Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello,
I recently created a user account on an Ubuntu server running 10.04 LTS and found that I am unable to change the password of this account or any other account including root. The root and other non-root admin account passwords are set to not expire so I have never needed to change them. The error is:
I've done a lot of searching on this site and others for a solution but haven't found one yet. This is what I've tried so far:
1. The disk is not full. df -h shows /dev/sda1 is only 7% in use
2. The file system is not read-only. I can create test files w/o any errors or problems.
touch test_file
root@my-server:/etc# ls -lsa |grep test_file
-rw------- 1 root root 0 2014-06-02 15:53 test_file
3. pwck returned no errors
4. Permissions on /etc/passwd and /etc/shadow are set to:
-rw-r--r-- 1 root root 1238 2014-06-02 14:50 passwd
-rw-r----- 1 root root 968 2014-06-02 14:50 shadow
5. I deleted the newly created account and tried to change root's passwd
root@my-server:/etc# passwd
passwd: Authentication token manipulation error
passwd: password unchanged
6. I rebooted...
Any suggestions or help will be greatly appreciated. I have an audit in my near future and need to get this resolved.
Check permission of /etc/shadow and /etc/passwd
/etc/shadow should be 640 and /etc/passwd should be 644
Now try to change password.
If still it does not work, Run
Code:
sudo cp /etc/shadow- /etc/shadow
Now try to change password.
If still it does not work, Run
willie@kahuna:~$ sudo getfacl -et /etc/passwd
getfacl: Removing leading '/' from absolute path names
# file: etc/passwd
USER root rw-
GROUP root r--
other r--
willie@kahuna:~$ sudo getfacl -et /etc/passwd-
getfacl: Removing leading '/' from absolute path names
# file: etc/passwd-
USER root rw-
GROUP root ---
other ---
willie@kahuna:~$ sudo getfacl -et /etc/shadow
getfacl: Removing leading '/' from absolute path names
# file: etc/shadow
USER root rw-
GROUP shadow r--
other ---
willie@kahuna:~$ sudo getfacl -et /etc/shadow-
getfacl: Removing leading '/' from absolute path names
# file: etc/shadow-
USER root rw-
GROUP root ---
other ---
I had to modify the permissions for /etc/shadow because my Security department was flagging it as a problem.
root@my-server:/etc# ls -la shadow
-r-------- 1 root root 968 2014-06-03 15:12 shadow
I checked the attributes...
root@my-server:/etc# lsattr passwd shadow
-----------------e- passwd
-----------------e- shadow
I guess the ls -Z doesn't apply my system. This is what was returned:
root@my-server:/etc# ls -Z passwd shadow
? passwd ? shadow
I copied /etc/shadow- to /etc/shadow
No change. Same error.
I ran the mount -o remount,rw / command
No change. Same error.
I also ran mount -n -o remount,rw /
No change. Same error.
I rebooted and held down the Shift key trying to get the GRUB menu to appear so I could try to boot into recovery mode?? or the root shell prompt?? I'm not sure of what it is called. However, the machine booted to the console screen I'm used to seeing without giving me the chance to select something different. I am remotely connecting to the machine via a kvm client so I don't know if there is a delay in the the keyboard or if I'm just not quick enough.
I read another post where a someone asked the person requesting help to run this command:
stat /etc/passwd /etc/shadow;mount;id
It returned this:
root@my-server:/etc# stat /etc/passwd /etc/shadow;mount;id
File: `/etc/passwd'
Size: 1175 Blocks: 8 IO Block: 4096 regular file
Device: 801h/2049d Inode: 13240403 Links: 1
Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2014-06-02 16:00:44.607954980 -0400
Modify: 2014-06-02 16:00:44.607954980 -0400
Change: 2014-06-03 14:31:41.816723457 -0400
File: `/etc/shadow'
Size: 968 Blocks: 8 IO Block: 4096 regular file
Device: 801h/2049d Inode: 13239927 Links: 1
Access: (0400/-r--------) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2014-06-02 16:00:44.607954980 -0400
Modify: 2014-06-03 15:12:37.056720656 -0400
Change: 2014-06-03 15:12:37.056720656 -0400
/dev/sda1 on / type ext4 (rw,noatime,errors=remount-ro)------- Is this saying that the filesystem is currently rw but to remount as ro if there is an error?
proc on /proc type proc (rw,noexec,nosuid,nodev)
none on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
none on /dev type devtmpfs (rw,mode=0755)
none on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
none on /dev/shm type tmpfs (rw,nosuid,nodev)
none on /var/run type tmpfs (rw,nosuid,mode=0755)
none on /var/lock type tmpfs (rw,noexec,nosuid,nodev)
none on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
uid=0(root) gid=0(root) groups=0(root)
Hopefully my reply will illicit more suggestions. Again thank you for any help you can provide.
/dev/sda1 on / type ext4 (rw,noatime,errors=remount-ro)------- Is this saying that the filesystem is currently rw but to remount as ro if there is an error?
Close; says startup mount is rw, but go ro if an error occurs...
(ls -Z is for SELinux if you had it)
Recovery mode would probably not run networking, so you'd lose connectivity. You might need to get someone local to look into this.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.