"Bert-Jan" <i...@bert-jan.com> writes:
> Hi Folks,
> I just updated one of my servers from 7.0-RC1 to 7.1-RELEASE.
> During the first freebsd-update install, before rebooting, I was surprised
> to find that it was going to change my /etc/passwd (deleting all my
> accounts, keeping only the built-in accounts) and /etc/pwd.db and
> /etc/spwd.db. I was quite suspicious so I made copies of them.
freebsd-update should merge master.passwd, and re-generate all of those
files from there. What did you do with master.passwd?
Note that backup copies of master.passwd are kept in /var/backup. None
of the other files, because they're generated from there.
> After rebooting the machine came back online perfectly. I checked
> /etc/passwd but there were no changes yet. Then, as the docs says, I ran
> freebsd-update install again and it took quite a while. *Then* my
> /etc/passwd was changed, so I replaced it with the spare copy I made. Of
That spare copy doesn't help at all; /etc/passwd is only there as a
convenience to users, and isn't consulted by the system for anything.
> course I had to test it now so I exitted from root back to my own account,
> and you guessed it: I can't su anymore:
> $ su -
> su: who are you?
> I started up a second session and found my own account doesn't work
> anymore either. So all I have now is an open session with my own account.
> I should probably also have copied the two db files back and of course I
> should have left my running root session open and started another one. Not
> a very bright moment..
Does the root account itself have a password? If you installed a
generic password file, it may be unprotected, and you could log in (but
not su, as that requires you first be logged in as a wheel user, of
which you may have none left) as root without a password if you have a
local terminal (a serial console, for example), and fix things from there.
> Is there a way I can recover the server from this ?
> Of course I can put in a cd and change some passwords, but the server is
> in a datacenter and I don't really have the time to go there and fix it.
> I'm looking for a remote solution.
I guess you don't have any out-of-band access to the machine, then. You
may be stuck with having to go to it physically, then.
> It's probably not much help but there's one jail running on it that's
> still working fine. I can login and su on that one, but I don't know if I
> can use it to repair the main system.
I sure hope that won't help. That would defeat the point of jails,
wouldn't it? ;-)
Lowell Gilbert, embedded/networking software engineer, Boston area
email@example.com mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"