I am unable to change my password even in root (recovery mode), or to unlock it. I can still access my account, but without password protection. In GUI Administrator account 'disabled' is displayed.
This is what I have done so far:
In root:
Code:
#usermod -U roy
usermod:cannot lock /etc/passwd; try again later
~#passwd roy
Enter new Unix password:done
Retype new Unix password:done
passwd:Authentication token manipulation error
passwd: password unchanged
passwd -a -S
roy L 09/05/2012 0 99999 7 -1
passwd -d roy
passwd:cannot lock /etc/shadow; try again later
Two days later again root shell:
Code:
<mount -o rw,remount /
chmod 0440 /etc/sudoers
ls -l /etc/sudoers
-r--r----- 1 root root 574 2011-09-11 (todays date is 2012-09-07)
I think that I have to admit that "I am in out of my depth".
It looks like a usermod or useradd command aborted somehow and left locks on files.
Use the lsof command to see what is going on with /etc/passwd and /etc/shadow.
You may have to reboot into single user mode to fix your problems, but try lsof first.
lsof /etc/passwd
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
gnome-set 1449 roy 17r REG 8,1 1997 2260 /etc/passwd
applet.py 2218 roy 11r REG 8,1 1997 2260 /etc/passwd
roy@roy-desktop:~$ lsof /etc/shadow
roy@roy-desktop:~$
However, since posting my original, I did:
Code:
cp /etc/shadow /etc/shadow.bak2
Then:
Code:
cp /etc/shadow.bak /etc/shadow
As a result please note in the following that the date of shadow is now current.
Code:
roy@roy-desktop:~$ ls -l /etc/shadow*
-rw-r----- 1 roy roy 968 'some earlier date' /etc/shadow
-rw------- 1 roy roy 1296 2012-09-05 13:55 /etc/shadow-
-rw------- 1 roy roy 1002 2012-01-24 18:19 /etc/shadow-~
-rw-r----- 1 roy roy 968 2012-01-24 18:21 /etc/shadow.bak
Would you not think that the culprit here is : shadow- dated 2012-09-05?
Code:
roy@roy-desktop:~$ ls -l /etc/shadow*
-rw-r----- 1 roy roy 968 2012-09-07 17:07 /etc/shadow
-rw------- 1 roy roy 1296 2012-09-05 13:55 /etc/shadow-
-rw------- 1 roy roy 1002 2012-01-24 18:19 /etc/shadow-~
-rw-r----- 1 roy roy 968 2012-01-24 18:21 /etc/shadow.bak
-rw-r----- 1 roy roy 1297 2012-09-07 17:06 /etc/shadow.bak2
I doubt that I would know where to start to boot into single user mode?
a) Why does /etc/passwd belong to roy roy, and not to root shadow?
This is really unsafe.
Quote:
Code:
passwd -a -S
roy L 09/05/2012 0 99999 7 -1
b) Do you see that "L" here above?
Your account looks locked.
From man passwd:
Quote:
-l, --lock
Lock the password of the named account. This option disables a password by changing it
to a value which matches no possible encrypted value (it adds a ´!´ at the beginning
of the password).
Note that this does not disable the account. The user may still be able to login using
another authentication token (e.g. an SSH key). To disable the account, administrators
should use usermod --expiredate 1 (this set the account's expire date to Jan 2, 1970).
Users with a locked password are not allowed to change their password.
[...]
-u, --unlock
Unlock the password of the named account. This option re-enables a password by
changing the password back to its previous value (to the value before using the -l
option).
This should explain why here below you have two r, instead of a w and a u:
Quote:
Code:
lsof /etc/passwd
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
gnome-set 1449 roy 17r REG 8,1 1997 2260 /etc/passwd
applet.py 2218 roy 11r REG 8,1 1997 2260 /etc/passwd
To confirm, could you post the output of: # grep roy /etc/shadow?
No fear: you're there, you have physical access to the system, so you can do anything. This problem will be solved.
--
Bye
roy@roy-desktop:~$ grep roy /etc/shadow
roy::15323:0:99999:7:::
I have been duplicating your comments on a second computer and can now see the differences for myself.
I cannot explain what may have caused these errors, but I assume they can easily be corrected from root shell, or are you suggesting the use of expiredate 1 below?
Quote:
-l, --lock
Lock the password of the named account. This option disables a password by changing it
to a value which matches no possible encrypted value (it adds a ´!´ at the beginning
of the password).
Note that this does not disable the account. The user may still be able to login using
another authentication token (e.g. an SSH key). To disable the account, administrators
should use usermod --expiredate 1 (this set the account's expire date to Jan 2, 1970).
Users with a locked password are not allowed to change their password.
[...]
