passwd: permission denied error when trying to update a user's password
 

Hi all. I just installed Ubuntu on a new machine and everything seemed to be going fine. I and a coworker were having some issues with a few things and have managed to lock-out a local admin (sudo?) account after unjoining an AD domain using realm while troubleshooting some McAfee issues were were having. I'm 99.9% certain that the password has not changed for the user. I have followed ALL the steps found here for resetting the password as root in recovery. When I try to run
I get the error:
When I try to do the steps for the "The Drastic Measures", I notice that the shadow file does not show what would usually indicate an encrypted password for the user. Instead it looks like:
I have removed the exclamation point and still have issues. Even when I run passwd as root through recovery, I get a permissions denied error. As it stands right now, I can only log into the machine as root through recovery. I'm at a complete loss at this point and trying to avoid breaking down the machine and starting from scratch. Any help you guys can provide would be greatly appreciated.

Since you are already "root" there is no need to use "sudo" too. Try simply:

(Where "USERNAME" is the actual username, obviously.)

Please note that the tutorial you are following didn't say to use "sudo" either.

@snowpine You are correct, but there's no reason for root not to be able to sudo. Just try it yourself. It's just redundant, but it has to work.

@OP What does /etc/pam.d/passwd look like? Do you encounter the same error when trying other commands that need privilege?

I should have noted that I used sudo after trying without sudo first as sort of a "hail mary", neither worked.

Now that I think about it, are you sure the you've mounted the root partition as writable? Maybe that's the reason why you get permission denied, you might have only read permissions. That's an essential part of the recovery process: mount -rw -o remount /

Per the instructions in the the link in the OG post, I ran
as root in recovery but no dice.

Maybe you should make sure that the system is actually mouting the right partition. Do you find the correct users in /etc/passwd, for instance?

I made sure this morning that I ran the commands to mount the partition (which I also did yesterday while in root through recovery) first before trying some additional troubleshooting. Still issues. Here's what I found this morning:

When running /etc/passwd I got this:
I checked the permissions on passwd and got:
I tried to run /etc/shadow and got:
When I checked permissions on /etc/shadow I got:
From reading here, it should look more like this:
This was all run as root in recovery. (As mentioned, that is the only way that I can log into the system at this point.)

If it comes to it, can I reinstall Ubuntu from DVD and sort of run a "recovery" without loosing all my settings, programs, etc. Almost like a refresh without starting from scratch?

I don't understand what you mean by "running" /etc/shadow. Shadow is a file. What did you run exactly?
First, let me get this straight, you haven't been able to change the root password, right? Are have you only tried to change the password for the admin user?

You could try changing the password for the root and then boot normally into Ubuntu, log in with root, change the admin password and disable root (although, to be honest, there's no reason not to use the root directly, as it's done in Red Hat-based distros, but that's another subject).

It doesn't really make much difference if /etc/shadow has the read permission or not. This is how it looks on Centos 7:
---------- 1 root root 1482 Oct 31 00:02 /etc/shadow

So I wouldn't worry about that. That's not the problem.

By the way, please tell us exactly what version of Ubuntu you're running.

I'm thinking now that the problem might be related to the ldap authentication. Maybe when you invoke the passwd command, it's not really using /etc/shadow but some other file (trying to connect to the DC, etc.)
What does /etc/nsswitch.conf say?

I should clarify, when I say "run" I literally mean "typed "x" in the terminal and hit enter". I'm running Ubuntu 16.04. Machine was part of a Active Directory domain, LDAP was not used. We were trying to install McAfee on the system and was having some issue so "unjoined" using realm (the same method I used to join the domain). There were two accounts on the machine. My domain account and a local account. Domain obv. doesnt work but the local account also no longer works (even though my domain acct still sappears to be possibly cached, I can't log in using that account). I can only log in via root from recovery. When I "run" /etc/nsswitch.conf I get the following:
I checked permissions on it and got:

Why are you trying to run a text file? :confused: You sure you are up to the task before you?

To clarify and as stated above, I don't literally mean "run" as in "run a program", I do literally mean "type 'x' in the terminal and hit enter".

What does 'x' do? Why are you doing this?

When I ask you what /etc/nsswitch.conf looks like, and I'm no expert in linux, I think it's implied that one would understand running cat /etc/nsswitch.conf, or less or more or whatever command you're comfortable with.

And yet that's exactly what you are doing when you do something like type "/etc/shadow" and press enter - you are trying to run it as a program. Those files are text files, and just like in any other operating system you must use another program to view them.

The only exception to the rule are scripts, but we're not dealing with those here.

Try:
from man cat (get familiar with man: