Howdy, A "security analyst" made some unknown changes with 'chattr' to a server I'm administrating (yeah, I know. I'm waiting on a detailed list of changes he made.) and now I can't add or del users from /etc/passwd. When I try, I get "unable to lock password file". Also, when I try to change a user's password, I get the error "passwd: Authentication token lock busy".
I've removed the immutable bit from /etc/passwd* and /etc/shadow* with 'chattr -i ...' and it still didn't work. I even recursively removed the immutable bit for /etc/* and _still_ can't add or delete users. Anybody ever see anything like this? Where does the password lock file get created? I think PAM is failing, but I'm not sure why. Thanks, John Hebert