-u, --unlock
Unlock the password of the named account. This option re-enables a password by
changing the password back to its previous value (to the value before using the -l
option).
I certainly have read the above many times, but did not feel happy to try the -l option for passwd as I have no idea what an SSH key is. Also I did read man usermod for expiredate 1, but thought I might be opening another "can of worms"?
I can see that the end is nigh, as I will have full confidence with expert guidance and it is a great way to learn!
Ok, I see again something strange here. Since your second field in /etc/shadow, after roy, is empty
Quote:
Code:
roy@roy-desktop:~$ grep roy /etc/shadow
roy::15323:0:99999:7:::
AFAIK you should read:
Code:
passwd -a -S
roy NP 09/05/2012 0 99999 7 -1
NP stands for NoPassword, AFAIK. You read instead L (Locked), but a locked account should have its second field in /etc/password containing at least and invalid char, like ! or *. :-o
However you can login without password, and this is consistent with an NP account (you couldn't login with a locked account).
With an NP account (empty password), roy cannot change its password, but surely root should be able to do it.
Let's try something.
I'm sure that your filesystem cannot be full, since you've been able to copy a file. So this isn't your problem.
From what you've already posted, I'm sure you don't have these files:
If they exist, they should be deleted and this should solve the problem, but if you don't have them...
Let's make an attempt rebooting this way:
1) # shutdown -r now
2) At boot time, press any key to have the grub2 menu showing up; at the grub2 menu select the kernel you usually boot (most probably the first of the list), but don't press ENTER, just press E (editing)
3) go at the end of the line beginning with "linux", press SPACE and then insert this string: init=/bin/bash. Be careful: grub2 thinks you're using an English keyboard. With a different keyboard you should type something a bit different (with an italian keyboard I should type "initì-bin-bash") to get "init=/bin/bash" on screen
4) press CTRL+X to boot (I guess it's CTRL+X, follow on screen instructions)
5) now you're in the system and - this is the funny thing - you're root without even knowing root's password (you can save this trick for the future), and you do this:
Code:
# mount -o remount,rw /
# passwd roy
Now insert your new password, and then of course insert it again.
Code:
# sync; sync
# mount -o remount,ro /
# reboot -f
After the reboot, you're back in your standard system. Is it solved?
--
Bye
OK, so I just messed myself up. Thinking the /var/opt/ignite/data/INDEX files was static, I manually edited the file and added 2 more OS's to it. During an Install it only showed the first OS (started with 11.31, 3 versions then added a 11.23, and a 11.11 stanza's).
The 11.23 and 11.11 never... (2 Replies)
I have AIX 5.3 with oracle 10g ( test server). While trying to create RAW disk for Oracle ASM I have accidentally messed with rootvg (hdisk0 & hdisk1)
When I do
# lspv hdisk0
0516-066 : Physical volume is not a volume group member.
Check the physical volume name specified. ... (4 Replies)
Help!!
Seem to have messed up my path, as I keep getting command not found error. Could someone please tell whats wrong or how to fix it.
export PATH=/opt/local/bin:/opt/local/sbin:/usr/bin:$PATH
---------- Post updated at 08:34 PM ---------- Previous update was at 07:50 PM ----------
... (1 Reply)
Hi,
Just wanted to know if anyone else has noted that the time-stamp in the history is all out of whack.:eek:
I've Ubuntu, all patched, and when I ran history, it showed me commands that I ran few weeks ago with today's date. Is this normal?
Here is a snippet:
....
85 2010-06-09 09:03:31... (6 Replies)
Ok, a couple weeks ago I was fixing a cron report about perl not happy with 'locale' info (LANG and LC not set). As a result, I was experimenting with setting the correct 'locale' in several areas (like /etc/sysconfig/i18n and who knows where). Somehow after a reboot, as soon as the OS starts... (3 Replies)
Dear Friends,
I have messed up with my .bashrc file (something I have deleted) and now i can't login back to system..
any Idea..
I can do login with other login and password.. but I dont have root password because of security reason...
If I ask root then It will take about 4 -5 days to go... (4 Replies)
Hi
Guy,
In my system there were some cronjob were already scheduled. and somehow I want to enter one new cronjob with crontab. So I isssue crontab temp.txt. it scheduled that job but now it's showing me only this job with crontab -l. but I can not see the old cronjob list that already set up.... (2 Replies)
I created tar files for directories using this command:
tar -cvf * >tarfile
what happened was I got a file tarfile with a list of the files and it took the first file in each directory and overwrote it with the actual tar file. I've been trying to figure out since yesterday what I did... (2 Replies)
i messed up while installing freebsd into a dual os wannabe system.
Now, how do i del it( so i wouldn't get prompted to choose freebsd during boot?)so that i could try installing a different flavour of linux?
cheers:eek: (1 Reply)