Login or Register to Ask a Question and Join Our Community


Ubuntu

Messed up password

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Ubuntu Messed up password
# 1  
Old 09-07-2012
Messed up password
I am unable to change my password even in root (recovery mode), or to unlock it. I can still access my account, but without password protection. In GUI Administrator account 'disabled' is displayed.

This is what I have done so far:

In root:
Code:
#usermod -U roy 
usermod:cannot lock /etc/passwd; try again later

~#passwd roy 
Enter new Unix password:done
Retype new Unix password:done
passwd:Authentication token manipulation error
passwd: password unchanged

passwd -a -S 
roy L 09/05/2012 0 99999 7 -1

passwd -d roy
passwd:cannot lock /etc/shadow; try again later

Two days later again root shell:

Code:
<mount -o rw,remount /

chmod 0440 /etc/sudoers
ls -l /etc/sudoers
-r--r----- 1 root root 574 2011-09-11 (todays date is 2012-09-07)

I think that I have to admit that "I am in out of my depth".

Would anyone please help?? Smilie
Last edited by Royalist; 09-07-2012 at 05:18 PM..
# 2  
Old 09-07-2012
It looks like a usermod or useradd command aborted somehow and left locks on files.
Use the lsof command to see what is going on with /etc/passwd and /etc/shadow.

You may have to reboot into single user mode to fix your problems, but try lsof first.
# 3  
Old 09-08-2012
Bug Password
Thanks Jim,

Here are the results of your suggestion:

Code:
lsof /etc/passwd
COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
gnome-set 1449  roy   17r   REG    8,1     1997 2260 /etc/passwd
applet.py 2218  roy   11r   REG    8,1     1997 2260 /etc/passwd

roy@roy-desktop:~$ lsof /etc/shadow
roy@roy-desktop:~$

However, since posting my original, I did:

Code:
cp /etc/shadow /etc/shadow.bak2

Then:
Code:
cp /etc/shadow.bak /etc/shadow

As a result please note in the following that the date of shadow is now current.

Code:
roy@roy-desktop:~$ ls -l /etc/shadow*
-rw-r----- 1 roy roy  968 'some earlier date' /etc/shadow
-rw------- 1 roy roy 1296 2012-09-05 13:55 /etc/shadow-
-rw------- 1 roy roy 1002 2012-01-24 18:19 /etc/shadow-~
-rw-r----- 1 roy roy  968 2012-01-24 18:21 /etc/shadow.bak

Would you not think that the culprit here is : shadow- dated 2012-09-05?

Code:
roy@roy-desktop:~$ ls -l /etc/shadow*
-rw-r----- 1 roy roy  968 2012-09-07 17:07 /etc/shadow
-rw------- 1 roy roy 1296 2012-09-05 13:55 /etc/shadow-
-rw------- 1 roy roy 1002 2012-01-24 18:19 /etc/shadow-~
-rw-r----- 1 roy roy  968 2012-01-24 18:21 /etc/shadow.bak
-rw-r----- 1 roy roy 1297 2012-09-07 17:06 /etc/shadow.bak2

I doubt that I would know where to start to boot into single user mode?Smilie
# 4  
Old 09-08-2012
a) Why does /etc/passwd belong to roy roy, and not to root shadow?
This is really unsafe.

Quote:
Code:
passwd -a -S 
roy L 09/05/2012 0 99999 7 -1

b) Do you see that "L" here above?
Your account looks locked.
From man passwd:
Quote:
-l, --lock
Lock the password of the named account. This option disables a password by changing it
to a value which matches no possible encrypted value (it adds a ´!´ at the beginning
of the password).

Note that this does not disable the account. The user may still be able to login using
another authentication token (e.g. an SSH key). To disable the account, administrators
should use usermod --expiredate 1 (this set the account's expire date to Jan 2, 1970).

