Date: Sun, 22 Nov 2009 08:14:00 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: George Sanders <gosand1982@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: How can I rescue my passwd file after corrupting it (and why does it still work) ? Message-ID: <4B08F2C8.2040901@infracaninophile.co.uk> In-Reply-To: <739790.37971.qm@web111611.mail.gq1.yahoo.com> References: <739790.37971.qm@web111611.mail.gq1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig866FC67F137ED464D9025FAC
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
George Sanders wrote:
>=20
> I do some automated account creation on a FreeBSD 6.x system ... and un=
beknownst to me, the '/' filesystem was completely full when I did my las=
t account creation, resulting in:
>=20
> /: write failed, filesystem is full
> pwd_mkdb: /etc/pwd.db to /etc/pwd.db.tmp: No space left on device
> pw: passwd file update: No space left on device
> pwd_mkdb: corrupted entry
> pwd_mkdb: at line #187
> pwd_mkdb: /mnt/etc/master.passwd: Inappropriate file type or format
>=20
> My situation is now as follows:
>=20
> passwd and master.passwd have a lot of lines missing, and one or two ma=
ngled lines toward the end. So a LOT of user accounts are gone.
>=20
> BUT, all of those missing accounts still work.
>=20
> So ...=20
>=20
> 1) why do all of the accounts that are missing from both passwd and mas=
ter.passwd continue to work properly (they can authenticate and log in ov=
er SSH and so on) ?
>=20
> 2) how can I get back to healthy ?
>=20
> I suspect that somehow my (s)pwd.db files are still healthy ... is it p=
ossible to reconstruct complete passwd/master.passwd files using the exis=
ting (s)pwd.db files ?
There's a backup copy of master.passwd, groups and aliases stored in /var=
/backups
every time any of those files are changed -- the backups are created by t=
he
overnight periodic cron jobs, so you should be able to restore yesterday'=
s status
quo.
Otherwise, you can sort of reconstruct the missing entries from yor maste=
r.passwd
file by using pw(8) -- eg:
% pw user show -n matthew
matthew:*:1001:1001::0:0:Matthew Seaman:/home/matthew:/bin/tcsh
prints out the master.passwd entry for the user account but *without* the=
password crypt-text. You can use:
% pw user show -a=20
to get a list of all users. This should use spwd.db rather than the orig=
inal
flat files -- it will enumerate all users from LDAP or NIS if your machin=
e is
configured to use those. Unfortunately, you will have to merge in the cr=
ypted
password strings by hand or else get all your users to set new passwords.=
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
--------------enig866FC67F137ED464D9025FAC
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.13 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEAREIAAYFAksI8s4ACgkQ8Mjk52CukIyR8ACeOnvHrGgQgGR8KtgHiAikCJ8c
BZEAniF4q8CvEjavFuuvORGgibWWPXiB
=zZfc
-----END PGP SIGNATURE-----
--------------enig866FC67F137ED464D9025FAC--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B08F2C8.2040901>