HOWTO fix "no shell" for root on Solaris 2.6/Sparc

HOWTO fix "no shell" for root on Solaris 2.6/Sparc

Post by John Kotche » Thu, 27 Nov 1997 04:00:00

> This just happened to me.  I saw a thread on this in October, but it
> seemed to deal more with Solarix/x86.

> Plain Bourne shell just wasn't good enough for me, sigh...  From a
> command line login, I edited the passwd file to change sh to ksh for
> root.  Logged out to test it, logged back in.

Here's my rules for hand editing /etc/passwd ....
1)  cp /etc/passwd /etc/
2)  make your changes.
3)  telnet localhost
4)  login as unprivileged user
5)  su -

If it works, you're home free if it doesn't, do this
1) mv /etc/ /etc/passwd

The same holds true if you're munging around in /etc/shadow
and (to a lesser extent) /etc/group.

By doing things this way, you don't lock yourself out of the original
root login that can actually do stuff you need to do!

Quote:> Unfortunately, there is no /sbin/ksh in Solaris 2.6.  Poof!  No root
> login. It would have been ok if I were in the sys group, because sys has
> write privileges to /sbin and I could have cp'd ksh to /sbin.  BUT, no
> dice. First thing on my TODO list when the system's back up.  :-)

> Anyway, here's my step-by-step.  First, though, you NEED to know what
> slice your root partition (or wherever /etc/passwd is) is mounted from.
> For this example, I'll assume c0t1d0s0.

> 1. From the current login, type "eject" to empty/open the CDROM drive.

This should work, assuming no one is in the /cdrom directory.
Truthfully, what damage is done if you reboot on a read only file
system?  And if memory serves my correctly you can eject the CD-Rom
from the <ok> prompt you're going to be at later.

Quote:> 2. Put the Solaris 2.6 installation CD in the CDROM drive.

If you can login as another user, I'd do that here... and type
in sync ; sync ; sync.  Any user can do sync from the os.  Then
I'd insert the 2.6 installation CD.

Quote:> 3.      The Two-Fingered Salute (Stop-A)

Or <ctrl-break> if you're working from a serial console.

Quote:> 4.      Type "sync" to get the filesystems into some semblance of
> 5.      Type "boot cdrom".

Actually, I'd type in "boot cdrom -s".
This makes 6 and 7 superflous and is a heck of a lot faster...

Not really needed !

Quote:> 6.      Wait about 5 minutes until OpenWindows comes up.

Or not, depending on if you've got a serial or graphical console.

Also not really needed !

Quote:> 7.      Right-click on the background, select Utilities->Command Tool.
> 8.      Type "/etc/fsck /dev/dsk/c0t1d0s0"
> 9.      Type "mount /dev/dsk/c0t1d0s0 /a"

EEks the arcana of ed rears its ugly head.
If you're using a standard type terminal like a sun GUI console
or a vt100 type terminal you can also use vi, which is much
more familiar to most people than ed.

Quote:> 10. Type "ed /a/etc/passwd"

or vi /a/etc/passwd

Quote:> 11. Type "1"

Not needed in vi :-)
Slide your cursor over to the login shell field and modify /sbin/ksh
to /bin/ksh or.... /sbin/sh  your choice.
Then ":wq!"

Steps 12-15 not needed in my scenario.

Quote:> 12. Look at the line for root's login and see what you need to change.
> 13a.    If you still want /bin/ksh:  Type "s/sbin/bin"
> 13b.    If you want to play it safe with /sbin/sh:  Type "s/ksh/sh"
> 14.     Type "w"
> 15.     Type "q"
> 16.     Type "cd /; umount /a"

Good, you want to mark the root file system as clean!

Quote:> 17.     Two-Fingered Salute

You can simply type in "reboot" from the # prompt you got off
the CD-Rom.

Superfluous in my scenario.

Quote:> 18.     Type "boot"

> That's it!
> Rob


Certainly your solution is workable, I'm just trying to
improve things a little bit here.  I think mine comes out
to around 12 steps, as opposed to the 19 you propose.

Dang, not another one of those 12 step programs.

I've munged my address to help foil those
insiduous spammer-type persons.  Remove the
_s to get my real address.


1. sendmail 8.9.3+Sun on Solaris SPARC 2.6 - multiple "Message accepted for delivery"

I've got something very odd going on on my mal relay machine, which has
been working perfectly for a long time.
Over the past six weeks or so, it will occasionally hold an SMTP
conversation that looks like this:

remote machine     my relay
--------------     --------

(connect)      ->
               <-  220 blah blah blah...
HELO           ->
               <-  250 blah blah blah...
MAIL FROM      ->
               <-  250 blah blah blah...
RCPT TO        ->
               <-  250 blah blah blah...
DATA           ->
               <-  354 Enter mail, end...
(message pkts) ->
               <-  250 <qID> Message accepted for delivery
               <-  250 <qID> Message accepted for delivery

Notice that the "Message accepted for delivery" is being sent twice!
This confuses the other end, which usually echoes one of the "Message
accepted"'s back, and then disconnects!  There's no QUIT, and no "220
Connection closed" from my relay, so the sender resends again and
again, and my relay delivers the message again and again.

The really bizarre part is that running truss on sendmail and finding
the right conversation shows that sendmail is sending the "Message
accepted" ONCE, but two TCP packets are being sent by Solaris.

I've searched all of Sun's patch and bug reports, looked on dejanews,
etc, etc, and come up with nothing.  No patches have been applied to
the relay's OS in the past 6 months, except the two recent BIND patches
(one for BIND, one for the resolver).

Has anyone seen this happen before?  This is driving me nuts!


Steve van der Burg
Technical Analyst, Information Services
London Health Sciences Centre
London, Ontario, Canada

2. RedHat 7.1 repeated "freezes" and filesystem problems

3. GETSERVBYNAME()????????????????????"""""""""""""

4. Good nite Edwin

5. """"""""My SoundBlast 16 pnp isn't up yet""""""""""""

6. linux tools advice

7. How to "rcp"/"rsh" as "root"?

8. DEC Alpha PC port - something to look into?

9. Solaris 2.3 "No directory" "No shell"

10. Question about "NGROUPS_MAX" setting in "/etc/system on Solaris 2.6

11. Type "(", ")" and "{", "}" in X...

12. Ethernet HOWTO reference to "pl12" and "pl13"

13. Appropriate Tools for "enhancing" / "fixing" / creating Linux GPLed code