Users with a locked password are not allowed to change their password.
[...]
-u, --unlock
Unlock the password of the named account. This option re-enables a password by
changing the password back to its previous value (to the value before using the -l
option).
This should explain why here below you have two r, instead of a w and a u:
Quote:
Code:
lsof /etc/passwd
COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
gnome-set 1449  roy   17r   REG    8,1     1997 2260 /etc/passwd
applet.py 2218  roy   11r   REG    8,1     1997 2260 /etc/passwd

To confirm, could you post the output of:
# grep roy /etc/shadow?

No fear: you're there, you have physical access to the system, so you can do anything. This problem will be solved. Smilie
--
Bye
# 5  
Old 09-09-2012
Bug The end is in sight
Here you are Lem and thanks:

Code:
roy@roy-desktop:~$ grep roy /etc/shadow
roy::15323:0:99999:7:::

I have been duplicating your comments on a second computer and can now see the differences for myself.

I cannot explain what may have caused these errors, but I assume they can easily be corrected from root shell, or are you suggesting the use of expiredate 1 below?
Quote:
-l, --lock
Lock the password of the named account. This option disables a password by changing it
to a value which matches no possible encrypted value (it adds a ´!´ at the beginning
of the password).

Note that this does not disable the account. The user may still be able to login using
another authentication token (e.g. an SSH key). To disable the account, administrators
should use usermod --expiredate 1 (this set the account's expire date to Jan 2, 1970).

Users with a locked password are not allowed to change their password.
[...]
-u, --unlock
Unlock the password of the named account. This option re-enables a password by
changing the password back to its previous value (to the value before using the -l
option).

I certainly have read the above many times, but did not feel happy to try the -l option for passwd as I have no idea what an SSH key is. Also I did read man usermod for expiredate 1, but thought I might be opening another "can of worms"?

I can see that the end is nigh, as I will have full confidence with expert guidance and it is a great way to learn!Smilie
Last edited by Royalist; 09-09-2012 at 06:12 PM..
# 6  
Old 09-10-2012
Ok, I see again something strange here. Since your second field in /etc/shadow, after roy, is empty
Quote:
Code:
roy@roy-desktop:~$ grep roy /etc/shadow
roy::15323:0:99999:7:::

AFAIK you should read:
Code:
passwd -a -S 
roy NP 09/05/2012 0 99999 7 -1

NP stands for NoPassword, AFAIK. You read instead L (Locked), but a locked account should have its second field in /etc/password containing at least and invalid char, like ! or *. :-o

However you can login without password, and this is consistent with an NP account (you couldn't login with a locked account).
With an NP account (empty password), roy cannot change its password, but surely root should be able to do it.

Let's try something.

I'm sure that your filesystem cannot be full, since you've been able to copy a file. So this isn't your problem.

From what you've already posted, I'm sure you don't have these files:
Code:
/etc/passwd.lock /etc/shadow.lock /etc/group.lock /etc/gshadow.lock

If they exist, they should be deleted and this should solve the problem, but if you don't have them...

Let's make an attempt rebooting this way:

1) # shutdown -r now
2) At boot time, press any key to have the grub2 menu showing up; at the grub2 menu select the kernel you usually boot (most probably the first of the list), but don't press ENTER, just press E (editing)
3) go at the end of the line beginning with "linux", press SPACE and then insert this string: init=/bin/bash. Be careful: grub2 thinks you're using an English keyboard. With a different keyboard you should type something a bit different (with an italian keyboard I should type "initì-bin-bash") to get "init=/bin/bash" on screen
4) press CTRL+X to boot (I guess it's CTRL+X, follow on screen instructions)
5) now you're in the system and - this is the funny thing - you're root without even knowing root's password (you can save this trick for the future), and you do this:
Code:
# mount -o remount,rw /
# passwd roy

Now insert your new password, and then of course insert it again.
Code:
# sync; sync
# mount -o remount,ro /
# reboot -f

After the reboot, you're back in your standard system. Is it solved?
--
Bye
# 7  
Old 09-10-2012
Bug
Right then Lem. Here is the latest:

Code:
roy@roy-desktop:~$ passwd -S roy
roy NP 12/15/2011 0 99999 7 -1

So the password is NOW unlocked and has been since I
Code:
cp /etc/shadow /etc/shadow.bak2

and
Code:
cp /etc/shadow.bak /etc/shadow

I presume that I can login without password because mine is the Admin account and otherwise the whole system would be inoperable?

