I was playing with shell changes and accidentally changed root user shell to nonexistent one. How did it happen? From Ubuntu terminal I switched to root’s environment executing “sudo su -” and then I tried to change login shell for root user performing chsh command. Instead of specifying correct shell with path like “/bin/sh” I typed only “sh”. The system presented reply about the error I made, but in the same time it changed a record in the system file /etc/passwd from correct one to erroneous. On terminal window it looked as:
|
root@vealomrea-virtualbox:~# chsh -s sh chsh: Warning: sh does not exist |
Later I logged in to my Linux box through ssh, tried to switch to super user and received this:
|
vealomrea@vealomrea-virtualbox:~$ sudo su – [sudo] password for vealomrea: Cannot execute sh: No such file or directory vealomrea@vealomrea-virtualbox:~$ su – su: Authentication failure vealomrea@vealomrea-virtualbox:~$ |
The following messages were logged in /var/log/auth.log file:
|
Jun 29 15:29:01 vealomrea-VirtualBox su[2613]: pam_unix(su:auth): authentication failure; logname=vealomrea uid=1000 euid=0 tty=/dev/pts/18 ruser=vealomrea rhost= user=root Jun 29 15:29:03 vealomrea-VirtualBox su[2613]: pam_authenticate: Authentication failure Jun 29 15:29:03 vealomrea-VirtualBox su[2613]: FAILED su for root by vealomrea Jun 29 15:29:03 vealomrea-VirtualBox su[2613]: – /dev/pts/18 vealomrea:root |
The problem was because the login shell for root user was broken. I opened /etc/passwd file in text editor
|
$ sudo nano /etc/passwd |
and found that line for root user account was looked like:
|
root:x:0:0:root:/root:sh |
Definitely it was incorrect, correct shells’ locations are
and found that line for root user account was looked like:
|
$ cat /etc/shells # /etc/shells: valid login shells /bin/sh /bin/dash /bin/bash /bin/rbash |
I replaced the line in /etc/passwd for root user account to:
|
root:x:0:0:root:/root:/bin/bash |
saved /etc/passwd file and rebooted my Linux box. When I logged in agent and “sudo su -” started to work as expected and /var/log/auth.log showed this:
|
Jun 29 16:19:52 vealomrea-VirtualBox sudo: pam_unix(sudo:session): session opened for user root by (uid=0) Jun 29 16:19:52 vealomrea-VirtualBox su[2301]: Successful su for root by root |
|
Iconic One Theme | Powered by Wordpress
|