bad root shell in /etc/passwd
I mistakenly changed the root shell to something which doesn't exist. Was trying to make it bash and used /bin/bash instead of /usr/local/bin/bash. As a consequence, all login attempts fail because the shell can't be found. Unfortunatley, I shut down the session in which I modified /etc/passwd and I don't have a root shell running anywhere, so I can't fix it. I'm concerned that booting single user will have the same problem. Or will it fall back to /bin/sh? guidance? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: bad root shell in /etc/passwd
On Sep 26, 2012, at 6:06 PM, Gary Aitken wrote: I mistakenly changed the root shell to something which doesn't exist. Was trying to make it bash and used /bin/bash instead of /usr/local/bin/bash. As a consequence, all login attempts fail because the shell can't be found. Unfortunatley, I shut down the session in which I modified /etc/passwd and I don't have a root shell running anywhere, so I can't fix it. I'm concerned that booting single user will have the same problem. Or will it fall back to /bin/sh? guidance? Single-user mode will prompt you. The default is /bin/sh but you can change it. You should be able to solve the problem by entering single-user mode. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: bad root shell in /etc/passwd
On Wed, 26 Sep 2012 19:06:18 -0600, Gary Aitken wrote: I mistakenly changed the root shell to something which doesn't exist. Was trying to make it bash and used /bin/bash instead of /usr/local/bin/bash. A typical Linuxism. :-) As a consequence, all login attempts fail because the shell can't be found. That's why you should be using the toor account and leave root unchanged. Some may say that as soon as you're changing the root shell because you're doing much work as root, you're obvuously doing something wrong. :-) Also note that tools like su (su -m, su -) and super are in many cases better suited for making the CLI environment more comfortable than changing the shell of the root account. Unfortunatley, I shut down the session in which I modified /etc/passwd and I don't have a root shell running anywhere, so I can't fix it. Maybe without rebooting you can do this: Enter su -m (if your non-root user is allowed to su root, then enter chsh and set the root shell back to the default. I'm concerned that booting single user will have the same problem. When you can successfully boot into SUM, you will be prompted for the shell to start. /bin/sh is the default shell (even though it is a quite ugly dialog shell -- still it's considered a maintenance and emergency use only shell at this point. It will be powerful enough to call the chsh command to get root back into normal condition. Or will it fall back to /bin/sh? No, you will be prompted for the shell to be executed. guidance? Try the su -m trick first. If it doesn't work: Reboot into SUM, and at the Enter full pathname of shell or RETURN for /bin/sh: prompt, press RETURN. In worst case (e. g. if you have accidentally damaged /bin/sh, maybe by overwriting it with a dynamically linked bash), you could type /rescue/sh instead. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: bad root shell in /etc/passwd
On 9/26/2012 9:06 PM, Gary Aitken wrote: Probably not. Just boot a livecd that supports your HBA and FS, mount your Root FS, and: # vipwd -d /mnt/rootfs or mount /usr as well and: # chroot /mnt/rootfs usermod -s /usr/local/bin/bash root guidance? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Brian A. Seklecki bsekle...@probikesllc.com CE-Pro Bikes, LLC 412-378-3823 (m) PGP Key Available Upon Request ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: bad root shell in /etc/passwd
Thanks, all. On 09/26/12 19:18, Polytropon wrote: On Wed, 26 Sep 2012 19:06:18 -0600, Gary Aitken wrote: I mistakenly changed the root shell to something which doesn't exist. Was trying to make it bash and used /bin/bash instead of /usr/local/bin/bash. A typical Linuxism. :-) Never run on one enough to learn any of those. It's a dumbism, too-fast-with-the-fingersism, slow-functioning-brainism... That's why you should be using the toor account and leave root unchanged. I realized that about the time I learned I had given root to a bad shell path; at which time I also realized I hadn't given toor a pw. Some may say that as soon as you're changing the root shell because you're doing much work as root, you're obvuously doing something wrong. :-) A (too) faint voice in the back of my head was saying that... Also note that tools like su (su -m, su -) and super are in many cases better suited for making the CLI environment more comfortable than changing the shell of the root account. That's what I usually do, but I was (am) having trouble getting .shrc to actually take. Was modifying passwd to fix my own account, and decided to fix root at the same time -- I had changed it to csh and didn't think that was a good idea. At first changed it back to /bin/sh, and then decided to try bash as it should be a super-set. Although I think that is probably unwise. Maybe without rebooting you can do this: Enter su -m (if your non-root user is allowed to su root, then enter chsh and set the root shell back to the default. su -m won't work because of the bad shell As a security precaution, if the target user's shell is a non-standard shell (as defined by getusershell(3)) and the caller's real uid is non- zero, su will fail. When you can successfully boot into SUM, you will be prompted for the shell to start. /bin/sh is the default shell (even though it is a quite ugly dialog shell -- still it's considered a maintenance and emergency use only shell at this point. It will be powerful enough to call the chsh command to get root back into normal condition. chsh and vipw won't work from SUM until you mount /usr, which fortunately was all intact. back on the road again, thanks, Gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: bad root shell in /etc/passwd
On Wed, 26 Sep 2012 22:07:26 -0600, Gary Aitken wrote: Thanks, all. On 09/26/12 19:18, Polytropon wrote: That's why you should be using the toor account and leave root unchanged. I realized that about the time I learned I had given root to a bad shell path; at which time I also realized I hadn't given toor a pw. The toor account will be locked until put into use, so no security risk. Maybe without rebooting you can do this: Enter su -m (if your non-root user is allowed to su root, then enter chsh and set the root shell back to the default. su -m won't work because of the bad shell As a security precaution, if the target user's shell is a non-standard shell (as defined by getusershell(3)) and the caller's real uid is non- zero, su will fail. Ah okay, I didn't check that security feature in particular. As su -m usually continues the current user shell, as described for the -m option: Leave the environment unmodified. The invoked shell is your login shell, and no directory changes are made. Immediately followed by the restriction you quoted. :-) When you can successfully boot into SUM, you will be prompted for the shell to start. /bin/sh is the default shell (even though it is a quite ugly dialog shell -- still it's considered a maintenance and emergency use only shell at this point. It will be powerful enough to call the chsh command to get root back into normal condition. chsh and vipw won't work from SUM until you mount /usr, which fortunately was all intact. That's correct, those are located in /usr/bin (which _may_ be on a separate partition that requires mounting before use). Depending on how $EDITOR is set (_if_ it should be set somehow), the availability of this editor (default: /usr/bin/vi) will decide about the functionality of the vipw or chsh commands. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: bad root shell
su -m only works when you have a bad shell, if your uid is 0
su(1)
-m Leave the environment unmodified. The invoked shell is your
login shell, and no directory changes are made. As a
security
precaution, if the target user's shell is a non-standard
shell
(as defined by getusershell(3)) and the caller's real
uid is non-
zero, su will fail.
