Solved

Can't resolve username: Error looking up username for uid=100

Posted on 2004-08-30
14
966 Views
Last Modified: 2013-12-27
Hi All,

I did the most stupid thing, i went (as root) chmod -R 755 /etc/
and now I can't send mail from normal users. When I tried it in command line, this was the behaviour:
bash-2.03$ mailx Test@test.com
Error looking up username for uid=100
0
Comment
Question by:kalmen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 3
14 Comments
 
LVL 21

Expert Comment

by:tfewster
ID: 11930086
If you have a recent backup of /etc/, restore that to correct all the permissions & suid settings
0
 
LVL 21

Expert Comment

by:tfewster
ID: 11930237
OK, checking on a Solaris 8 system:
- As a matter of urgency, change the permissions on /etc/shadow to 400 (read only for root);  This may fix the sendmail problem as well
0
 
LVL 21

Expert Comment

by:tfewster
ID: 11930339
Also, the chmod will have changed the permissions on the TARGETS of any links in /etc; e.g.

ls -ld wall
lrwxrwxrwx   1 root     root          16 Sep 27  2001 wall -> ../usr/sbin/wall
ls -l /usr/sbin/wall
-r-xr-sr-x   1 root     tty         9872 Jan  6  2000 /usr/sbin/wall
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:kalmen
ID: 11930718
Thanks man, but do you have any idea how I can get this to work? Mailx?

Thanks.
0
 
LVL 21

Expert Comment

by:tfewster
ID: 11931419
Check the permissions of these files; The mail files & passwd files may need specific permissions for sendmail to check them (Depending on the test, "excessive" permissions may cause failure)

ls -l /usr/bin/mailx
-r-x--s--x   1 root     mail      126880 Dec  7  2001 /usr/bin/mailx

/etc> ls -l mail
-rw-r--r--   1 root     bin          153 Sep 27  2001 Mail.rc
-rw-r--r--   1 root     bin         1201 Sep 27  2001 aliases
-rw-r--r--   1 root     root           0 Sep 27  2001 aliases.dir
-rw-r--r--   1 root     root        1024 Sep 27  2001 aliases.pag
-rw-r--r--   1 root     bin         5266 Feb  9  2003 helpfile
-rw-r--r--   1 root     bin            0 Nov  8  2000 local-host-names
-rw-r--r--   1 root     bin         1829 Sep 27  2001 mailx.rc
-r--r--r--   1 root     bin        33412 Sep 27  2001 main.cf
-rw-r--r--   1 root     other         41 Mar 20  2002 relay-domains
-r--r--r--   1 root     bin        34108 Feb 13  2004 sendmail.cf
lrwxrwxrwx   1 root     root           8 Sep 27  2001 sendmail.hf -> helpfile
-r--r--r--   1 root     bin        34108 Sep 27  2001 subsidiary.cf
-rw-r--r--   1 root     other      35625 Mar 20  2003 subsidiary.cf.new
-rw-r--r--   1 root     bin            5 Nov  8  2000 trusted-users

ls -l passwd
-r--r--r--   1 root     sys          958 Apr 29 12:17 passwd
ls -l group
-rw-r--r--   1 root     sys          278 Jan 20  2004 group



find /etc -exec ls -ld {} \; |awk '$1 ~ /[sSt]/'
-r-sr-xr-x   1 lp       lp           203 Dec 16  1999 ./lp/alerts/printer

find /etc -exec ls -ld {} \; |grep "\-\-\-" |more
prw-------   1 root     root           0 Apr 28 12:33 ./cron.d/FIFO
-rw-------   1 root     sys         5268 Jan 24  2001 ./inet/mipagent.conf-sample
-rw-------   1 root     sys         4983 Jan 24  2001 ./inet/mipagent.conf.fa-sample
-rw-------   1 root     sys         5378 Jan 24  2001 ./inet/mipagent.conf.ha-sample
prw-------   1 root     root           0 Aug 30 13:54 ./saf/zsmon/_pmpipe
prw-------   1 root     root           0 Aug 30 13:54 ./saf/_sacpipe
prw-------   1 root     root           0 Apr 28 12:34 ./saf/_cmdpipe
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/audio
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/fd0
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/sr0
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/st0
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/st1
-rw-r-----   1 root     sys          149 Jan  5  2000 ./security/audit_control
-rw-r-----   1 root     sys          188 Jan  5  2000 ./security/audit_user
-rwxr-----   1 root     sys         5339 Jan  6  2000 ./security/audit_warn
-rwxr-----   1 root     sys         4661 Jul 12  2002 ./security/bsmconv
-rwxr-----   1 root     sys         3342 Feb 26  2001 ./security/bsmunconv
Drw-------   1 root     root           0 Sep 27  2001 ./sysevent/syseventconfd_event_service
Drw-------   1 root     root           0 Sep 27  2001 ./sysevent/devfsadm_event_service
Drw-------   1 root     root           0 Sep 27  2001 ./sysevent/sysevent_door
-r--------   1 root     sys          583 Aug 13 08:12 ./shadow
-rw-------   1 root     root           0 Aug 13 08:12 ./.pwd.lock
-rw-------   1 root     sys          494 Sep 27  2001 ./smartcard/.keys
-rw-------   1 root     sys         2206 Sep 27  2001 ./snmp/conf/snmpd.conf
-rw-------   1 root     sys         1402 Jan  6  2000 ./snmp/conf/snmpdx.acl
-rw-------   1 root     sys         1403 Mar 20  2000 ./snmp/conf/mipagent.acl
prw-------   1 root     root           0 Aug 30 13:12 ./initpipe
prw-------   1 root     root           0 Aug 30 13:12 ./utmppipe
-rw-------   1 uucp     uucp         285 Sep 27  2001 ./uucp/Permissions
-rw-------   1 uucp     uucp         825 Sep 27  2001 ./uucp/Systems
-rw-------   1 root     sys         1831 Sep 27  2001 ./ppp/chap-secrets
-rw-------   1 root     sys         1873 Sep 27  2001 ./ppp/pap-secrets
-r--------   1 root     root         583 Jul  8 13:08 ./oshadow
-rw-------   1 root     other         80 Sep 27  2001 ./adsm/DC1TSM4
-rw-------   1 root     other          0 May 25 16:37 ./.group.lock
-rw-------   1 root     other          0 Mar 14  2002 ./.hosts.lock
-r--r-----   1 root     root         832 Mar  4 15:49 ./sudoers
drwxr-x---   2 root     other        512 Jan  3  2003 ./tripwire
-rw-r-----   1 root     other      41137 Jan  3  2003 ./tripwire/twpol.txt


