Recover root acct

Made an error.  My root passwd expired and I was prompted to change it.  Prior to changing  I logged into root via sudo, went to change the root acct in /etc/shadow to where it would never expire by making a copy of the root line and commenting out the original line. Saved it an tried testing it out not realizing that I didn't leave an extra putty window opened already logged in as root just in case.
Tried to su -  now and receive this:
su: Unknown id: root

Tried to sudo and received this:
-bash-3.2$ /opt/sfw/bin/sudo -s
Password:
sudo: pam_authenticate: No account present for user

What can I do to recover the root acct?
sajmf0408Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Zephyr ICTCloud ArchitectCommented:
Maybe you can restart in single user mode and reset/undo changes this way ... But, what OS/version/system are you running?
0
sajmf0408Author Commented:
Solaris 10
0
sajmf0408Author Commented:
Solaris 10 10/09
0
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

sajmf0408Author Commented:
I won't be able to do that because I need to be root or I would have to power off the server right.
0
Zephyr ICTCloud ArchitectCommented:
yes, you can only do that by powering off/rebooting the server yes... You can boot the server with the Solaris 10 CD and choose option 6 (if I recall correctly)
0
sajmf0408Author Commented:
Couldn't I boot to single user mode and log in as root that way?  I didn't change the password yet when it prompted me I just modified the shadow file.  This is what i did (I changed the alphanumeric values, but this is how it looks):
shadow-file.txt
0
Zephyr ICTCloud ArchitectCommented:
Mmmm if you boot into single user mode, but I think it's called Solaris failsafe archive no? Then you can do that ... Anyway, down time is needed I'm afraid.
0
sajmf0408Author Commented:
That's fine.  I have to do some system patching anyway so this works out.  I can do it all during the same downtime.  I looked up failsafe mode because I used it before.  Does this look right:
Recovering root password on Solaris SPARC server:

1.Bring the server to OK prompt.
If the server is up and running then login to server console,you can initiate the reset or send break signal to bring the server to OK prompt.

2.Boot the OS in failsafe mode from OK prompt.
#ok boot -F failsafe
3.Once the server is booted up in failsafe mode,then mount the root disk in /mnt .
If you don’t know the root disk,then execute format command and check one by one.
#mount /dev/dsk/c1t1d0s0 /mnt

4.Take a backup of /mnt/etc/passwd & /mnt/etc/shadow file before removing the root password from it.
# cp -p /mnt/etc/passwd /mnt/etc/passwd.13092013
# cp -p /mnt/etc/shadow /mnt/etc/shadow.13092013

5.Now remove the encrypted password entry for root from /mnt/etc/shadow file using vi editor.You may need to set term to edit the file.(For bash shell — >#export TERM=vt100)
Before Modifications:
#grep root /a/etc/shadow
root:XD9erIqDGXYM.:12192::::::

After Modifications:
#grep root /a/etc/shadow
root::12192::::::

6. Update the boot archive to ensure boot archive is up to date.
# bootadm update-archive -R /mnt
Creating boot_archive for /mnt
updating /a/platform/sun4u/boot_archive
7.  Reboot your system using init command.
# init 6
0
Zephyr ICTCloud ArchitectCommented:
Yep, that seems to be what I remember ... Mounting the root disk and change the file ...

Good luck!
0
sajmf0408Author Commented:
Thanks.  I will tell you how it goes.  By the way I looked at another link and noticed the mountpoint was different.  It's saying to mount to /mnt, then further down reference /a.  Is that right? Below are alternate links i looked up.

mount root to /mnt
Then if you look at step 5 it shows to edit the shadow file by:
grep root /a/etc/shadow
Then
bootadm update-archive -R /mnt

The second link I saw showed this referencing /a:
https://wchumz.wordpress.com/2012/07/31/solaris-boot-failsafe/

This one also /a
http://jurnarlkarat.blogspot.com/2012/12/oracle-solaris-reset-root-password.html
0
Zephyr ICTCloud ArchitectCommented:
yeah, it's basically saying the same thing, mount it to /mnt ... The "a" used in the other resource is just a mount point, you could create a folder named "a" under mount and mount the root folder there ... This way you're not mounting to /mnt directly.
0
sajmf0408Author Commented:
Ok.  Just so i don't get confused it's best to use option 2 or 3 since it doesn't require me mounting to /mnt directly correct?
0
Zephyr ICTCloud ArchitectCommented:
Yeah, it's not about better, you might call it "cleaner" ... In the end it's all the same and once you reboot you won't have any worries about it.
0
sajmf0408Author Commented:
ok.  I will respond with the outcome.
0
Zephyr ICTCloud ArchitectCommented:
Ok, thanks.
0
sajmf0408Author Commented:
I have on other question: when I go to failsafe mode the instructions state:
mount root disk
then
fsck -y root disk
shouldn't i leave it unmounted then run fsck?
0
Zephyr ICTCloud ArchitectCommented:
Normally yes, but if it's not in use/busy it can work when mounted like this ...
0
sajmf0408Author Commented:
ok. Thanks.  I'll be doing this today so I'll have a response later.  Thanks again for your patience and help.
0
Zephyr ICTCloud ArchitectCommented:
No worries, good luck
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sajmf0408Author Commented:
I can fsck our filessystem that's connected to our tape device as well since the system will already be down.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.