But otherwise, yours would be the right answer, I believe.
Mark
--
On 20 Dec 2003 at 23:32, Scott I. Remick wrote:
{Re: bad root shell...}:
On Sat, 20 Dec 2003 09:44:17 -0800, Mark McConnell wrote:
An error in a pw* script inserted a non-existent shell into the password
database, effectively locking out root.
I used a fixit disk to correct the problem, using this procedure:
Unless I'm missing something, seems like the long way to do this. Last
time I did this to myself, I did the following:
1) Log in as a user who can su to root.
2) Use su -m to su to root without changing your current shell
3) As root, use chpass -s to change your shell to a working one.
Of course, this won't work if your only account is root or you don't
have anyone else in the wheel group, so maybe it doesn't apply to you.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Mark McConnell - Portland, OR
Technical Imaging Systems
[EMAIL PROTECTED]
503-546-0517
[EMAIL PROTECTED]
503-257-7591
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
bad root shell
An error in a pw* script inserted a non-existent shell into the password database, effectively locking out root. I used a fixit disk to correct the problem, using this procedure: 1. mount boot drive to /mnt 2. provide myself with a working mkdb and vi (for chpass): # mkdir /usr/sbin /usr/bin # ln -s /mnt/usr/sbin/pwd_mkdb /usr/sbin/pwd_mkdb # ln -s /mnt/usr/bin/vi /usr/bin/vi 3. link pwd.db, spwd.db, group, passwd, master.passwd, ex: # rm /etc/group /etc/spwd.db # for i in `ls /mnt/etc/` ; do ln -s /mnt/etc/$i /etc/$i ; done 4. run mkdb # /usr/sbin/pwd_mkdb master.passwd 5. Using chpass to change root's shell from `badshell' to csh # chpass root :s/badshell/\/bin\/csh/ All of this appears to do work without errors: # pw usershow -u root root:*:0:0::0:0:Charlie :/root:/bin/csh However, when I log in as root, I am still locked out with the message: $ su Password: badshell: No such file or directory I am still stupid. I am still locked out. /etc/passwd and /etc/master.passwd no longer show the badshell. My configuration appears to be deeply broken. Why does my procedure fail? Mark -- Mark McConnell - Portland, OR Technical Imaging Systems [EMAIL PROTECTED] 503-546-0517 [EMAIL PROTECTED] 503-257-7591 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bad root shell
On Sat, 2003-12-20 at 12:44, Mark McConnell wrote: An error in a pw* script inserted a non-existent shell into the password database, effectively locking out root. I used a fixit disk to correct the problem, using this procedure: 1. mount boot drive to /mnt 2. provide myself with a working mkdb and vi (for chpass): # mkdir /usr/sbin /usr/bin # ln -s /mnt/usr/sbin/pwd_mkdb /usr/sbin/pwd_mkdb # ln -s /mnt/usr/bin/vi /usr/bin/vi 3. link pwd.db, spwd.db, group, passwd, master.passwd, ex: # rm /etc/group /etc/spwd.db # for i in `ls /mnt/etc/` ; do ln -s /mnt/etc/$i /etc/$i ; done 4. run mkdb # /usr/sbin/pwd_mkdb master.passwd 5. Using chpass to change root's shell from `badshell' to csh # chpass root :s/badshell/\/bin\/csh/ All of this appears to do work without errors: # pw usershow -u root root:*:0:0::0:0:Charlie :/root:/bin/csh However, when I log in as root, I am still locked out with the message: $ su Password: badshell: No such file or directory I am still stupid. I am still locked out. /etc/passwd and /etc/master.passwd no longer show the badshell. My configuration appears to be deeply broken. Why does my procedure fail? Just a thought, does /bin/csh live in /etc/shells? Is csh actually in the /bin directory? Is it executable? Perhaps try using /bin/sh for your shell. Steve Mark -- Mark McConnell - Portland, OR Technical Imaging Systems [EMAIL PROTECTED] 503-546-0517 [EMAIL PROTECTED] 503-257-7591 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bad root shell
On Sat, 20 Dec 2003 09:44:17 -0800, Mark McConnell wrote: An error in a pw* script inserted a non-existent shell into the password database, effectively locking out root. I used a fixit disk to correct the problem, using this procedure: Unless I'm missing something, seems like the long way to do this. Last time I did this to myself, I did the following: 1) Log in as a user who can su to root. 2) Use su -m to su to root without changing your current shell 3) As root, use chpass -s to change your shell to a working one. Of course, this won't work if your only account is root or you don't have anyone else in the wheel group, so maybe it doesn't apply to you. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