I can confirm that there are currently NO
Code:
passwd.lock shadow.lock gshadow.lock group.lock

There may have been before the above?

NOW AFTER TAKING A BREAK

Success - I have succeeded in changing my password in root and now have access to sudo and this is how it was done!

Code:
roy@roy-desktop:~$ sudo passwd roy -S
[sudo] password for roy: 
roy P 09/10/2012 0 99999 7 -1

However, a user account is still locked.
Code:
roy@roy-desktop:~$ sudo passwd robyn -S
robyn L 12/15/2011 0 99999 7 -1
roy@roy-desktop:~$ sudo passwd robyn
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
robyn L 12/15/2011 0 99999 7 -1
roy@roy-desktop:~$ sudo passwd -u robyn
passwd: password expiry information changed.
roy@roy-desktop:~$ sudo passwd robyn -S
robyn P 09/10/2012 0 99999 7 -1

roy@roy-desktop:~$ ls -l /etc/shadow
-rw-r----- 1 roy roy 1066 2012-09-10 14:07 /etc/shadow
roy@roy-desktop:~$ ls -l /etc/shadow*
-rw-r----- 1 roy roy 1066 2012-09-10 14:07 /etc/shadow
-rw------- 1 roy roy 1066 2012-09-10 14:07 /etc/shadow-
-rw------- 1 roy roy 1002 2012-01-24 18:19 /etc/shadow-~
-rw-r----- 1 roy roy  968 2012-01-24 18:21 /etc/shadow.bak
-rw-r----- 1 roy roy 1297 2012-09-07 17:06 /etc/shadow.bak2
roy@roy-desktop:~$ ls -l /etc/passwd*
-rw-r--r-- 1 roy roy 1997 2012-09-10 14:07 /etc/passwd
-rw------- 1 roy roy 1997 2012-09-10 14:07 /etc/passwd-
roy@roy-desktop:~$ sudo chown root:root /etc/shadow*
roy@roy-desktop:~$ ls -l /etc/shadow*
-rw-r----- 1 root root 1066 2012-09-10 14:07 /etc/shadow
-rw------- 1 root root 1066 2012-09-10 14:07 /etc/shadow-
-rw------- 1 root root 1002 2012-01-24 18:19 /etc/shadow-~
-rw-r----- 1 root root  968 2012-01-24 18:21 /etc/shadow.bak
-rw-r----- 1 root root 1297 2012-09-07 17:06 /etc/shadow.bak2
roy@roy-desktop:~$ sudo chown root:root /etc/passwd
roy@roy-desktop:~$ ls -l /etc/passwd
-rw-r--r-- 1 root root 1997 2012-09-10 14:07 /etc/passwd
roy@roy-desktop:~$ sudo chown root:root /etc/passwd*
roy@roy-desktop:~$ ls -l /etc/passwd
-rw-r--r-- 1 root root 1997 2012-09-10 14:07 /etc/passwd
roy@roy-desktop:~$ ls -l /etc/passwd*
-rw-r--r-- 1 root root 1997 2012-09-10 14:07 /etc/passwd
-rw------- 1 root root 1997 2012-09-10 14:07 /etc/passwd-
roy@roy-desktop:~$ sudo chown root:shadow /etc/passwd*
roy@roy-desktop:~$ ls -l /etc/passwd*
-rw-r--r-- 1 root shadow 1997 2012-09-10 14:07 /etc/passwd
-rw------- 1 root shadow 1997 2012-09-10 14:07 /etc/passwd-

roy@roy-desktop:~$ sudo lsof /etc/passwd
[sudo] password for roy: 
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sudo    27415 root    3r   REG    8,1     1997 3499 /etc/passwd

roy@roy-desktop:~$ grep roy /etc/shadow
grep: /etc/shadow: Permission denied
roy@roy-desktop:~$ sudo grep roy /etc/shadow
roy:$6$pbvzv3b0$EofbFYlDFAV1E6oSKYYU3U/FQiKZHqWCjlEWKWM55W2qQxGo7JjiECLjJiJ0n1y68arhGaD3vKRhCWk9YvKA10:15593:0:99999:7:::

There is still a '3r' after/under 'FD'

If you can see anything else that needs to be corrected, please let me know.

