[opensuse] May get some BAD PRESS over this!!
I am on the phone now with a "code jockey" friend of mine in MN, who does ALL of his .Net teaching all over the Country on a laptop with SUSE with VMWare. With my encouragement, he did a clean install with 10.3 64-bit. He called with the SAME problem I had/have today with a clean 32-bit install - somehow during the install, the password encryption (I'm blaming PAM for this one) gets really messed up and you don't have root NOR the user password any longer. Now, it's still "there" but the system won't let you login. I called Patrick Shanahan wondering if he'd run into this before. I had a long time ago with IBM's unix, but had forgotten all about "shadow." Patrick indicated that I should remove the passwords "aflicted" and that the system would ask for a new password(s). I'll know tomorrow night if that works. It didn't with my buddy from MN tonight, but he has a fingerprint reader on his new laptop and that did "save his bacon". 10.3 wouldn't accept a new password, but the fingerprint reader did recognize the image and he was allowed on the box. I don't know how wide spread this problem is, but we sure don't need a reviewer from ZDNet or elsewhere having the same problem!! Fred -- This message originated from a Linux computer using Open Source software: openSuSE Linux 10.3. No Gates, no Windows....just Linux - STABLE & SECURE! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Fred A. Miller wrote:
I am on the phone now with a "code jockey" friend of mine in MN, who does ALL of his .Net teaching all over the Country on a laptop with SUSE with VMWare. With my encouragement, he did a clean install with 10.3 64-bit. He called with the SAME problem I had/have today with a clean 32-bit install - somehow during the install, the password encryption (I'm blaming PAM for this one) gets really messed up and you don't have root NOR the user password any longer.
Now, it's still "there" but the system won't let you login. I called Patrick Shanahan wondering if he'd run into this before. I had a long time ago with IBM's unix, but had forgotten all about "shadow." Patrick indicated that I should remove the passwords "aflicted" and that the system would ask for a new password(s). I'll know tomorrow night if that works.
It didn't with my buddy from MN tonight, but he has a fingerprint reader on his new laptop and that did "save his bacon". 10.3 wouldn't accept a new password, but the fingerprint reader did recognize the image and he was allowed on the box.
I don't know how wide spread this problem is, but we sure don't need a reviewer from ZDNet or elsewhere having the same problem!!
Recovering from a broken root password isn't really that hard. The thing to do in the past is to boot into single user mode, but many distros, openSUSE included, now ask for the root password even in that case. Nowadays, you have to boot some Live CD, mount the partition containing the /etc directory of the OS in question, and edit the /etc/shadow file to remove root's password from the password field. Ie, change: root:$2a$05$vogqUSfWAzEzUHHef/wOIe1bng1W6qYygvOFQ7bIC5bvgwN9u4aPq:13761:::::: to root::13761:::::: Now you'll have a passwordless root and you should be able to boot into single user mode (pass -s to the boot options). Then, immediately set root's password again. -- Jonathan Arnold (mailto:jdarnold@buddydog.org) Linux Brain Dump - Linux Notes, HOWTOs and Tutorials: http://www.linuxbraindump.org Daemon Dancing in the Dark, an Open OS weblog: http://freebsd.amazingdev.com/blog/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 12 October 2007 11:16, Jonathan Arnold wrote:
Recovering from a broken root password isn't really that hard. The thing to do in the past is to boot into single user mode, but many distros, openSUSE included, now ask for the root password even in that case.
Nowadays, you have to boot some Live CD, mount the partition containing the /etc directory of the OS in question, and edit the /etc/shadow file to remove root's password from the password field.
