From owner-freebsd-questions@FreeBSD.ORG Mon Jul 9 21:30:41 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 92C4E16A400 for ; Mon, 9 Jul 2007 21:30:41 +0000 (UTC) (envelope-from dkelly@Grumpy.DynDNS.org) Received: from smtp.knology.net (smtp.knology.net [24.214.63.101]) by mx1.freebsd.org (Postfix) with ESMTP id 2CD2913C455 for ; Mon, 9 Jul 2007 21:30:41 +0000 (UTC) (envelope-from dkelly@Grumpy.DynDNS.org) Received: (qmail 27493 invoked by uid 0); 9 Jul 2007 21:30:38 -0000 Received: from unknown (HELO Grumpy.DynDNS.org) (216.186.148.249) by smtp3.knology.net with SMTP; 9 Jul 2007 21:30:38 -0000 Received: by Grumpy.DynDNS.org (Postfix, from userid 928) id 8692728425; Mon, 9 Jul 2007 16:30:38 -0500 (CDT) Date: Mon, 9 Jul 2007 16:30:38 -0500 From: David Kelly To: Chuck Swiger Message-ID: <20070709213038.GA66595@Grumpy.DynDNS.org> References: <3A85D7EF44E1C744BF6434691F5659E9702CFD@www.fcimail.org> <20070709201750.GA66218@Grumpy.DynDNS.org> <469299A6.4090006@boosten.org> <77FE6039-9C53-4579-BCD6-C7C7199D37A6@mac.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <77FE6039-9C53-4579-BCD6-C7C7199D37A6@mac.com> User-Agent: Mutt/1.4.2.3i Cc: freebsd-questions@freebsd.org, Peter Boosten Subject: Re: password failure- after mergmaster X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: FreeBSD-Questions@FreeBSD.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jul 2007 21:30:41 -0000 On Mon, Jul 09, 2007 at 01:29:44PM -0700, Chuck Swiger wrote: > On Jul 9, 2007, at 1:25 PM, Peter Boosten wrote: > > > >Having read this I must admit that it's a complete mystery to me why > >mergemaster would touch your password file at all... > > Because sometimes new versions of the OS come with new built-in user > accounts, which need to be added to the existing passwd or groups > databases somehow? Yes, exactly. Have to *merge* the changes into /etc/master.passwd rather than brute force overwrite. Notice the difference from my first post in this thread, the file which was clobbered is /etc/master.passwd, not just /etc/passwd which is a dummy file generated from master.passwd. In single user he can "mount -a" to get all the filesystems mounted read/write, then extract /etc/master.passwd file from his level 0 dump. But once again it needs to be diff'ed against the "new" version written by mergemaster to see why mergemaster changed it. Then the password databases need to be rebuilt. The easiest way (and only way I remember without manpage surfing) is to run vipw and trivially change the master password file. On exit vipw rebuilds the password databases with pwd_mkdb(8) (I had to look that up). -- David Kelly N4HHE, dkelly@HiWAAY.net ======================================================================== Whom computers would destroy, they must first drive mad.