Greetings!

Recently I had an ADSL connection installed and as the modem did not support NAT, I decided to use a Software Router RedHat 9 (To enable NAT/Print Server/DHCP ......etc)

However maybe I took things a little to far on the security side and changed the root shell in /etc/passwd from /bin/bash to /sbin/nologon ...... ooops!

Now ..... surprise surprise ......

I can't log in as root
I can't su
I can't sudo
I can't do $&*# =D

I can however login as a local user with non root access (This is an account I set up to monitor the system)

Any suggestions on how to edit /etc/passwd (currently owned by root)?

As a last resort, if I moved the disks / controller card into another Linux box - would I then be able to edit the /etc/passwd file?

Cheers for any input folks ..... Svha

EDIT - I have just booted from a Knoppix CD and cant see the / filesystem - I can see /boot as this is a standard partition, however / is a raid partition and cannot be mounted =/

/ filesystem is made up of sda2 and sdb1 (a striped software raid set md0) so mounting the disks with another distro does not seem to be an option.

at your lilo prompt (assuming you use lilo as your boot mgr) enter...

this should boot you into a root console so you can change your /etc/passwd accordingly

Haha .... I use Grub =P

But ..... "man grub" may help me here ...

Thanks for the reply!

Using the 'a' key in grub allows you to append arguments to the startup process - so I added .....

init=/bin/bash

This dropped me to an init prompt however only gave me read only access =/

su / sudo still would'nt allow me write access =(

Thanks for the suggestion tho Pheonix!

hmm did a man on su and found this...
man su
-c, --commmand=COMMAND
pass a single COMMAND to the shell with -c

so in theory could you copy /etc/passwd and change it back then run the command
su --command="cp /etc/passwd.new /etc/passwd"

sorry should have tested it first I think I have syntax right now..
Just something to try...

Thanks Blink .....

..... but I get an error in the console "This account is currently not available"

The changes I made in the original post where from the "Official" RedHat security guide ......

http://www.redhat.com/docs/manuals/l...rivileges.html

Section 4.4.2 Table 4.1 ..... States that the changes will deactivate among others su / ssh /sftp as root - however sudo would still function. (According to the above document)

But sudo doesn't seem to accept the password needed to run a command (I have typed the password into a new console to check (as plain text) keymap settings / caps lock / num lock settings .... and if functions perfectly)

Kinda weird ...... anybody else had a similar experience?

I guess it is secure...
Was going to ask if you were able to mount it with the Knoppix CD but the RAID thing probably messes up my thought...
The only other thoughts are if you can boot into single user mode or If you can boot on the Redhat 9 disks and go into rescue mode...
Good luck with it.

My fault! =P /me hides in shame!

sudo requires the CURRENT users password ..... and NOT roots password for the first authentication.

Then sudo refers to the sudoers file for further info

Hey ho ..... problem solved!

man sudo ...... /smacks self on forehead

lol good god man