Can't resolve username: Error looking up username for uid=100

Hi All,

I did the most stupid thing, i went (as root) chmod -R 755 /etc/
and now I can't send mail from normal users. When I tried it in command line, this was the behaviour:
bash-2.03$ mailx Test@test.com
Error looking up username for uid=100
LVL 1
kalmenAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tfewsterCommented:
If you have a recent backup of /etc/, restore that to correct all the permissions & suid settings
0
tfewsterCommented:
OK, checking on a Solaris 8 system:
- As a matter of urgency, change the permissions on /etc/shadow to 400 (read only for root);  This may fix the sendmail problem as well
0
tfewsterCommented:
Also, the chmod will have changed the permissions on the TARGETS of any links in /etc; e.g.

ls -ld wall
lrwxrwxrwx   1 root     root          16 Sep 27  2001 wall -> ../usr/sbin/wall
ls -l /usr/sbin/wall
-r-xr-sr-x   1 root     tty         9872 Jan  6  2000 /usr/sbin/wall
0
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

kalmenAuthor Commented:
Thanks man, but do you have any idea how I can get this to work? Mailx?

Thanks.
0
tfewsterCommented:
Check the permissions of these files; The mail files & passwd files may need specific permissions for sendmail to check them (Depending on the test, "excessive" permissions may cause failure)

ls -l /usr/bin/mailx
-r-x--s--x   1 root     mail      126880 Dec  7  2001 /usr/bin/mailx

/etc> ls -l mail
-rw-r--r--   1 root     bin          153 Sep 27  2001 Mail.rc
-rw-r--r--   1 root     bin         1201 Sep 27  2001 aliases
-rw-r--r--   1 root     root           0 Sep 27  2001 aliases.dir
-rw-r--r--   1 root     root        1024 Sep 27  2001 aliases.pag
-rw-r--r--   1 root     bin         5266 Feb  9  2003 helpfile
-rw-r--r--   1 root     bin            0 Nov  8  2000 local-host-names
-rw-r--r--   1 root     bin         1829 Sep 27  2001 mailx.rc
-r--r--r--   1 root     bin        33412 Sep 27  2001 main.cf
-rw-r--r--   1 root     other         41 Mar 20  2002 relay-domains
-r--r--r--   1 root     bin        34108 Feb 13  2004 sendmail.cf
lrwxrwxrwx   1 root     root           8 Sep 27  2001 sendmail.hf -> helpfile
-r--r--r--   1 root     bin        34108 Sep 27  2001 subsidiary.cf
-rw-r--r--   1 root     other      35625 Mar 20  2003 subsidiary.cf.new
-rw-r--r--   1 root     bin            5 Nov  8  2000 trusted-users

ls -l passwd
-r--r--r--   1 root     sys          958 Apr 29 12:17 passwd
ls -l group
-rw-r--r--   1 root     sys          278 Jan 20  2004 group



find /etc -exec ls -ld {} \; |awk '$1 ~ /[sSt]/'
-r-sr-xr-x   1 lp       lp           203 Dec 16  1999 ./lp/alerts/printer

find /etc -exec ls -ld {} \; |grep "\-\-\-" |more
prw-------   1 root     root           0 Apr 28 12:33 ./cron.d/FIFO
-rw-------   1 root     sys         5268 Jan 24  2001 ./inet/mipagent.conf-sample
-rw-------   1 root     sys         4983 Jan 24  2001 ./inet/mipagent.conf.fa-sample
-rw-------   1 root     sys         5378 Jan 24  2001 ./inet/mipagent.conf.ha-sample
prw-------   1 root     root           0 Aug 30 13:54 ./saf/zsmon/_pmpipe
prw-------   1 root     root           0 Aug 30 13:54 ./saf/_sacpipe
prw-------   1 root     root           0 Apr 28 12:34 ./saf/_cmdpipe
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/audio
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/fd0
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/sr0
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/st0
-r--------   1 root     bin            0 Jan  6  2000 ./security/dev/st1
-rw-r-----   1 root     sys          149 Jan  5  2000 ./security/audit_control
-rw-r-----   1 root     sys          188 Jan  5  2000 ./security/audit_user
-rwxr-----   1 root     sys         5339 Jan  6  2000 ./security/audit_warn
-rwxr-----   1 root     sys         4661 Jul 12  2002 ./security/bsmconv
-rwxr-----   1 root     sys         3342 Feb 26  2001 ./security/bsmunconv
Drw-------   1 root     root           0 Sep 27  2001 ./sysevent/syseventconfd_event_service
Drw-------   1 root     root           0 Sep 27  2001 ./sysevent/devfsadm_event_service
Drw-------   1 root     root           0 Sep 27  2001 ./sysevent/sysevent_door
-r--------   1 root     sys          583 Aug 13 08:12 ./shadow
-rw-------   1 root     root           0 Aug 13 08:12 ./.pwd.lock
-rw-------   1 root     sys          494 Sep 27  2001 ./smartcard/.keys
-rw-------   1 root     sys         2206 Sep 27  2001 ./snmp/conf/snmpd.conf
-rw-------   1 root     sys         1402 Jan  6  2000 ./snmp/conf/snmpdx.acl
-rw-------   1 root     sys         1403 Mar 20  2000 ./snmp/conf/mipagent.acl
prw-------   1 root     root           0 Aug 30 13:12 ./initpipe
prw-------   1 root     root           0 Aug 30 13:12 ./utmppipe
-rw-------   1 uucp     uucp         285 Sep 27  2001 ./uucp/Permissions
-rw-------   1 uucp     uucp         825 Sep 27  2001 ./uucp/Systems
-rw-------   1 root     sys         1831 Sep 27  2001 ./ppp/chap-secrets
-rw-------   1 root     sys         1873 Sep 27  2001 ./ppp/pap-secrets
-r--------   1 root     root         583 Jul  8 13:08 ./oshadow
-rw-------   1 root     other         80 Sep 27  2001 ./adsm/DC1TSM4
-rw-------   1 root     other          0 May 25 16:37 ./.group.lock
-rw-------   1 root     other          0 Mar 14  2002 ./.hosts.lock
-r--r-----   1 root     root         832 Mar  4 15:49 ./sudoers
drwxr-x---   2 root     other        512 Jan  3  2003 ./tripwire
-rw-r-----   1 root     other      41137 Jan  3  2003 ./tripwire/twpol.txt


