LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-21-2016, 01:51 PM   #1
ProAm500
LQ Newbie
 
Registered: Apr 2013
Posts: 11

Rep: Reputation: Disabled
passwd: permission denied error when trying to update a user's password


Hi all. I just installed Ubuntu on a new machine and everything seemed to be going fine. I and a coworker were having some issues with a few things and have managed to lock-out a local admin (sudo?) account after unjoining an AD domain using realm while troubleshooting some McAfee issues were were having. I'm 99.9% certain that the password has not changed for the user. I have followed ALL the steps found here for resetting the password as root in recovery. When I try to run
Code:
sudo passwd USERNAME
I get the error:
Code:
root@HOSTNAME:~# sudo passwd USERNAME
passwd:Permission denied
passwd:password unchanged
root@HOSTNAME:~#
When I try to do the steps for the "The Drastic Measures", I notice that the shadow file does not show what would usually indicate an encrypted password for the user. Instead it looks like:
Code:
username:!:14920:0:99999:7:::
I have removed the exclamation point and still have issues. Even when I run passwd as root through recovery, I get a permissions denied error. As it stands right now, I can only log into the machine as root through recovery. I'm at a complete loss at this point and trying to avoid breaking down the machine and starting from scratch. Any help you guys can provide would be greatly appreciated.

Last edited by ProAm500; 11-21-2016 at 02:03 PM.
 
Old 11-21-2016, 01:56 PM   #2
snowpine
Senior Member
 
Registered: Feb 2009
Posts: 4,625

Rep: Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381Reputation: 1381
Since you are already "root" there is no need to use "sudo" too. Try simply:

Code:
passwd USERNAME
(Where "USERNAME" is the actual username, obviously.)

Please note that the tutorial you are following didn't say to use "sudo" either.
 
Old 11-21-2016, 02:06 PM   #3
vincix
Member
 
Registered: Feb 2011
Distribution: Ubuntu, Centos
Posts: 989

Rep: Reputation: 75
@snowpine You are correct, but there's no reason for root not to be able to sudo. Just try it yourself. It's just redundant, but it has to work.

@OP What does /etc/pam.d/passwd look like? Do you encounter the same error when trying other commands that need privilege?

Last edited by vincix; 11-21-2016 at 02:10 PM.
 
1 members found this post helpful.
Old 11-21-2016, 02:51 PM   #4
ProAm500
LQ Newbie
 
Registered: Apr 2013
Posts: 11

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by snowpine View Post
Since you are already "root" there is no need to use "sudo" too. Try simply:

Code:
passwd USERNAME
(Where "USERNAME" is the actual username, obviously.)

Please note that the tutorial you are following didn't say to use "sudo" either.
I should have noted that I used sudo after trying without sudo first as sort of a "hail mary", neither worked.
 
Old 11-21-2016, 02:57 PM   #5
vincix
Member
 
Registered: Feb 2011
Distribution: Ubuntu, Centos
Posts: 989

Rep: Reputation: 75
Now that I think about it, are you sure the you've mounted the root partition as writable? Maybe that's the reason why you get permission denied, you might have only read permissions. That's an essential part of the recovery process: mount -rw -o remount /
 
Old 11-21-2016, 03:13 PM   #6
ProAm500
LQ Newbie
 
Registered: Apr 2013
Posts: 11

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by vincix View Post
Now that I think about it, are you sure the you've mounted the root partition as writable? Maybe that's the reason why you get permission denied, you might have only read permissions. That's an essential part of the recovery process: mount -rw -o remount /
Per the instructions in the the link in the OG post, I ran
Code:
mount -o remount,rw /
as root in recovery but no dice.
 
Old 11-21-2016, 03:21 PM   #7
vincix
Member
 
Registered: Feb 2011
Distribution: Ubuntu, Centos
Posts: 989

Rep: Reputation: 75
Maybe you should make sure that the system is actually mouting the right partition. Do you find the correct users in /etc/passwd, for instance?
 
