Password Recovery for root in Solaris

I have Sun Solaris 9 running on a T2000 server.

root password has been changed and I need to do a password recovery.

I have booted to a Solaris 10 CD.
At the OK prompt I typed in "boot cdrom -s"
Then I get in and vi shadow. Remove the encrypted password so the line looks like:
root::6445::::::
I save it, do a cat shadow to verify it changed. Then I try to reboot with "init 6"

But it asks for the username and password and never lets me reset the password.

I have even done all the above, but instead of "init 6: i do a "init 0", then "boot cdrom -s" and I have tried just "boot -s".

boot -s asks for the root password to perform mainentance., when I boot to cdrom again. first thing I do is check "cat shadow" again, but the encrypted password is there again.

I go ahead and try to do "passwd root" but it errors out with permissions denied.

Any help would be appreciated.
Thanks
LVL 4
ddsviAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
ddsviConnect With a Mentor Author Commented:
Alright I am a little closer :P.

my Boot Archive got corrupt for whatever reason
Resolution:

ok  boot -F failsafe

Mount root to /a, then do:

bootadm update-archive -R /a




Now Server gets past ok prompt and now I get this error:
NOTICE: /: unexpected free inode 9503, run fsck(1M)
The / file system (/dev/md/rdsk/d0) is being checked.

WARNING - Unable to repair the / filesystem. Run fsck
manually (fsck -F ufs /dev/md/rdsk/d0).

Nov 11 20:30:32 svc.startd[7]: svc:/system/filesystem/usr:default: Method "/lib/svc/method/fs-usr" failed with exit status 95.
Nov 11 20:30:32 svc.startd[7]: system/filesystem/usr:default failed fatally: transitioned to maintenance (see 'svcs -xv' for details)
Requesting System Maintenance Mode
(See /lib/svc/share/README for more information.)
Console login service(s) cannot run

Root password for system maintenance (control-d to bypass):

Open in new window

0
 
TRW-ConsultingConnect With a Mentor Commented:
I suspect you are not mounting the root filesystem after you boot up on cdrom, and so you're just editing /etc/shadow, am I correct?  You will need to mount with something like this -- mount /dev/dsk/c0t0d0s0 /mnt

Then you can edit /mnt/etc/shadow, not /etc/shadow.

After editing it, umount /mnt and reboot.
0
 
ddsviAuthor Commented:
Ok that worked, good call.

Now after I reset my root password and reboot the server. it keeps coming up to the
OK prompt.

How do I get it to start booting back to the correct place again?
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
TRW-ConsultingCommented:
You should be able to type 'boot disk' from there.
0
 
ddsviAuthor Commented:
Attached is the printenv from OK.


{0} ok printenv
Variable Name           Value                          Default Value

ttya-rts-dtr-off        false                          false
ttya-ignore-cd          true                           true
keyboard-layout         US-English
reboot-command
security-mode           none                           No default
security-password                                      No default
security-#badlogins     0                              No default
verbosity               min                            min
pci-mem64?              false                          false
diag-switch?            false                          false
local-mac-address?      true                           true
fcode-debug?            false                          false
scsi-initiator-id       7                              7
oem-logo                                               No default
oem-logo?               false                          false
oem-banner                                             No default
oem-banner?             false                          false
ansi-terminal?          true                           true
screen-#columns         80                             80
screen-#rows            34                             34
ttya-mode               9600,8,n,1,-                   9600,8,n,1,-
output-device           virtual-console                virtual-console
input-device            virtual-console                virtual-console
auto-boot-on-error?     false                          false
load-base               16384                          16384
auto-boot?              true                           true
network-boot-arguments
boot-command            boot                           boot
boot-file
boot-device             disk net                       disk net
multipath-boot?         false                          false
boot-device-index       0                              0
use-nvramrc?            false                          false
nvramrc
error-reset-recovery    boot                           boot

Open in new window

0
 
ddsviAuthor Commented:
I have tried boot disk
Here is what I get
AAA-1-sc> console -f
Enter #. to return to ALOM.

{0} ok boot disk

SC Alert: Host System has Reset

SC Alert: CRITICAL ALARM is set
\

Netra T2000, No Keyboard
Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
OpenBoot 4.30.4, 8064 MB memory available, Serial #89115142.
Ethernet address 0:21:28:4f:ca:6, Host ID: 854fca06.



Boot device: /pci@780/pci@0/pci@9/scsi@0/disk@1  File and args:
|
Warning: Fcode sequence resulted in a net stack depth change of 1

The file just loaded does not appear to be executable.
{0} ok

Open in new window

0
 
TRW-ConsultingCommented:
"No Keyboard"?  Possible hardware problem maybe?

