incomplete passwd file
Mikkel L. Ellertson
mikkel at infinity-ltd.com
Fri Mar 10 17:16:37 UTC 2006
Thomas Widhalm wrote:
> Hi!
>
> We encountered a rather strange problem. One of our servers (RHAS 4, NIS
> client, NFS client) lost parts of its /etc/passwd . Within some hours
> only the end of the passwd file was remaining, meaning that root, system
> users and some important users were missing! So we could not log in via
> ssh or locally.
>
> We booted from CD copying a backup over the passwd file.
>
> Anyway, we want to know, how this could happen. The server lost
> connection to NIS and NFS before this problem appeared (NIS and NFS
> server crashing)
>
> Did any of you encounter this?
>
> Regards,
> Thomas
>
It might be a good idea to take a close look at the logs, and
make other checks to make sure the system was not cracked. It
could be that someone goofed when editing your password file.
You can also run into problems if you edit the password file
directly in a text editor, instead of using vipw and a user gets
modified/added/deleted by someone else at the same time. (Changing
their password should not bother it, because that is in another
file, but users can run chfn or chsh and change passwd.) The vipw
and vigr programs use the proper locking to safely edit the passwd
and group files.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
More information about the fedora-list
mailing list