0
kalmenAuthor Commented:
Hmmm. I don't seem to have much difference between your results and mine. It makes me wonder whther the problem could be caused by outside. I'll look around and let you know what I get.
0
liddlerCommented:
use verbose logging on mailx and then truss to examine what the mailx program is doing, you might get a clue to the file it is trying to open
i.e.
mailx -v -v test@test.com

and
truss -fae mailx test@test.com
0
kalmenAuthor Commented:
I couldn't seem to find anything usefull.

Have a look:

login as: oraleus
oraleus@server.com's password:
Last login: Wed Sep 01 2004 04:12:57 -0400 from 1.1.1.1
You have new mail.
bash: /etc/profile: Permission denied
bash-2.03$ truss -eaf mailx test@test.com
truss: cannot trace set-id or unreadable object file: /bin/mailx

The permissions on mailx are:
bash-2.03$ ls -la /bin/mailx
-r-sr-sr-x   1 0        6         126880 Oct 18  2001 /bin/mailx

0
liddlerCommented:
You'll need to be root to run truss.  Can you get root access?

and what was the output of:
mailx -v -v test@test.com
0
tfewsterCommented:
>The permissions on mailx are:
>bash-2.03$ ls -la /bin/mailx
>-r-sr-sr-x   1 0        6         126880 Oct 18  2001 /bin/mailx


Note that the system is not resolving UID and GID, otherwise it would display "root  mail" instead of "0  6"
0
liddlerCommented:
so check /etc/group /etc/passwd /etc/nsswitch.conf
0
kalmenAuthor Commented:
Now, as a non root I get:

# ls -la /etc/group
/etc/group: Permission denied

# ls -la /etc/passwd
/etc/passwd: Permission denied

# ls -la /etc/nsswitch.conf
/etc/nsswitch.conf: Permission denied

As root I have:

# ls -la /etc/group
-rwxr-xr-x   1 root     sys          356 Jun 19 03:10 /etc/group

# ls -la /etc/passwd
-r--------   1 root     sys          924 Jun 19 03:10 /etc/passwd

# ls -la /etc/nsswitch.conf
-rwxr-xr-x   1 root     sys         1297 Apr 13 02:05 /etc/nsswitch.conf

Now, for the /etc/ directory, I get:

drwx------  43 root     sys         3584 Aug 31 00:45 etc

So I goto / and:
chmod -fR 755 etc

And your a bloody genious!
Its working, but what is the safe permission for etc?

Thanks.

0
tfewsterCommented:
permissions 755 is fine for /etc - All users need read and execute permissions on the directory to be able to look in there.

But you did a chmod -R again - Which is how you got into this problem in the first place?!  At least, you need to check the permissions on /etc/shadow (400) and /etc/passwd (444)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
kalmenAuthor Commented:
All taken care of now...
I'd like to thank both of yous for the valuable input.
I used truss with root, and it gave me a very large and detailed information display so I thought I'd put it online and show you the link since it would be rediculous to paste it here... but I said to try the permissions one last time and if it doesn't work, I'd send you the output... it worked though... thanks for everything.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.