Big problem: shell entry in /etc/passwd corrupted for user root

dodona · December 18, 2019, 6:22pm

did a big mistake, changing root entry of /etc/passwd to

root:x:0:0:root:/root:/usr/bin/tmux split-window -v \; attach

as expected, now I can't login as root anymore. sudo ed /etc/passwd etc. doesn't work.

Any idea?

jim_mcnamara · December 18, 2019, 8:15pm

Can you boot from installation software - DVD, thumb drive?
Boot to run-level 1 which makes the console root and allows no other logins.

Example with run-level 1 boot on linux with GRUB2

How-To: Change boot runlevel with Grub2 - Debuntu

You want to be in the console as root, and you can work with any file. Try to keep backups from now on, I assumed you had none.

Peasant · December 19, 2019, 1:06am

When dealing with /etc/passwd , /etc/shadow , PAM or sudo files :

Have a root session / prompt opened aside from everything else, you will use this session to fix / remedy if something does not work.
Backup those files before editing cp /etc/passwd /etc/passwd_<date string>
Use tools like vipw, vigr, visudo to avoid corruption.

Hope that helps
Regards
Peasant.

Neo · December 19, 2019, 1:19am

Sometimes when I am working on these kinds of "gotacha" files, I temporarily change the permissions to read:write for all users or change the owner of the file to an "other than root" user, or both. Then, when all is testing and working OK, I change back to how it was (root ownership, only root can modify, etc.)

I have a funny story to tell (someday) about this, regarding temporarily disabling google_authentication on a server, because of problems with an iPhone lightening connector (battery would not charge, port did not work at all) and the many hours of headaches a small mistake caused me (blocked my own root access on a remote server); all of this started with dust in the iPhone charge port and me spraying some contact cleaner into the port, gumming it up ever worse.

Always have one more more backup plans when doing these kinds of "gotcha" file changes. In the case cited above, because I had to restart sshd , even having two other open ssh connections as root into the server did not help!

Of course, all these editorial comments do not help "after the fact" and so it if makes you feel any better, most of us have made similar mistakes at one time or another.
Remember, you can temporarily change permissions and ownership on files when working on these kinds of "whoops, it got me" changes.

Neo · December 19, 2019, 1:24am

dodona:

did a big mistake, changing root entry of /etc/passwd to
root:x:0:0:root:/root:/usr/bin/tmux split-window -v \; attach
as expected, now I can't login as root anymore. sudo ed /etc/passwd etc. doesn't work.

Any idea?

If you have physical access to the disk, a common way to correct this problem is to mount the disk on another machine and edit the problem files.

Or, boot from another disk or thumb drive, etc, and mount the filesystem and edit it (as someone mentioned earlier, as I recall).