Old 11-22-2016, 08:47 AM   #8
ProAm500
LQ Newbie
 
Registered: Apr 2013
Posts: 11

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by vincix View Post
Maybe you should make sure that the system is actually mouting the right partition. Do you find the correct users in /etc/passwd, for instance?
I made sure this morning that I ran the commands to mount the partition (which I also did yesterday while in root through recovery) first before trying some additional troubleshooting. Still issues. Here's what I found this morning:

When running /etc/passwd I got this:
Code:
passwd: Permission denied
passwd: password unchaged
I checked the permissions on passwd and got:
Code:
-rw-r--r-- 1 root root 1046 Nov 21 14:29 /etc/passwd
I tried to run /etc/shadow and got:
Code:
/etc/shadow: Permission denied
When I checked permissions on /etc/shadow I got:
Code:
-rw-r----- 1 root shadow 1310 Nov 21 14:29 /etc/shadow
From reading here, it should look more like this:
Code:
-rw------- 1 root root 823 Dec 7 19:59 /etc/shadow
This was all run as root in recovery. (As mentioned, that is the only way that I can log into the system at this point.)

If it comes to it, can I reinstall Ubuntu from DVD and sort of run a "recovery" without loosing all my settings, programs, etc. Almost like a refresh without starting from scratch?

Last edited by ProAm500; 11-22-2016 at 08:49 AM.
 
Old 11-22-2016, 08:55 AM   #9
vincix
Member
 
Registered: Feb 2011
Distribution: Ubuntu, Centos
Posts: 989

Rep: Reputation: 75
I don't understand what you mean by "running" /etc/shadow. Shadow is a file. What did you run exactly?
First, let me get this straight, you haven't been able to change the root password, right? Are have you only tried to change the password for the admin user?

You could try changing the password for the root and then boot normally into Ubuntu, log in with root, change the admin password and disable root (although, to be honest, there's no reason not to use the root directly, as it's done in Red Hat-based distros, but that's another subject).

It doesn't really make much difference if /etc/shadow has the read permission or not. This is how it looks on Centos 7:
---------- 1 root root 1482 Oct 31 00:02 /etc/shadow

So I wouldn't worry about that. That's not the problem.

By the way, please tell us exactly what version of Ubuntu you're running.
 
Old 11-22-2016, 09:04 AM   #10
vincix
Member
 
Registered: Feb 2011
Distribution: Ubuntu, Centos
Posts: 989

Rep: Reputation: 75
I'm thinking now that the problem might be related to the ldap authentication. Maybe when you invoke the passwd command, it's not really using /etc/shadow but some other file (trying to connect to the DC, etc.)
What does /etc/nsswitch.conf say?

Last edited by vincix; 11-22-2016 at 09:06 AM.
 
Old 11-22-2016, 11:00 AM   #11
ProAm500
LQ Newbie
 
Registered: Apr 2013
Posts: 11

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by vincix View Post
I don't understand what you mean by "running" /etc/shadow. Shadow is a file. What did you run exactly?
First, let me get this straight, you haven't been able to change the root password, right? Are have you only tried to change the password for the admin user?

You could try changing the password for the root and then boot normally into Ubuntu, log in with root, change the admin password and disable root (although, to be honest, there's no reason not to use the root directly, as it's done in Red Hat-based distros, but that's another subject).

It doesn't really make much difference if /etc/shadow has the read permission or not. This is how it looks on Centos 7:
---------- 1 root root 1482 Oct 31 00:02 /etc/shadow

So I wouldn't worry about that. That's not the problem.