If that's not it, then you would have to suspect the change you made  earlier.  Hopefully you didn't mess up the shadow file when you edited it.  Boot up on the CDROM, remount it, and take a look at it to make sure.
0
 
ddsviAuthor Commented:

# cat shadow
root:NP:6445::::::
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
nuucp:NP:6445::::::
smmsp:NP:6445::::::
listen:*LK*:::::::
gdm:*LK*:::::::
webservd:*LK*:::::::
postgres:NP:::::::
svctag:*LK*:6445::::::
nobody:*LK*:6445::::::
noaccess:*LK*:6445::::::
nobody4:*LK*:6445::::::
#

Open in new window

0
 
ddsviAuthor Commented:
No I just dont have a keyboard connected to the server. I am connecting to the server via the ALOM network port.
0
 
TRW-ConsultingCommented:
I don't know if I can help you with the boot problem.  Did it boot before you changed the 'shadow' file?

But by having 'NP' in the password field means you can't login as 'root'.   You need to leave that blank:

root::6445::::::

And then give it a password as soon as you get logged on.

Maybe that would have something to do with the boot problem, but I doubt it.
0
 
ddsviAuthor Commented:
Sorry I wasnt in the right directory when I did the cat. Here you go
# cat shadow
root:VrJ7ECVccG/og:14924::::::
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
nuucp:NP:6445::::::
smmsp:NP:6445::::::
listen:*LK*:::::::
gdm:*LK*:::::::
webservd:*LK*:::::::
postgres:NP:::::::
svctag:*LK*:6445::::::
nobody:*LK*:6445::::::
noaccess:*LK*:6445::::::
nobody4:*LK*:6445::::::
widespan:5ZH6rHeisk7bA:14644::::::
oracle:SbxJ1zDTX5A4A:14644::::::
#

Open in new window

0
 
TRW-ConsultingCommented:
It looks like you still have a password for root. You need to remove those 13 characters in field 2 and leave it empty if you're trying to remove root's password.
0
 
ddsviAuthor Commented:
Not sure if I should run this or not: fsck -F ufs /dev/md/rdsk/d0
0
 
TRW-ConsultingConnect With a Mentor Commented:
Oh absolutely, What other choice do you have?  And it shouldn't hurt anything, the worst it can do is say you have unrecoverable errors.
0
 
ddsviAuthor Commented:
it comes up with a lot of questions. Not sure how to answer them

PARTIALLY TRUNCATED INODE I=5105
SALVAGE? Y

INCORRECT DISK BLOCK COUNT I=5105 (121088 should be 57136)
CORRECT?

FRAGMENT 20096 DUP I=5618 LFN 8
FRAGMENT 20097 DUP I=5618 LFN 9
FRAGMENT 20098 DUP I=5618 LFN 10
FRAGMENT 20099 DUP I=5618 LFN 11
FRAGMENT 20100 DUP I=5618 LFN 12
FRAGMENT 20101 DUP I=5618 LFN 13
FRAGMENT 20102 DUP I=5618 LFN 14
FRAGMENT 20103 DUP I=5618 LFN 15
FRAGMENT 20104 DUP I=5618 LFN 16
FRAGMENT 20105 DUP I=5618 LFN 17
EXCESSIVE DUPLICATE FRAGMENTS I=5618
CONTINUE?
0
 
TRW-ConsultingConnect With a Mentor Commented:
I would answer 'y' to everything.  If the questions are too numerous you can add the '-y' option to 'fsck' so that it will assume a 'y' response to every question.
0
 
ddsviConnect With a Mentor Author Commented:
Well I finally got it fixed.

I did the fsck and when it was done it came back to the same spot. tried it a couple of times, eventually the server got in worse shape and got stuck back at the OK prompt. I then booted back tothe CD. But it would not let me mount the c0t1d0s0 any longer because it had to many errors.

So i ran fsck -y c0t1d0s0, then it rebooted and came back with the unexpected free inode errors.

So i ran fsck -y -F ufs /dev/md/rdsk/d0   again and this time it rebooted clean and booted all the way up. I am able to log in with root.

Went ahead and rebooted a couple more times just to make sure it was good.

Thanks for the help
0
 
TRW-ConsultingCommented:
Wow, that was some dirty file system (no pun intended :-) ... glad to hear you got it working though.
0
 
ddsviAuthor Commented:
everything is back up and running
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.