Solved

Password Recovery for root in Solaris

Posted on 2010-11-10
19
1,511 Views
Last Modified: 2012-08-14
I have Sun Solaris 9 running on a T2000 server.

root password has been changed and I need to do a password recovery.

I have booted to a Solaris 10 CD.
At the OK prompt I typed in "boot cdrom -s"
Then I get in and vi shadow. Remove the encrypted password so the line looks like:
root::6445::::::
I save it, do a cat shadow to verify it changed. Then I try to reboot with "init 6"

But it asks for the username and password and never lets me reset the password.

I have even done all the above, but instead of "init 6: i do a "init 0", then "boot cdrom -s" and I have tried just "boot -s".

boot -s asks for the root password to perform mainentance., when I boot to cdrom again. first thing I do is check "cat shadow" again, but the encrypted password is there again.

I go ahead and try to do "passwd root" but it errors out with permissions denied.

Any help would be appreciated.
Thanks
0
Comment
Question by:ddsvi
  • 11
  • 8
19 Comments
 
LVL 10

Assisted Solution

by:TRW-Consulting
TRW-Consulting earned 500 total points
ID: 34109005
I suspect you are not mounting the root filesystem after you boot up on cdrom, and so you're just editing /etc/shadow, am I correct?  You will need to mount with something like this -- mount /dev/dsk/c0t0d0s0 /mnt

Then you can edit /mnt/etc/shadow, not /etc/shadow.

After editing it, umount /mnt and reboot.
0
 
LVL 4

Author Comment

by:ddsvi
ID: 34109066
Ok that worked, good call.

Now after I reset my root password and reboot the server. it keeps coming up to the
OK prompt.

How do I get it to start booting back to the correct place again?
0
 
LVL 10

Expert Comment

by:TRW-Consulting
ID: 34109156
You should be able to type 'boot disk' from there.
0
 
LVL 4

Author Comment

by:ddsvi
ID: 34109158
Attached is the printenv from OK.


{0} ok printenv
Variable Name           Value                          Default Value

ttya-rts-dtr-off        false                          false
ttya-ignore-cd          true                           true
keyboard-layout         US-English
reboot-command
security-mode           none                           No default
security-password                                      No default
security-#badlogins     0                              No default
verbosity               min                            min
pci-mem64?              false                          false
diag-switch?            false                          false
local-mac-address?      true                           true
fcode-debug?            false                          false
scsi-initiator-id       7                              7
oem-logo                                               No default
oem-logo?               false                          false
oem-banner                                             No default
oem-banner?             false                          false
ansi-terminal?          true                           true
screen-#columns         80                             80
screen-#rows            34                             34
ttya-mode               9600,8,n,1,-                   9600,8,n,1,-
output-device           virtual-console                virtual-console
input-device            virtual-console                virtual-console
auto-boot-on-error?     false                          false
load-base               16384                          16384
auto-boot?              true                           true
network-boot-arguments
boot-command            boot                           boot
boot-file
boot-device             disk net                       disk net
multipath-boot?         false                          false
boot-device-index       0                              0
use-nvramrc?            false                          false
nvramrc
error-reset-recovery    boot                           boot

Open in new window

0
 
LVL 4

Author Comment

by:ddsvi
ID: 34111291
I have tried boot disk
Here is what I get
AAA-1-sc> console -f
Enter #. to return to ALOM.

{0} ok boot disk

SC Alert: Host System has Reset

SC Alert: CRITICAL ALARM is set
\

Netra T2000, No Keyboard
Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
OpenBoot 4.30.4, 8064 MB memory available, Serial #89115142.
Ethernet address 0:21:28:4f:ca:6, Host ID: 854fca06.



Boot device: /pci@780/pci@0/pci@9/scsi@0/disk@1  File and args:
|
Warning: Fcode sequence resulted in a net stack depth change of 1

The file just loaded does not appear to be executable.
{0} ok

Open in new window

0
 
LVL 10

Expert Comment

by:TRW-Consulting
ID: 34111812
"No Keyboard"?  Possible hardware problem maybe?

If that's not it, then you would have to suspect the change you made  earlier.  Hopefully you didn't mess up the shadow file when you edited it.  Boot up on the CDROM, remount it, and take a look at it to make sure.
0
 
LVL 4

Author Comment

by:ddsvi
ID: 34112218

# cat shadow
root:NP:6445::::::
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
nuucp:NP:6445::::::
smmsp:NP:6445::::::
listen:*LK*:::::::
gdm:*LK*:::::::
webservd:*LK*:::::::
postgres:NP:::::::
svctag:*LK*:6445::::::
nobody:*LK*:6445::::::
noaccess:*LK*:6445::::::
nobody4:*LK*:6445::::::
#

Open in new window

0
 
LVL 4

Author Comment

by:ddsvi
ID: 34112226
No I just dont have a keyboard connected to the server. I am connecting to the server via the ALOM network port.
0
 
LVL 10

Expert Comment

by:TRW-Consulting
ID: 34112382
I don't know if I can help you with the boot problem.  Did it boot before you changed the 'shadow' file?