Thanks very much Lem and Jim. SmilieSmilieSmilie
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. HP-UX

Ignite-UX INDEX file messed up, how to recreate?

OK, so I just messed myself up. Thinking the /var/opt/ignite/data/INDEX files was static, I manually edited the file and added 2 more OS's to it. During an Install it only showed the first OS (started with 11.31, 3 versions then added a 11.23, and a 11.11 stanza's). The 11.23 and 11.11 never... (2 Replies)
Discussion started by: mrmurdock
2 Replies

2. AIX

Oracle ASM accidentally messed with my hdisk

I have AIX 5.3 with oracle 10g ( test server). While trying to create RAW disk for Oracle ASM I have accidentally messed with rootvg (hdisk0 & hdisk1) When I do # lspv hdisk0 0516-066 : Physical volume is not a volume group member. Check the physical volume name specified. ... (4 Replies)
Discussion started by: George_Samaan
4 Replies

3. UNIX for Dummies Questions & Answers

messed up path

Help!! Seem to have messed up my path, as I keep getting command not found error. Could someone please tell whats wrong or how to fix it. export PATH=/opt/local/bin:/opt/local/sbin:/usr/bin:$PATH ---------- Post updated at 08:34 PM ---------- Previous update was at 07:50 PM ---------- ... (1 Reply)
Discussion started by: davcra
1 Replies

4. Linux

history timestamp is messed up

Hi, Just wanted to know if anyone else has noted that the time-stamp in the history is all out of whack.:eek: I've Ubuntu, all patched, and when I ran history, it showed me commands that I ran few weeks ago with today's date. Is this normal? Here is a snippet: .... 85 2010-06-09 09:03:31... (6 Replies)
Discussion started by: nitin
6 Replies

5. UNIX for Dummies Questions & Answers

Messed up my boot environment or root profile

Ok, a couple weeks ago I was fixing a cron report about perl not happy with 'locale' info (LANG and LC not set). As a result, I was experimenting with setting the correct 'locale' in several areas (like /etc/sysconfig/i18n and who knows where). Somehow after a reboot, as soon as the OS starts... (3 Replies)
Discussion started by: Garball
3 Replies

6. UNIX for Dummies Questions & Answers

Can't loging because .basrc file messed up

Dear Friends, I have messed up with my .bashrc file (something I have deleted) and now i can't login back to system.. any Idea.. I can do login with other login and password.. but I dont have root password because of security reason... If I ask root then It will take about 4 -5 days to go... (4 Replies)
Discussion started by: umeshjaviya
4 Replies

7. AIX

Totally messed up

I have moved the etc/passwd file and we are now unable to get in to Unix - any suggestions? (2 Replies)
Discussion started by: vbagwell
2 Replies

8. Shell Programming and Scripting

I think I have messed up with crontab

Hi Guy, In my system there were some cronjob were already scheduled. and somehow I want to enter one new cronjob with crontab. So I isssue crontab temp.txt. it scheduled that job but now it's showing me only this job with crontab -l. but I can not see the old cronjob list that already set up.... (2 Replies)
Discussion started by: vishalpatel03
2 Replies

9. UNIX for Dummies Questions & Answers

Messed up tar files

I created tar files for directories using this command: tar -cvf * >tarfile what happened was I got a file tarfile with a list of the files and it took the first file in each directory and overwrote it with the actual tar file. I've been trying to figure out since yesterday what I did... (2 Replies)
Discussion started by: Barb
2 Replies

10. UNIX for Dummies Questions & Answers

how do u remove a messed up freebsd boot installation?

i messed up while installing freebsd into a dual os wannabe system. Now, how do i del it( so i wouldn't get prompted to choose freebsd during boot?)so that i could try installing a different flavour of linux? cheers:eek: (1 Reply)
Discussion started by: coffeecoolers
1 Replies
Login or Register to Ask a Question