0
 
LVL 1

Author Comment

by:kalmen
ID: 11933777
Hmmm. I don't seem to have much difference between your results and mine. It makes me wonder whther the problem could be caused by outside. I'll look around and let you know what I get.
0
 
LVL 18

Assisted Solution

by:liddler
liddler earned 200 total points
ID: 11940567
use verbose logging on mailx and then truss to examine what the mailx program is doing, you might get a clue to the file it is trying to open
i.e.
mailx -v -v test@test.com

and
truss -fae mailx test@test.com
0
 
LVL 1

Author Comment

by:kalmen
ID: 11951836
I couldn't seem to find anything usefull.

Have a look:

login as: oraleus
oraleus@server.com's password:
Last login: Wed Sep 01 2004 04:12:57 -0400 from 1.1.1.1
You have new mail.
bash: /etc/profile: Permission denied
bash-2.03$ truss -eaf mailx test@test.com
truss: cannot trace set-id or unreadable object file: /bin/mailx

The permissions on mailx are:
bash-2.03$ ls -la /bin/mailx
-r-sr-sr-x   1 0        6         126880 Oct 18  2001 /bin/mailx

0
 
LVL 18

Expert Comment

by:liddler
ID: 11951863
You'll need to be root to run truss.  Can you get root access?

and what was the output of:
mailx -v -v test@test.com
0
 
LVL 21

Expert Comment

by:tfewster
ID: 11953490
>The permissions on mailx are:
>bash-2.03$ ls -la /bin/mailx
>-r-sr-sr-x   1 0        6         126880 Oct 18  2001 /bin/mailx


Note that the system is not resolving UID and GID, otherwise it would display "root  mail" instead of "0  6"
0
 
LVL 18

Expert Comment

by:liddler
ID: 11953598
so check /etc/group /etc/passwd /etc/nsswitch.conf
0
 
LVL 1

Author Comment

by:kalmen
ID: 11957118
Now, as a non root I get:

# ls -la /etc/group
/etc/group: Permission denied

# ls -la /etc/passwd
/etc/passwd: Permission denied

# ls -la /etc/nsswitch.conf
/etc/nsswitch.conf: Permission denied

As root I have:

# ls -la /etc/group
-rwxr-xr-x   1 root     sys          356 Jun 19 03:10 /etc/group

# ls -la /etc/passwd
-r--------   1 root     sys          924 Jun 19 03:10 /etc/passwd

# ls -la /etc/nsswitch.conf
-rwxr-xr-x   1 root     sys         1297 Apr 13 02:05 /etc/nsswitch.conf

Now, for the /etc/ directory, I get:

drwx------  43 root     sys         3584 Aug 31 00:45 etc

So I goto / and:
chmod -fR 755 etc

And your a bloody genious!
Its working, but what is the safe permission for etc?

Thanks.

0
 
LVL 21

Accepted Solution

by:
tfewster earned 300 total points
ID: 11958452
permissions 755 is fine for /etc - All users need read and execute permissions on the directory to be able to look in there.

But you did a chmod -R again - Which is how you got into this problem in the first place?!  At least, you need to check the permissions on /etc/shadow (400) and /etc/passwd (444)
0
 
LVL 1

Author Comment

by:kalmen
ID: 11959455
All taken care of now...
I'd like to thank both of yous for the valuable input.
I used truss with root, and it gave me a very large and detailed information display so I thought I'd put it online and show you the link since it would be rediculous to paste it here... but I said to try the permissions one last time and if it doesn't work, I'd send you the output... it worked though... thanks for everything.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
CPU monthly average? 12 139
AIX    Volume group Auto ON/OFF question 2 127
reinstall 1 92
How to Insert a File Using Text Editor 9 102
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question