But by having 'NP' in the password field means you can't login as 'root'.   You need to leave that blank:

root::6445::::::

And then give it a password as soon as you get logged on.

Maybe that would have something to do with the boot problem, but I doubt it.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 4

Author Comment

by:ddsvi
ID: 34112470
Sorry I wasnt in the right directory when I did the cat. Here you go
# cat shadow

root:VrJ7ECVccG/og:14924::::::

daemon:NP:6445::::::

bin:NP:6445::::::

sys:NP:6445::::::

adm:NP:6445::::::

lp:NP:6445::::::

uucp:NP:6445::::::

nuucp:NP:6445::::::

smmsp:NP:6445::::::

listen:*LK*:::::::

gdm:*LK*:::::::

webservd:*LK*:::::::

postgres:NP:::::::

svctag:*LK*:6445::::::

nobody:*LK*:6445::::::

noaccess:*LK*:6445::::::

nobody4:*LK*:6445::::::

widespan:5ZH6rHeisk7bA:14644::::::

oracle:SbxJ1zDTX5A4A:14644::::::

#

Open in new window

0
 
LVL 10

Expert Comment

by:TRW-Consulting
ID: 34113196
It looks like you still have a password for root. You need to remove those 13 characters in field 2 and leave it empty if you're trying to remove root's password.
0
 
LVL 4

Accepted Solution

by:
ddsvi earned 0 total points
ID: 34115567
Alright I am a little closer :P.

my Boot Archive got corrupt for whatever reason
Resolution:

ok  boot -F failsafe

Mount root to /a, then do:

bootadm update-archive -R /a




Now Server gets past ok prompt and now I get this error:
NOTICE: /: unexpected free inode 9503, run fsck(1M)
The / file system (/dev/md/rdsk/d0) is being checked.

WARNING - Unable to repair the / filesystem. Run fsck
manually (fsck -F ufs /dev/md/rdsk/d0).

Nov 11 20:30:32 svc.startd[7]: svc:/system/filesystem/usr:default: Method "/lib/svc/method/fs-usr" failed with exit status 95.
Nov 11 20:30:32 svc.startd[7]: system/filesystem/usr:default failed fatally: transitioned to maintenance (see 'svcs -xv' for details)
Requesting System Maintenance Mode
(See /lib/svc/share/README for more information.)
Console login service(s) cannot run

Root password for system maintenance (control-d to bypass):

Open in new window

0
 
LVL 4

Author Comment

by:ddsvi
ID: 34115575
Not sure if I should run this or not: fsck -F ufs /dev/md/rdsk/d0
0
 
LVL 10

Assisted Solution

by:TRW-Consulting
TRW-Consulting earned 500 total points
ID: 34115863
Oh absolutely, What other choice do you have?  And it shouldn't hurt anything, the worst it can do is say you have unrecoverable errors.
0
 
LVL 4

Author Comment

by:ddsvi
ID: 34115978
it comes up with a lot of questions. Not sure how to answer them

PARTIALLY TRUNCATED INODE I=5105
SALVAGE? Y

INCORRECT DISK BLOCK COUNT I=5105 (121088 should be 57136)
CORRECT?

FRAGMENT 20096 DUP I=5618 LFN 8
FRAGMENT 20097 DUP I=5618 LFN 9
FRAGMENT 20098 DUP I=5618 LFN 10
FRAGMENT 20099 DUP I=5618 LFN 11
FRAGMENT 20100 DUP I=5618 LFN 12
FRAGMENT 20101 DUP I=5618 LFN 13
FRAGMENT 20102 DUP I=5618 LFN 14
FRAGMENT 20103 DUP I=5618 LFN 15
FRAGMENT 20104 DUP I=5618 LFN 16
FRAGMENT 20105 DUP I=5618 LFN 17
EXCESSIVE DUPLICATE FRAGMENTS I=5618
CONTINUE?
0
 
LVL 10

Assisted Solution

by:TRW-Consulting
TRW-Consulting earned 500 total points
ID: 34116203
I would answer 'y' to everything.  If the questions are too numerous you can add the '-y' option to 'fsck' so that it will assume a 'y' response to every question.
0
 
LVL 4

Assisted Solution

by:ddsvi
ddsvi earned 0 total points
ID: 34122075
Well I finally got it fixed.

I did the fsck and when it was done it came back to the same spot. tried it a couple of times, eventually the server got in worse shape and got stuck back at the OK prompt. I then booted back tothe CD. But it would not let me mount the c0t1d0s0 any longer because it had to many errors.

So i ran fsck -y c0t1d0s0, then it rebooted and came back with the unexpected free inode errors.

So i ran fsck -y -F ufs /dev/md/rdsk/d0   again and this time it rebooted clean and booted all the way up. I am able to log in with root.

Went ahead and rebooted a couple more times just to make sure it was good.

Thanks for the help
0
 
LVL 10

Expert Comment

by:TRW-Consulting
ID: 34122154
Wow, that was some dirty file system (no pun intended :-) ... glad to hear you got it working though.
0
 
LVL 4

Author Closing Comment

by:ddsvi
ID: 34153323
everything is back up and running
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now