Recover root acct

Made an error.  My root passwd expired and I was prompted to change it.  Prior to changing  I logged into root via sudo, went to change the root acct in /etc/shadow to where it would never expire by making a copy of the root line and commenting out the original line. Saved it an tried testing it out not realizing that I didn't leave an extra putty window opened already logged in as root just in case.
Tried to su -  now and receive this:
su: Unknown id: root

Tried to sudo and received this:
-bash-3.2$ /opt/sfw/bin/sudo -s
Password:
sudo: pam_authenticate: No account present for user

What can I do to recover the root acct?
sajmf0408Asked:
Who is Participating?
 
Zephyr ICTCloud ArchitectCommented:
No worries, good luck
0
 
Zephyr ICTCloud ArchitectCommented:
Maybe you can restart in single user mode and reset/undo changes this way ... But, what OS/version/system are you running?
0
 
sajmf0408Author Commented:
Solaris 10
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
sajmf0408Author Commented:
Solaris 10 10/09
0
 
sajmf0408Author Commented:
I won't be able to do that because I need to be root or I would have to power off the server right.
0
 
Zephyr ICTCloud ArchitectCommented:
yes, you can only do that by powering off/rebooting the server yes... You can boot the server with the Solaris 10 CD and choose option 6 (if I recall correctly)
0
 
sajmf0408Author Commented:
Couldn't I boot to single user mode and log in as root that way?  I didn't change the password yet when it prompted me I just modified the shadow file.  This is what i did (I changed the alphanumeric values, but this is how it looks):
shadow-file.txt
0
 
Zephyr ICTCloud ArchitectCommented:
Mmmm if you boot into single user mode, but I think it's called Solaris failsafe archive no? Then you can do that ... Anyway, down time is needed I'm afraid.
0
 
sajmf0408Author Commented:
That's fine.  I have to do some system patching anyway so this works out.  I can do it all during the same downtime.  I looked up failsafe mode because I used it before.  Does this look right:
Recovering root password on Solaris SPARC server:

1.Bring the server to OK prompt.
If the server is up and running then login to server console,you can initiate the reset or send break signal to bring the server to OK prompt.

2.Boot the OS in failsafe mode from OK prompt.
#ok boot -F failsafe
3.Once the server is booted up in failsafe mode,then mount the root disk in /mnt .
If you don’t know the root disk,then execute format command and check one by one.
#mount /dev/dsk/c1t1d0s0 /mnt

4.Take a backup of /mnt/etc/passwd & /mnt/etc/shadow file before removing the root password from it.
# cp -p /mnt/etc/passwd /mnt/etc/passwd.13092013
# cp -p /mnt/etc/shadow /mnt/etc/shadow.13092013

5.Now remove the encrypted password entry for root from /mnt/etc/shadow file using vi editor.You may need to set term to edit the file.(For bash shell — >#export TERM=vt100)
Before Modifications:
#grep root /a/etc/shadow
root:XD9erIqDGXYM.:12192::::::

After Modifications:
#grep root /a/etc/shadow
root::12192::::::

6. Update the boot archive to ensure boot archive is up to date.
# bootadm update-archive -R /mnt
Creating boot_archive for /mnt
updating /a/platform/sun4u/boot_archive
7.  Reboot your system using init command.
# init 6
0
 
Zephyr ICTCloud ArchitectCommented:
Yep, that seems to be what I remember ... Mounting the root disk and change the file ...

Good luck!
0
 
sajmf0408Author Commented:
Thanks.  I will tell you how it goes.  By the way I looked at another link and noticed the mountpoint was different.  It's saying to mount to /mnt, then further down reference /a.  Is that right? Below are alternate links i looked up.

mount root to /mnt
Then if you look at step 5 it shows to edit the shadow file by:
grep root /a/etc/shadow
Then
bootadm update-archive -R /mnt

The second link I saw showed this referencing /a:
https://wchumz.wordpress.com/2012/07/31/solaris-boot-failsafe/

This one also /a
http://jurnarlkarat.blogspot.com/2012/12/oracle-solaris-reset-root-password.html
0
 
Zephyr ICTCloud ArchitectCommented:
yeah, it's basically saying the same thing, mount it to /mnt ... The "a" used in the other resource is just a mount point, you could create a folder named "a" under mount and mount the root folder there ... This way you're not mounting to /mnt directly.
0
 
sajmf0408Author Commented:
Ok.  Just so i don't get confused it's best to use option 2 or 3 since it doesn't require me mounting to /mnt directly correct?
0
 
Zephyr ICTCloud ArchitectCommented:
Yeah, it's not about better, you might call it "cleaner" ... In the end it's all the same and once you reboot you won't have any worries about it.
0
 
sajmf0408Author Commented:
ok.  I will respond with the outcome.
0
 
Zephyr ICTCloud ArchitectCommented:
Ok, thanks.
0
 
sajmf0408Author Commented:
I have on other question: when I go to failsafe mode the instructions state:
mount root disk
then
fsck -y root disk
shouldn't i leave it unmounted then run fsck?
0
 
Zephyr ICTCloud ArchitectCommented:
Normally yes, but if it's not in use/busy it can work when mounted like this ...
0
 
sajmf0408Author Commented:
ok. Thanks.  I'll be doing this today so I'll have a response later.  Thanks again for your patience and help.
0
 
sajmf0408Author Commented:
I can fsck our filessystem that's connected to our tape device as well since the system will already be down.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.