can't "su -" to root after changing /etc/passwd
 

after blocking root logins in ssh and changing shell for root in /etc/passwd to /sbin/nologin, i can't "su -" from a user to root, nor login as root.

server is rh9 and is located across the country from me. i can still ssh in as a user.

the message i get when i try to su - is "This account is currently not available".

anyone have any ideas?
thanks

as you have probably worked out, its dangerous to change root login settings when you need root to change them back !!!

anyways.. i see 2 options, boot a recueCD and change the passwd file back...
either go there yourself, or get someone else who lives there to do it for you.

OR.......
how secure is the machine ?
you installed the system right ? with your knoledge of the system, maybe you could "hack" it.
find a privilage esculation exploit in your system, and exploit to to gain root access and change the paswd file back.

In the future, if you need to do such a thing, backup the origonal, and write a script that will run as root, and restore the system to its origonal state at midnight.

then you can change your settings, test the new settings, and if the worst happens and you lock yourself out, atleast you will be let back in at midnight..

and you test the new setitngs and they are working as expected, kill the scripts PID.

managed to get it to work
 

thank you for your prompt reply:) i just found a third way to get back in as root: "su --shell=/bin/bash -" from a user account.
immediately, i went back to fix the root line in /etc/passwd but then thought - this could be a security advantage - i wouldn't mind specifying the shell in su, but people who don't know this won't be able to get in as root, even if they knew the password.

diyan:)