Root user not recognizing on Solaris-10 (shadow file corruption)


 
Thread Tools Search this Thread
Operating Systems Solaris Root user not recognizing on Solaris-10 (shadow file corruption)
# 1  
Old 10-22-2019
Root user not recognizing on Solaris-10 (shadow file corruption)

Hello,
I got into a wired state on one of solaris 10 server. When I noticed that server is having some issue, I found that there were dumpadm.conf entries in /etc/shadow and real entries were wiped of. Probably somebody fat fingers.
I was able to boot into failsafe, break SVM mirror, copied /etc/oshadow to /etc/shadow and boot into single user mode. But there is still some issue and I am not sure how to fix it. OS is not able to recognize root, looks like its mapping with UID is broken. shadow file is owned by "1 0". If I touch a new file, that also created with same ownership.
I boot into failsafe mode and there it already shows ownership of root (/a/etc/shadow). Then I did "chown 0:sys /a/etc/shadow" and boot again in single user mode. Still no luck.
Code:
# ls -l /etc/passwd /etc/shadow
-rw-r--r--   1 0        sys         1846 Oct 22 15:07 /etc/passwd
-r--------   1 0        sys         1818 Oct 22 15:08 /etc/shadow
# id
uid=0 gid=0(root)
# id -a
uid=0 gid=0(root)
# id -a root
id: invalid user name: "root"
# cat /etc/shadow | grep -i root
root:x:18191::::::
# cat /etc/passwd | grep -i root
root:x:0:0:Super-User:/:/sbin/sh
# chown root:sys /etc/shadow
chown: unknown user id root
#

Please suggest, how can I fix it. Boot from Solaris DVD is last option as, this server is located remotely.

Thanks

Last edited by solaris_1977; 10-22-2019 at 11:29 PM..
# 2  
Old 10-22-2019
You don't have backups of your remote server?
# 3  
Old 10-22-2019
No backup for this server.
Though I have /etc/oshadow files and even I have similar /etc/shadow from other servers, but copying them is not helpful
# 4  
Old 10-22-2019
Please provide this info:

Code:
cat /etc/passwd

and

Code:
cat /etc/shadow

EDIT: Never mind... I see you already did this for the root entries.
# 5  
Old 10-22-2019
Code:
# cat /etc/passwd
root:x:0:0:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved UID:/:
webservd:x:80:80:WebServer Reserved UID:/:
postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh
svctag:x:95:12:Service Tag UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
prodadm:x:16667:16667:Production Admin:/export/home/prodadm:/bin/csh
oeuser:x:16666:16666:Operations User:/export/home/oeuser:/bin/ksh
prodse:x:50000:50000:SE internal user:/export/home/prodse:/bin/ksh
osiris:x:50031:50031:Osiris Scan Agent:/export/apps/osiris/client:/bin/sh
tdradm:x:16701:16701:TDR Admin User:/export/home/tdradm:/bin/csh
espadm:x:16702:16702:ESP Admin User:/export/home/espadm:/bin/csh
pdeadm:x:16703:16703:PDE Admin User:/export/home/pdeadm:/bin/csh
nenaadm:x:16704:16704:NENA Admin User:/export/home/nenaadm:/bin/csh
pamadm:x:16705:16705:PAM Admin User:/export/home/pamadm:/bin/csh
routadm:x:16706:16706:Call Routing Admin user:/export/home/routadm:/bin/csh
timesten:x:40004:40002:TimesTen User:/export/timesten:/bin/ksh
aliadm:x:16708:16708:ALI Admin User:/export/home/aliadm:/bin/csh
xyexport:x:1062:107:Export user:/export/home/xyexport:/bin/ksh
opc_op:x:777:177:OVO default operator:/export/home/opc_op:/usr/xpg4/bin/sh
esxkadm:x:16711:16711::/export/home/esxkadm:/bin/tcsh
mpcadm:x:16709:16709::/export/home/mpcadm:/bin/tcsh
alinkadm:x:16712:16712::/export/home/alinkadm:/bin/tcsh
+@IDS:x:::::
+@WTA:x:::::
+@NSS:x:::::
+@TIER2:x:::::
+@NE:x:::::
#
# cat /etc/shadow
root:x:18191::::::
daemon:x:18191::::::
bin:x:18191::::::
sys:x:18191::::::
adm:x:18191::::::
lp:x:18191::::::
uucp:x:18191::::::
nuucp:x:18191::::::
smmsp:x:18191::::::
listen:x:18191::::::
gdm:x:18191::::::
webservd:x:18191::::::
postgres:x:18191::::::
svctag:x:18191::::::
nobody:x:18191::::::
noaccess:x:18191::::::
nobody4:x:18191::::::
prodadm:x:18191::::::
oeuser:x:18191::::::
prodse:x:18191::::::
osiris:x:18191::::::
tdradm:x:18191::::::
espadm:x:18191::::::
pdeadm:x:18191::::::
nenaadm:x:18191::::::
pamadm:x:18191::::::
routadm:x:18191::::::
timesten:x:18191::::::
aliadm:x:18191::::::
xyexport:x:18191::::::
opc_op:x:18191::::::
esxkadm:x:18191::::::
mpcadm:x:18191::::::
alinkadm:x:18191::::::
+@IDS:x:18191::::::
+@WTA:x:18191::::::
+@NSS:x:18191::::::
+@TIER2:x:18191::::::
+@NE:x:18191::::::
#

I see whatever was owned by root, is owned by "1 0"

