds a log entry of the command(s) run (in /var/log/auth.log).
* Every attacker trying to brute-force their way into your box will know it has an account named root and will try that first. What they do
not know is what the usernames of your other users are.
* Allows easy transfer for admin rights, in a short term or long term period, by adding and removing users from the admin group, while not
compromising the root account.
* sudo can be set up with a much more fine-grained security policy.
* On systems with more than one administrator using sudo avoids sharing a password amongst them.
DOWNSIDES OF USING SUDO
Although for desktops the benefits of using sudo are great, there are possible issues which need to be noted:
* Redirecting the output of commands run with sudo can be confusing at first. For instance consider
sudo ls > /root/somefile
will not work since it is the shell that tries to write to that file. You can use
ls | sudo tee /root/somefile
to get the behaviour you want.
* In a lot of office environments the ONLY local user on a system is root. All other users are imported using NSS techniques such as
nss-ldap. To setup a workstation, or fix it, in the case of a network failure where nss-ldap is broken, root is required. This tends to
leave the system unusable. An extra local user, or an enabled root password is needed here.
GOING BACK TO A TRADITIONAL ROOT ACCOUNT
This is not recommended!
To enable the root account (i.e. set a password) use:
sudo passwd root
Afterwards, edit the sudo configuration with sudo visudo and comment out the line
%admin ALL=(ALL) ALL
to disable sudo access to members of the admin group.
SEE ALSO
sudo(8), https://wiki.ubuntu.com/RootSudo
February 8, 2006 sudo_root(8)