Help Root SHELL Problem NO SHELL

Help Root SHELL Problem NO SHELL

Post by Charles Alle » Mon, 27 Oct 1997 03:00:00



This is a multi-part message in MIME format.
--------------B4AB529002C8AB6370D2C480
Content-Type: text/plain; charset=us-ascii
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

I edited the /etc/passwd file for the root user to change the shell
entry from /sbin/sh to /sbin/ksh and saved the file.
Only to realize that ksh is in the /bin directory. I cannot login or su
to the root id because it can't find the ksh. Is there any way to get
back into the system for root. the error message is NO SHELL. Not being
that familiar with Solaris 2.5.1 , is there any way to bring up some
sort of mini kernel.
Any help appreciated.

--------------B4AB529002C8AB6370D2C480
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Charles  Allen
Content-Disposition: attachment; filename="vcard.vcf"

begin:          vcard
fn:             Charles  Allen
n:              Allen;Charles
org:            SS/OS Common Services
adr:            3865 Airways Blvd;;MEM/TN/8521 Module F 2nd Floor;Memphis ;TN;38116;USA

title:          Systems Advisor
tel;work:       (901) 397-4211
x-mozilla-cpt:  ;0
x-mozilla-html: TRUE
end:            vcard

--------------B4AB529002C8AB6370D2C480--

 
 
 

Help Root SHELL Problem NO SHELL

Post by Dan Anders » Tue, 28 Oct 1997 04:00:00



>I edited the /etc/passwd file for the root user to change the shell
>entry from /sbin/sh to /sbin/ksh and saved the file.
>Only to realize that ksh is in the /bin directory. I cannot login or su
>to the root id because it can't find the ksh. Is there any way to get
>back into the system for root. the error message is NO SHELL. Not being
>that familiar with Solaris 2.5.1 , is there any way to bring up some
>sort of mini kernel.

Here's a write-up:

Regaining control of a Solaris x86 system where the root password has
been lost can be accomplished by the following steps.  Note that
any savvy user can do this with the proper CD-ROM and diskette.
Therefore, of course, physical security of a system is important for
machines containing sensitive data.

1.    Insert installation boot diskette and installation CD-ROM for
      Solaris x86.

2.    Boot system from the installation floppy and select the CD-ROM as
      the boot device.

3.    Select 1 for interactive installation.
      [Additional note from Matt Simmons: You can type `b -s' at it (instead
       of hitting 1 or 2), and it'll drop you straight to a root shell (since
       you'll now be in single-user mode). In this case, skip the next step.]

4.    After booting from the CD-ROM and the first Blue Screen comes up,
      key in <CTRL> \ (Hold the control key and press the backslash key).

5.    The system will drop to a root prompt,  #.

6.    At the root prompt, #, key in the following commands, which will
      create a directory called hdrive under the /tmp directory and then
      mount the root hard drive partition under this temporary directory.

      mkdir  /tmp/hdrive
      mount  /dev/dsk/c0t0d0s0  /tmp/hdrive #SCSI; for ATAPI/IDE, omit "t0"

7.    To use the vi editor, the TERM variable must be defined.  Key in
      the following commands.

      TERM=at386
      export TERM

8.    Start the vi editor and load /tmp/hdrive/etc/shadow file.

      vi /tmp/hdrive/etc/shadow

9.    Change the first line of the shadow file that has the root entry to:

      root::6445::::::

10.   Write and quit the vi editor with the "!" override command:

      :wq!

11.   Halt the system, remove the floppy installation diskette, and
      reboot the system.

      halt

12.    When system has rebooted from the hard drive, you can now log in
       from the Console Login: as root with no password.  Just hit enter
       for the password.

13.    After logging in as root, use the passwd command to change the
       root password and secure the system.
-

San Diego, California, USA
  dan

cts.com

 
 
 

Help Root SHELL Problem NO SHELL

Post by Anthony Mandi » Sat, 01 Nov 1997 04:00:00



> I edited the /etc/passwd file for the root user to change the shell
> entry from /sbin/sh to /sbin/ksh and saved the file.
> Only to realize that ksh is in the /bin directory. I cannot login or su
> to the root id because it can't find the ksh. Is there any way to get
> back into the system for root. the error message is NO SHELL. Not being
> that familiar with Solaris 2.5.1 , is there any way to bring up some
> sort of mini kernel.

        The BFI approach is to boot of the CD and fix things.
        The smarter and faster way would be either to copy ksh
        into sbin or link ksh to sh (if possible - you may have
        permission problems), or, better yet, give su an option
        arg telling it which shell use use. See 'man su' for details.