You can just enter "init=/bin/sh" on the Boot Options line of the GRUB boot screen. The system will boot straight into bash and you can use your favorite editor on /etc/shadow. Do NOT use the passwd command at this point, you will have 0-length /etc/passwd and/or /etc/shadow files after you reboot... I'll leave it to somebody smarter than me to explain why since I plain don't know :) After removing the password, use ctrl-alt-delete to restart the machine (if you use "exit" or control-D, you get a kernel panic / hard wait). -- "After the vintage season came the aftermath - and Cenbe." Glenn Holmer (Q-Link: ShadowM) http://www.lyonlabs.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 13 October 2007 06:03, Glenn Holmer wrote:
On Friday 12 October 2007 11:16, Jonathan Arnold wrote:
Recovering from a broken root password isn't really that hard. The thing to do in the past is to boot into single user mode, but many distros, openSUSE included, now ask for the root password even in that case.
Nowadays, you have to boot some Live CD, mount the partition containing the /etc directory of the OS in question, and edit the /etc/shadow file to remove root's password from the password field.
You can just enter "init=/bin/sh" on the Boot Options line of the GRUB boot screen. The system will boot straight into bash and you can use your favorite editor on /etc/shadow.
Technically, when invoked as /bin/sh, BASH operates in its Bourne Shell compatibility mode, which deprives you of many of BASH's innovations. Use /bin/bash to get full functionality.
...
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 13 October 2007 08:48, Randall R Schulz wrote:
Technically, when invoked as /bin/sh, BASH operates in its Bourne Shell compatibility mode, which deprives you of many of BASH's innovations. Use /bin/bash to get full functionality.
/bin/sh is a symlink to bash on 10.3 -- "After the vintage season came the aftermath - and Cenbe." Glenn Holmer (Q-Link: ShadowM) http://www.lyonlabs.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 13 October 2007 07:07, Glenn Holmer wrote:
On Saturday 13 October 2007 08:48, Randall R Schulz wrote:
Technically, when invoked as /bin/sh, BASH operates in its Bourne Shell compatibility mode, which deprives you of many of BASH's innovations. Use /bin/bash to get full functionality.
/bin/sh is a symlink to bash on 10.3
Of course it is. It has been for a very long time. Read what I wrote. Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Oct 13 2007 08:03, Glenn Holmer wrote:
On Friday 12 October 2007 11:16, Jonathan Arnold wrote:
Recovering from a broken root password isn't really that hard. The thing to do in the past is to boot into single user mode, but many distros, openSUSE included, now ask for the root password even in that case.
Nowadays, you have to boot some Live CD, mount the partition containing the /etc directory of the OS in question, and edit the /etc/shadow file to remove root's password from the password field.
You can just enter "init=/bin/sh" on the Boot Options line of the GRUB boot screen. The system will boot straight into bash and you can use your favorite editor on /etc/shadow.
... which is the way how it has been done ever since. But you need /bin/bash otherwise you get, as pointed out, a sh-compat shell.
After removing the password, use ctrl-alt-delete to restart the machine (if you use "exit" or control-D, you get a kernel panic / hard wait).
Actually, you use umount -a reboot -f And I don't see why passwd would not work. Just make sure your root volume is actually read-write (which is the case when using an initrd created with suse), otherwise use mount / -o remount,rw On Oct 13 2007 09:07, Glenn Holmer wrote:
On Saturday 13 October 2007 08:48, Randall R Schulz wrote:
Technically, when invoked as /bin/sh, BASH operates in its Bourne Shell compatibility mode, which deprives you of many of BASH's innovations. Use /bin/bash to get full functionality.
/bin/sh is a symlink to bash on 10.3
That does not matter. When called as sh, it operates in dumb mode. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sat, 2007-10-13 at 16:26 +0200, Jan Engelhardt wrote:
On Oct 13 2007 08:03, Glenn Holmer wrote:
On Friday 12 October 2007 11:16, Jonathan Arnold wrote:
Recovering from a broken root password isn't really that hard. The thing to do in the past is to boot into single user mode, but many distros, openSUSE included, now ask for the root password even in that case.
Nowadays, you have to boot some Live CD, mount the partition containing the /etc directory of the OS in question, and edit the /etc/shadow file to remove root's password from the password field.
You can just enter "init=/bin/sh" on the Boot Options line of the GRUB boot screen. The system will boot straight into bash and you can use your favorite editor on /etc/shadow.
