Yeah, he works for our company. We came to an understanding, he creates the policies, I implement them on the servers I admin. Much less confusion and gnashing of teeth that way.
----- Original Message ---- From: Dustin Puryear <[EMAIL PROTECTED]> To: John Hebert <general at brlug.net> Sent: Tuesday, October 24, 2006 6:37:27 AM Subject: Re: [brlug-general] "unable to lock password file" Does this guy work for your company? If not, what company was it? I'm curious. --- Puryear Information Technology, LLC Baton Rouge, LA * 225-706-8414 http://www.puryear-it.com Author: "Best Practices for Managing Linux and UNIX Servers" "Spam Fighting and Email Security in the 21st Century" Download your free copies: http://www.puryear-it.com/publications.htm Sunday, October 22, 2006, 6:54:53 AM, you wrote: > Thanks for the reply Matt. I've poked around with 'lsattr' and it > looks like he just did 'chattr -R +i /etc/*'. > However, when I do 'lsattr /' in the root dir, I see a couple of > dirs with an "I" attribute (/etc and /sbin). What does the "I" > attribute mean exactly? I read the man page, and it was less than helpful. Or > I'm dense. ;) >>From 'man chattr': > The 'I' attribute is used by the htree code to indicate that a directory > is behind indexed using hashed trees. It may not be set or reset using > chattr(1), > although it can be displayed by > lsattr(1). > ??? > So does this mean the "I" attribute was there by default? Does the > "I" attribute affect a file or folders permissions? > Thanks. > John Hebert > ----- Original Message ---- > From: Matthew Eastman <matt at meastman.org> > To: general at brlug.net > Sent: Saturday, October 21, 2006 10:35:13 PM > Subject: Re: [brlug-general] "unable to lock password file" > You can take a look at which special attributes are set for files > using lsattr. Hopefully that will help you find out which files he had > fun with. > Matt > On 10/21/06, John Hebert <johnahebert at yahoo.com> wrote: >> Howdy, >> >> A "security analyst" made some unknown changes with 'chattr' to a server I'm >> administrating (yeah, I know. I'm waiting on a detailed list of changes he >> made.) and now I can't add or del users from /etc/passwd. When I try, I get >> "unable to lock password file". Also, when I try to change a user's >> password, I get the error "passwd: Authentication token lock busy". >> >> I've removed the immutable bit from /etc/passwd* and /etc/shadow* with >> 'chattr -i ...' and it still didn't work. I even recursively removed the >> immutable bit for /etc/* and _still_ can't add or delete users. >> >> Anybody ever see anything like this? Where does the password lock file get >> created? I think PAM is failing, but I'm not sure why. >> >> Thanks, >> John Hebert >> >> >> >> >> >> _______________________________________________ >> General mailing list >> General at brlug.net >> http://brlug.net/mailman/listinfo/general_brlug.net >> > _______________________________________________ > General mailing list > General at brlug.net > http://brlug.net/mailman/listinfo/general_brlug.net > _______________________________________________ > General mailing list > General at brlug.net > http://brlug.net/mailman/listinfo/general_brlug.net _______________________________________________ General mailing list General at brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