-am

 
 
 

Help Root SHELL Problem NO SHELL

Post by John Riddoc » Tue, 04 Nov 1997 04:00:00



> I edited the /etc/passwd file for the root user to change the shell
> entry from /sbin/sh to /sbin/ksh and saved the file.
> Only to realize that ksh is in the /bin directory. I cannot login or su
> to the root id because it can't find the ksh. Is there any way to get
> back into the system for root. the error message is NO SHELL. Not

Urm, this sounds painfully familiar... *blush*
Basically, there are two fixes to this:
1/ rip out the disk and attach it to another machine; do a boot -r on
the machine (to recognise the disk), mount the / partition and edit the
password file
2/ boot the machine from cdrom (boot cdrom).  Once booted, mount the /
partition to a directory in the cdrom (I believe /a is used in Solaris)
and edit the file.  Unfortunately, there is a chance that you cannot use
vi since the /var/tmp area in read only (on the cd) so you may have to
do the following:
cp passwd passwd.bak
echo "root::0:0:root:/:/sbin/sh" > passwd.line
cat passwd.line passwd.bak > passwd
This should give a new line at the top of the passwd file with a valid
root line.  Better still is to 'cat' the /etc/passwd file and copy the
line for root but changing the shell.

--
John Riddoch                    Programmer/Webmaster
Room C6, School of Computer and Mathematical Science
Robert Gordon University, Aberdeen, AB25 1HG
Telphone: (01224)262721

 
 
 

Help Root SHELL Problem NO SHELL

Post by Anthony Mandi » Fri, 07 Nov 1997 04:00:00




> > I edited the /etc/passwd file for the root user to change the shell
> > entry from /sbin/sh to /sbin/ksh and saved the file.
> > Only to realize that ksh is in the /bin directory. I cannot login or su
> > to the root id because it can't find the ksh. Is there any way to get
> > back into the system for root. the error message is NO SHELL. Not
> Urm, this sounds painfully familiar... *blush*
> Basically, there are two fixes to this:
> 1/ rip out the disk and attach it to another machine; do a boot -r on
> the machine (to recognise the disk), mount the / partition and edit the
> password file
> 2/ boot the machine from cdrom (boot cdrom).  Once booted, mount the /
> partition to a directory in the cdrom (I believe /a is used in Solaris)
> and edit the file.

        Ah, the old BFI approaches. Is doing -

        su root -c /bin/ksh

        too easy for you?

-am

 
 
 

Help Root SHELL Problem NO SHELL

Post by Casper H.S. Dik - Network Security Engine » Fri, 07 Nov 1997 04:00:00


[[ Reply by email or post, don't do both ]]


>    Ah, the old BFI approaches. Is doing -
>    su root -c /bin/ksh

That doesn't work.  

In fact, that just passes "-c /bin/ksh" to root's (non existant) shell.

Any OS where thgis does work is broken (I wouldnt' want someone to
eb able to do : su sync -c /bin/ksh;  you'd want to check teh user's
shell against /etc/shells first (which also wouldnt;' help in this case)

Casper
--
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

 
 
 

Help Root SHELL Problem NO SHELL

Post by Anthony Mandi » Mon, 10 Nov 1997 04:00:00




> >       Ah, the old BFI approaches. Is doing -

> >       su root -c /bin/ksh

> That doesn't work.

> In fact, that just passes "-c /bin/ksh" to root's (non existant) shell.

        Yes, you're right. I picked up on it from someone else's
        post a long time ago. I tried it and it worked (not realising
        fully). After I posted the above, I tested it with a broken
        shell entry, and the expected happened.

Quote:> Any OS where thgis does work is broken (I wouldnt' want someone to
> eb able to do : su sync -c /bin/ksh;  you'd want to check teh user's
> shell against /etc/shells first (which also wouldnt;' help in this case)

        Interestingly enough, 'man su' implies that it also works if
        no shell is defined!?!! I haven't tested this but I might.

        Since this problem seems to be manifesting itself so often
        lately, I think a change to su is in order to allow for a
        failsafe in these sort of circumstances. Comments at the
        top of the password file itself noting the ramifications
        of changing the root shell wouldn't go astray either.
        (There's a simple alternative that doesn't involve munging
        root - as has been pointed out on occassion as well.)

-am

 
 
 

Help Root SHELL Problem NO SHELL

Post by timothy.d.rogs.. » Wed, 12 Nov 1997 04:00:00


How about:

        su root -c "cp /bin/ksh /sbin"

and then logging in again?

T