Very Computer

This is a multi-part message in MIME format.
--------------B4AB529002C8AB6370D2C480
Content-Type: text/plain; charset=us-ascii
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

I edited the /etc/passwd file for the root user to change the shell
entry from /sbin/sh to /sbin/ksh and saved the file.
Only to realize that ksh is in the /bin directory. I cannot login or su
to the root id because it can't find the ksh. Is there any way to get
back into the system for root. the error message is NO SHELL. Not being
that familiar with Solaris 2.5.1 , is there any way to bring up some
sort of mini kernel.
Any help appreciated.

--------------B4AB529002C8AB6370D2C480
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Charles  Allen
Content-Disposition: attachment; filename="vcard.vcf"

begin:          vcard
fn:             Charles  Allen
n:              Allen;Charles
org:            SS/OS Common Services
adr:            3865 Airways Blvd;;MEM/TN/8521 Module F 2nd Floor;Memphis ;TN;38116;USA

title:          Systems Advisor
tel;work:       (901) 397-4211
x-mozilla-cpt:  ;0
x-mozilla-html: TRUE
end:            vcard

--------------B4AB529002C8AB6370D2C480--

Regaining control of a Solaris x86 system where the root password has
been lost can be accomplished by the following steps.  Note that
any savvy user can do this with the proper CD-ROM and diskette.
Therefore, of course, physical security of a system is important for
machines containing sensitive data.

1.    Insert installation boot diskette and installation CD-ROM for
      Solaris x86.

2.    Boot system from the installation floppy and select the CD-ROM as
      the boot device.

3.    Select 1 for interactive installation.
      [Additional note from Matt Simmons: You can type `b -s' at it (instead
       of hitting 1 or 2), and it'll drop you straight to a root shell (since
       you'll now be in single-user mode). In this case, skip the next step.]

4.    After booting from the CD-ROM and the first Blue Screen comes up,
      key in <CTRL> \ (Hold the control key and press the backslash key).

5.    The system will drop to a root prompt,  #.

6.    At the root prompt, #, key in the following commands, which will
      create a directory called hdrive under the /tmp directory and then
      mount the root hard drive partition under this temporary directory.

      mkdir  /tmp/hdrive
      mount  /dev/dsk/c0t0d0s0  /tmp/hdrive #SCSI; for ATAPI/IDE, omit "t0"

7.    To use the vi editor, the TERM variable must be defined.  Key in
      the following commands.

      TERM=at386
      export TERM

8.    Start the vi editor and load /tmp/hdrive/etc/shadow file.

      vi /tmp/hdrive/etc/shadow

9.    Change the first line of the shadow file that has the root entry to:

      root::6445::::::

10.   Write and quit the vi editor with the "!" override command:

      :wq!

11.   Halt the system, remove the floppy installation diskette, and
      reboot the system.

      halt

12.    When system has rebooted from the hard drive, you can now log in
       from the Console Login: as root with no password.  Just hit enter
       for the password.

13.    After logging in as root, use the passwd command to change the
       root password and secure the system.
-

San Diego, California, USA
  dan

cts.com

-am

--
John Riddoch                    Programmer/Webmaster
Room C6, School of Computer and Mathematical Science
Robert Gordon University, Aberdeen, AB25 1HG
Telphone: (01224)262721

        su root -c /bin/ksh

        too easy for you?

-am

[[ Reply by email or post, don't do both ]]

In fact, that just passes "-c /bin/ksh" to root's (non existant) shell.

Any OS where thgis does work is broken (I wouldnt' want someone to
eb able to do : su sync -c /bin/ksh;  you'd want to check teh user's
shell against /etc/shells first (which also wouldnt;' help in this case)

Casper
--
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

Quote:> Any OS where thgis does work is broken (I wouldnt' want someone to
> eb able to do : su sync -c /bin/ksh;  you'd want to check teh user's
> shell against /etc/shells first (which also wouldnt;' help in this case)

        Since this problem seems to be manifesting itself so often
        lately, I think a change to su is in order to allow for a
        failsafe in these sort of circumstances. Comments at the
        top of the password file itself noting the ramifications
        of changing the root shell wouldn't go astray either.
        (There's a simple alternative that doesn't involve munging
        root - as has been pointed out on occassion as well.)

-am

How about:

        su root -c "cp /bin/ksh /sbin"

and then logging in again?

T