Code:
# ls -l /etc/
total 606
-rw-r--r--   1 0        root         773 Jan 16  2015 1
drwxr-xr-x   2 4        adm          512 Sep 16  2010 acct
-rw-r--r--   1 0        sys          253 Aug 25  2008 aggregation.conf
lrwxrwxrwx   1 0        root          14 Sep 16  2010 aliases -> ./mail/aliases
-rw-r--r--   1 0        bin          194 Jan 21  2005 auto_home
-rw-r--r--   1 0        bin          248 Jan 21  2005 auto_master
lrwxrwxrwx   1 0        root          16 Sep 16  2010 autopush -> ../sbin/autopush
-rw-r--r--   1 0        root           0 Dec 10  2010 bootparams
drwxr-xr-x   3 0        sys          512 Sep 16  2010 cacao
drwxr-xr-x   2 0        sys          512 Sep 16  2010 certs
lrwxrwxrwx   1 0        root          18 Sep 16  2010 cfgadm -> ../usr/sbin/cfgadm
lrwxrwxrwx   1 0        root          18 Sep 16  2010 chroot -> ../usr/sbin/chroot
lrwxrwxrwx   1 0        root          16 Sep 16  2010 clri -> ../usr/sbin/clri
-rw-r--r--   1 0        other        372 Oct 21 12:54 coreadm.conf
lrwxrwxrwx   1 0        root          16 Sep 16  2010 cron -> ../usr/sbin/cron

# 6  
Old 10-22-2019
How about

Code:
cat /etc/oshadow

?
# 7  
Old 10-22-2019
It is same, because when I found that /etc/shadow is not good, I copied contents of /etc/oshadow to /etc/shadow
Code:
# diff /etc/oshadow /etc/shadow
#

Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Solaris 10 - 'ls' green for root user only

Welcome to all. Have an issue and looking for help so hope someone is able to give me some clues. I prepared some shell scripts with coloured output to help other guys to have more automated task. Not sure if I did this but now whenever I use 'ls' command for root user every output in... (29 Replies)
Discussion started by: TiedCone
29 Replies

2. SuSE

Non root user want to see /var/log/messages - any suse equivalent of Solaris dmesg

Hi New to Suse - mainly used Solaris. In solaris dmesg will also show you contents of messages log file but in Suse Liux it doesnt appear to. I dont have root access to this Suse server, and wondering is there any other tool / utility that allows me to see the messages file contents like on... (1 Reply)
Discussion started by: frustrated1
1 Replies

3. UNIX for Advanced & Expert Users

Root and non-root user not able to delete the file

Hi!! one strange problem occurred with my RHEL 5 box. i'm having logs folder with ownership of non-root user. Created some files with root user under logs folder. here is the scene: -rw-r----- 1 root root 1048227 Feb 28 12:34 SystemOut_13.02.28_12.34.10.log -rw-r----- 1 root root ... (6 Replies)
Discussion started by: sukhdip
6 Replies

4. Solaris

Solaris :regarding /etc/shadow file

what does the last column in /etc/shadow file indicate?? i read man page,it tells its FLAG..but i am not able to understand exactly why its there :confused: thanks in advance, shekhar (4 Replies)
Discussion started by: shekhar_4_u
4 Replies

5. Solaris

Solaris 9 not recognizing CDROM drive

Hello, I've read many posts that offer tips on how to mount a CDROM but I haven't seen any on how to get the system to recognize the CDROM drive. I was transferring files from CDROM to the hard drive successfully. I entered the third CDROM and the system refused to automount it. I tried... (2 Replies)
Discussion started by: TrueSon
2 Replies

6. Solaris

Enable FTP for root user in Solaris 10

I am not able to get ftp working for Solaris 10 for root user. I am getting login failed error. 331 Password required for root. Password: 530 Login incorrect. Login failed. Tried following things already. 1. SFTP works ok, still would like to know why FTP is not working (curious). 2.... (5 Replies)
Discussion started by: webkid
5 Replies

7. Solaris

Solaris not recognizing RAID 5 disks

I've just installed Sol 10 Update 9 on a Sun 4140 server and have a RAID 1 configuration (2 136 Gb drives) for the OS and have created a RAID 5 array (6 136 GB) drives. When i log into the system I am unable to see the RAID 5 disks at all. I've tried using the devfsadm command but no luck and... (9 Replies)
Discussion started by: goose25
9 Replies

8. Solaris

Non-root user access to privileged ports-Solaris 8

Please let me know how to setup a non-root user to be able to access a privileged port (<1024) on Solaris 8. I am currently running tomcat as "tomcat" user and I get the following error during to start up: SEVERE: Error initializing endpoint java.net.BindException: Permission denied<null>:443 (5 Replies)
Discussion started by: pingmeback
5 Replies

9. Solaris

How to start CDE for non root user on Solaris 10

Hi, How can I start CDE for non root user created.For root CDE is working fine but for non root user CDE exits back to login screen after trying for some time.Also I cant see .dt and .dtprofile files in the users home directory.How can I create them.Kindly help. Thanks & Regards, Kiran. (1 Reply)
Discussion started by: kiranherekar
1 Replies

10. Solaris

Permissions for the root user on Solaris 10

Hi I have a doubt, here if a file does not have the write permissions to the root user my script is going to write the data into that file. when i executed the script as root user. Is it correct ... ? (4 Replies)
Discussion started by: Shreedhar Naik
4 Replies
Login or Register to Ask a Question