... which is the way how it has been done ever since. But you need /bin/bash otherwise you get, as pointed out, a sh-compat shell.
After removing the password, use ctrl-alt-delete to restart the machine (if you use "exit" or control-D, you get a kernel panic / hard wait).
Actually, you use
umount -a reboot -f
And I don't see why passwd would not work. Just make sure your root volume is actually read-write (which is the case when using an initrd created with suse), otherwise use
mount / -o remount,rw
On Oct 13 2007 09:07, Glenn Holmer wrote:
On Saturday 13 October 2007 08:48, Randall R Schulz wrote:
Technically, when invoked as /bin/sh, BASH operates in its Bourne Shell compatibility mode, which deprives you of many of BASH's innovations. Use /bin/bash to get full functionality.
/bin/sh is a symlink to bash on 10.3
That does not matter. When called as sh, it operates in dumb mode.
I have used Unix/Linux for a couple decades and have not yet had a root password issue. But I know there is always tomorrow. I will be keeping this e-mail. Perhaps this is also on the wiki? It is surely good info. If also a bit of a security issue. -- Roger Oberholtzer OPQ Systems / Ramböll RST Ramböll Sverige AB Kapellgränd 7 P.O. Box 4205 SE-102 65 Stockholm, Sweden Tel: Int +46 8-615 60 20 Fax: Int +46 8-31 42 23 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
* Roger Oberholtzer
I have used Unix/Linux for a couple decades and have not yet had a root password issue. But I know there is always tomorrow. I will be keeping this e-mail. Perhaps this is also on the wiki? It is surely good info. If also a bit of a security issue.
If not, you are certainly able to add it.... - -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn4472 (GNU/Linux) iD8DBQFHEPmGClSjbQz1U5oRAgmwAKCtVaYlX8AcTYVtphjwfkFoQOeb1ACgqyBM cxuPS41r2apuF+V007Xkezk= =y25O -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 13 October 2007 09:26, Jan Engelhardt wrote:
On Oct 13 2007 08:03, Glenn Holmer wrote:
You can just enter "init=/bin/sh" on the Boot Options line of the GRUB boot screen. The system will boot straight into bash and you can use your favorite editor on /etc/shadow.
... which is the way how it has been done ever since. But you need /bin/bash otherwise you get, as pointed out, a sh-compat shell.
I don't see how that matters if all you're using it for is to invoke an editor against a single file and then reboot...
After removing the password, use ctrl-alt-delete to restart the machine (if you use "exit" or control-D, you get a kernel panic / hard wait).
Actually, you use
umount -a reboot -f
Thanks, but ctrl-alt-del is quite a few less keystrokes. On the other hand...
And I don't see why passwd would not work. Just make sure your root volume is actually read-write
Yes, that was the case, but I think it's an issue with XFS, which tends to be less forgiving in situations like this. Cf. this bug: https://bugzilla.novell.com/show_bug.cgi?id=326942 which didn't bother people running ext3 or reiser. I tried the procedure again using the above two commands and did not see the problem. Thanks, filed for future reference. -- "After the vintage season came the aftermath - and Cenbe." Glenn Holmer (Q-Link: ShadowM) http://www.lyonlabs.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Glenn Holmer wrote:
On Saturday 13 October 2007 08:48, Randall R Schulz wrote:
Technically, when invoked as /bin/sh, BASH operates in its Bourne Shell compatibility mode, which deprives you of many of BASH's innovations. Use /bin/bash to get full functionality.
/bin/sh is a symlink to bash on 10.3
When you call an app or script, the first variable passed to it is the command used to call it. The app can then examine this and then change behaviour, based on the name called. So, while entering sh or bash will start the same code, how that code runs may be determined by the command used. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (8)
-
Fred A. Miller
-
Glenn Holmer
-
James Knott
-
Jan Engelhardt
-
Jonathan Arnold
-
Patrick Shanahan
-
Randall R Schulz
-
Roger Oberholtzer