By the way, please tell us exactly what version of Ubuntu you're running.
Quote:
Originally Posted by vincix View Post
I'm thinking now that the problem might be related to the ldap authentication. Maybe when you invoke the passwd command, it's not really using /etc/shadow but some other file (trying to connect to the DC, etc.)
What does /etc/nsswitch.conf say?
I should clarify, when I say "run" I literally mean "typed "x" in the terminal and hit enter". I'm running Ubuntu 16.04. Machine was part of a Active Directory domain, LDAP was not used. We were trying to install McAfee on the system and was having some issue so "unjoined" using realm (the same method I used to join the domain). There were two accounts on the machine. My domain account and a local account. Domain obv. doesnt work but the local account also no longer works (even though my domain acct still sappears to be possibly cached, I can't log in using that account). I can only log in via root from recovery. When I "run" /etc/nsswitch.conf I get the following:
Code:
bash: /etc/nsswitch.conf: Permission denied
I checked permissions on it and got:
Code:
-rw-r--r-- 1 root root 575 Nov 14 09:37 nssswitch.conf.
 
Old 11-22-2016, 11:03 AM   #12
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 6,316

Rep: Reputation: Disabled
Why are you trying to run a text file? You sure you are up to the task before you?
 
Old 11-22-2016, 11:13 AM   #13
ProAm500
LQ Newbie
 
Registered: Apr 2013
Posts: 11

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Emerson View Post
Why are you trying to run a text file? You sure you are up to the task before you?
To clarify and as stated above, I don't literally mean "run" as in "run a program", I do literally mean "type 'x' in the terminal and hit enter".

Last edited by ProAm500; 11-22-2016 at 11:49 AM.
 
Old 11-22-2016, 02:04 PM   #14
vincix
Member
 
Registered: Feb 2011
Distribution: Ubuntu, Centos
Posts: 989

Rep: Reputation: 75
Quote:
Originally Posted by ProAm500 View Post
To clarify and as stated above, I don't literally mean "run" as in "run a program", I do literally mean "type 'x' in the terminal and hit enter".
What does 'x' do? Why are you doing this?

When I ask you what /etc/nsswitch.conf looks like, and I'm no expert in linux, I think it's implied that one would understand running cat /etc/nsswitch.conf, or less or more or whatever command you're comfortable with.
 
Old 11-22-2016, 02:19 PM   #15
goumba
Senior Member
 
Registered: Dec 2009
Location: New Jersey, USA
Distribution: Current: Debian and OpenSUSE. Past: Arch, RedHat (pre-RHEL). FreeBSD & OpenBSD novice, Hackintosh
Posts: 1,181
Blog Entries: 7

Rep: Reputation: 332Reputation: 332Reputation: 332Reputation: 332
Quote:
Originally Posted by ProAm500 View Post
I should clarify, when I say "run" I literally mean "typed "x" in the terminal and hit enter".
Quote:
Originally Posted by ProAm500
To clarify and as stated above, I don't literally mean "run" as in "run a program", I do literally mean "type 'x' in the terminal and hit enter".
And yet that's exactly what you are doing when you do something like type "/etc/shadow" and press enter - you are trying to run it as a program. Those files are text files, and just like in any other operating system you must use another program to view them.

The only exception to the rule are scripts, but we're not dealing with those here.

Try:
Code:
cat /etc/passwd
Code:
cat /etc/shadow
Code:
cat /etc/nsswitch.conf
from man cat (get familiar with man:
Code:
NAME
       cat - concatenate files and print on the standard output

SYNOPSIS
       cat [OPTION]... [FILE]...

DESCRIPTION
       Concatenate FILE(s) to standard output.

       With no FILE, or when FILE is -, read standard input.

Last edited by goumba; 11-22-2016 at 02:22 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Amanda Backup Permission denied (publickey,gssapi-with-mic,password). error mcdown75 Linux - Software 6 07-10-2014 11:42 AM
[SOLVED] [BLFS7.5]passwd - Permission Denied - even if i'am root kamils096 Linux From Scratch 8 06-17-2014 11:58 AM
LDAP removed, passwd: permission denied nexusdk Linux - Security 4 02-26-2013 07:14 AM
Permission denied as root for /etc/passwd ltoni Linux - Newbie 6 04-18-2012 12:30 PM
Root user denied permission to update/install software appin69 Fedora 4 07-08-2008 11:43 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration