Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am using SuSe Linux enterprise server 10 as a telephony server. I was doing some activity on the server. I don't know what happened, root user got deleted on the system. Now if I am trying to login through root it is saying root user does not exist. If I am trying to do "sudo" it is saying root user does not exist. Even the home directory of root(/root) is not there anymore. Can I get it back somehow, can someone help me with that.
Hi Everyone,
I am using SuSe Linux enterprise server 10 as a telephony server. I was doing some activity on the server. I don't know what happened, root user got deleted on the system. Now if I am trying to login through root it is saying root user does not exist. If I am trying to do "sudo" it is saying root user does not exist. Even the home directory of root(/root) is not there anymore. Can I get it back somehow, can someone help me with that.
Thanks
No idea, since you don't say what the "some activity" you were doing was. If you don't have a root user, you won't be able to edit secure files like /etc/passwd.
You're using Suse Enterprise...which means you're paying for support from Novell, so I'd call them. You can also boot from CD/DVD, go into rescue mode, mount your hard drive, and edit the /etc/passwd and /etc/shadow files from there, taking those lines from the files on the rescue DVD. Pay VERY close attention to file permissions, and also recreate the users /root home directory. Then try to log in again. Your only other choice is to reload the system from backups, but even that may not work...lots of things depend on the root user being there and having permissions...your backup utility may be one.
The server is SLES10 and a telephony server application is running on it. Aastra technologies provides this whole setup. So I can not go to Novell, I will have to go to Aastra. But the server is not in production, it's a lab machine and running on trial license, so even aastra can not help me. Moreover I am sitting in Delhi, India and server is lying in Stockholm, Sweden, So I can not put a recovery DVD in it. I can only access it via ssh.
When I met with the problem, I was installing the application provided by aastra, but it got stuck. So I killed the two processes running by this application (using kill -9) and restarted the server. Guess what happened I can not find root user anymore.
/etc/passwd and /etc/shadow both files are there. I can get into passwd but not in the shadow with current user. I can see in passwd file "root" line is not there. Can I get get something by editing this file.
May be I am missing a point, but if this is a lab machine on a testing license, not a production machine, why do you actually care? Just re-install the system (not mentioning to just restore your backup) and try it again.
You are not getting the point. This is a Lab machine, but I can not reinstall the linux because I am not in front of the machine, it is lying in Stockholm and I am sitting in Delhi. To reinstall the machine I have to be physically available in front of the machine.
I have edited the /etc/passwd file now and added the root user line. Now If I am doing "su" it is asking for password but it is not taking the password because I can not get into the /etc/shadow and from shadow file it takes the password.
Can we do something about it. Can I edit something in passwd file so it won't ask for password anymore.
No idea, since you don't say what the "some activity" you were doing was. If you don't have a root user, you won't be able to edit secure files like /etc/passwd.
You're using Suse Enterprise...which means you're paying for support from Novell, so I'd call them. You can also boot from CD/DVD, go into rescue mode, mount your hard drive, and edit the /etc/passwd and /etc/shadow files from there, taking those lines from the files on the rescue DVD. Pay VERY close attention to file permissions, and also recreate the users /root home directory. Then try to log in again. Your only other choice is to reload the system from backups, but even that may not work...lots of things depend on the root user being there and having permissions...your backup utility may be one.
put in /etc/passwd file
root:x:0:0:root:/root:/bin/bash
and in /etc/group
root:x:0:root
and save it.
I tried it but not working. it is saying "incorrect password". When the user got deleted password details from /etc/shadows must have got deleted at the same time. So it is not able to access the password I guess.
You need a proper line in /etc/shadow too. Either create/copy a hash value from another line therein from which you know the password (and as you can log in there it should be possible), or set it to an empty one. In the latter case it might be necessary to set in one of the PAM files to allow empty passwords:
You need a proper line in /etc/shadow too. Either create/copy a hash value from another line therein from which you know the password (and as you can log in there it should be possible), or set it to an empty one. In the latter case it might be necessary to set in one of the PAM files to allow empty passwords:
Code:
auth required pam_unix2.so nullok
Hi
Sorry, I didn't understand. Can you elaborate it a bit. I am not an expert of Linux.
Hi
Sorry, I didn't understand. Can you elaborate it a bit. I am not an expert of Linux.
Well, we've been very clear...what don't you understand? You deleted the root user...you now have NO PERMISSIONS to edit those files. Your only choices remain:
Boot from CD/DVD, mount the hard drive manually and edit the files
Restore things from your backups
Reboot the system into single-user mode, and HOPE that you have root access to edit the files
Doesn't get much simpler than that. Also, above, it was suggested that you use "init=/bin/bash"...did you try that? You already KNOW you can't edit that file with the system booted. You are going to HAVE TO take other action, period. Doesn't matter where you are, or where the server is...YOU are the administrator, and it's up to YOU to make it right. You've been given the options how...it's up to you to figure out which is best for you, and make them work.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.