Date: Thu, 08 Jan 2009 16:14:51 -0500 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: "Bert-Jan" <info@bert-jan.com> Cc: freebsd-questions@freebsd.org, cperciva@freebsd.org Subject: Re: Login accounts don't work after update to 7.1 Message-ID: <44k595qz3o.fsf@be-well.ilk.org> In-Reply-To: <20af5b6d6703bc7b2575a763e7c70822.squirrel@admin.bert-jan.com> (Bert-Jan's message of "Wed\, 7 Jan 2009 13\:47\:43 %2B0100 \(CET\)") References: <20af5b6d6703bc7b2575a763e7c70822.squirrel@admin.bert-jan.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Bert-Jan" <info@bert-jan.com> writes: > Hi Folks, > > I just updated one of my servers from 7.0-RC1 to 7.1-RELEASE. > > During the first freebsd-update install, before rebooting, I was surprised > to find that it was going to change my /etc/passwd (deleting all my > accounts, keeping only the built-in accounts) and /etc/pwd.db and > /etc/spwd.db. I was quite suspicious so I made copies of them. freebsd-update should merge master.passwd, and re-generate all of those files from there. What did you do with master.passwd? Note that backup copies of master.passwd are kept in /var/backup. None of the other files, because they're generated from there. > After rebooting the machine came back online perfectly. I checked > /etc/passwd but there were no changes yet. Then, as the docs says, I ran > freebsd-update install again and it took quite a while. *Then* my > /etc/passwd was changed, so I replaced it with the spare copy I made. Of That spare copy doesn't help at all; /etc/passwd is only there as a convenience to users, and isn't consulted by the system for anything. > course I had to test it now so I exitted from root back to my own account, > and you guessed it: I can't su anymore: > > $ su - > su: who are you? > > I started up a second session and found my own account doesn't work > anymore either. So all I have now is an open session with my own account. > I should probably also have copied the two db files back and of course I > should have left my running root session open and started another one. Not > a very bright moment.. Does the root account itself have a password? If you installed a generic password file, it may be unprotected, and you could log in (but not su, as that requires you first be logged in as a wheel user, of which you may have none left) as root without a password if you have a local terminal (a serial console, for example), and fix things from there. > Is there a way I can recover the server from this ? > Of course I can put in a cd and change some passwords, but the server is > in a datacenter and I don't really have the time to go there and fix it. > I'm looking for a remote solution. I guess you don't have any out-of-band access to the machine, then. You may be stuck with having to go to it physically, then. > It's probably not much help but there's one jail running on it that's > still working fine. I can login and su on that one, but I don't know if I > can use it to repair the main system. I sure hope that won't help. That would defeat the point of jails, wouldn't it? ;-) -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44k595qz3o.fsf>