Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Recently I had an ADSL connection installed and as the modem did not support NAT, I decided to use a Software Router RedHat 9 (To enable NAT/Print Server/DHCP ......etc)
However maybe I took things a little to far on the security side and changed the root shell in /etc/passwd from /bin/bash to /sbin/nologon ...... ooops!
Now ..... surprise surprise ......
I can't log in as root
I can't su
I can't sudo
I can't do $&*# =D
I can however login as a local user with non root access (This is an account I set up to monitor the system)
Any suggestions on how to edit /etc/passwd (currently owned by root)?
As a last resort, if I moved the disks / controller card into another Linux box - would I then be able to edit the /etc/passwd file?
Cheers for any input folks ..... Svha
EDIT - I have just booted from a Knoppix CD and cant see the / filesystem - I can see /boot as this is a standard partition, however / is a raid partition and cannot be mounted =/
/ filesystem is made up of sda2 and sdb1 (a striped software raid set md0) so mounting the disks with another distro does not seem to be an option.
Section 4.4.2 Table 4.1 ..... States that the changes will deactivate among others su / ssh /sftp as root - however sudo would still function. (According to the above document)
But sudo doesn't seem to accept the password needed to run a command (I have typed the password into a new console to check (as plain text) keymap settings / caps lock / num lock settings .... and if functions perfectly)
Kinda weird ...... anybody else had a similar experience?
I guess it is secure...
Was going to ask if you were able to mount it with the Knoppix CD but the RAID thing probably messes up my thought...
The only other thoughts are if you can boot into single user mode or If you can boot on the Redhat 9 disks and go into rescue mode...
Good luck with it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.