>>Someone broken my root password!
>>
>>I use solaris 2.4, when i used sun os 4.1.3 i can modify root password by
>>single user mode booting..
>e) edit to /etc/passwd file and remove the root password
This will not work on Solaris, only SunOS 4.1.X. Starting with Solaris 2.1,
the encrypted passwords are not stored in /etc/passwd, as this is a globally
readable file. (As such, vulnerable to crack, and other password cracking
programs). The encrypted password is now stored in /etc/shadow, which only
root can read. An edit to the /etc/passwd file will invalidate the file
without performing a "pwconv" to rebuild the /etc/shadow file.
Unfortunately, there is no command line modifier for pwconv to specify which
shadow file to rebuild. Since /etc in this case is *not* the /etc you want
to change, editing will not solve the problem.
My suggestion is that after booting the CD into single user mode, and
mounting the root partition, use ufsrestore to restore *both* the
/etc/passwd, and the /etc/shadow files from a known good backup tape. This
will restore the root password to what it was before the change. Once done,
reboot and change the password to whatever you like. The only possible
problem is that if any other passwords were legitimately changed between the
time of the backup and the time of the restore, those passwords will now be
what they were at the time the backup was made. If this is a major problem,
you might be able to restore both /etc/passwd and /etc/shadow to a temp
area, then replace only the root entries in the current files with the
entries in the restored files. Please note that while I have been successful
in restoring the full /etc/passwd and /etc/shadow file for similar
situations, I haven't tried replacing individual lines. It should work, but
I can't be 100% sure of this, as I have never done it.
Jim Wojno
Systems Administrator
Telxon Corporation
jwojn @
telxon .
com
|
|
