Hi osf-managers,
I've just discovered the weirdest problem with our Alpha 2100 (v3.0).
sometime today, something 'happened' to our TCB/password system. Here's
symptoms:
* Users can login fine
* /tcb/files/auth permissions are 660/auth/auth for all files
* /etc/passwd perms:
-rw-r--r-- 1 root system 273282 Jan 2 20:35 /etc/passwd
-rw-r--r-- 1 root system 4096 Jan 2 20:35 /etc/passwd.dir
-rw-r--r-- 1 root system 2053120 Jan 2 20:35 /etc/passwd.pag
All would seem well hmm?
NOT!
XIsso refuses to understand that any users exist, and authck gives
all kinds of stuff, with scary lines like:
adm appears in Protected Password database but cannot be retrieved
with getprpwent()
auth appears in Protected Password database but cannot be retrieved
with getprpwent()
bin appears in Protected Password database but cannot be retrieved
with getprpwent()
cron appears in Protected Password database but cannot be retrieved
with getprpwent()
daemon appears in Protected Password database but cannot be retrieved
with getprpwent()
lp appears in Protected Password database but cannot be retrieved
with getprpwent()
ris appears in Protected Password database but cannot be retrieved
with getprpwent()
.
.
.
adm not listed in /etc/passwd, but is in the Protected Password database.
auth not listed in /etc/passwd, but is in the Protected Password database.
bin not listed in /etc/passwd, but is in the Protected Password database.
cron not listed in /etc/passwd, but is in the Protected Password database.
daemon not listed in /etc/passwd, but is in the Protected Password database.
lp not listed in /etc/passwd, but is in the Protected Password database.
ris not listed in /etc/passwd, but is in the Protected Password database.
root not listed in /etc/passwd, but is in the Protected Password database.
^^^^^ !
it also says my userid isn't listed in /etc/passwd, but of course
it is, and I can login fine.
I tried rebooting the system to see if that would help, but no luck (I
know on reboot OSF/1 has some system whereby it checks permissions of
certain files - I hoped this might fix it :))
It lists tons of random users in both cases, but not ALL of our
4000+ users, and it isn't consistient, ie:
# /tcb/bin/authck -a | grep root
root not listed in /etc/passwd, but is in the Protected Password database.
# /tcb/bin/authck -a | grep rxxram
rxxram appears in Protected Password database but cannot be retrieved
rxxram not listed in /etc/passwd, but is in the Protected Password database.
# ls -al /tcb/files/auth/r/rxxram
-rw-rw---- 1 auth auth 265 Jan 2 20:21 /tcb/files/auth/r/rxxram
# grep rxxram /etc/passwd
rxxram:*:101:1208:Richard A. Muirden,5.02.24,x3814,:/staff/rxx/rxxram:/bin/tcsh
(I assume here that it's getpwent that's failing, or getpwnam or something
like that, rather than a direct scan of the password file)
I tried running pwck and grpck, but these told me nothing terribly
useful.
I also tried removing the /etc/auth/system/gr_id_map and pw_id_map
files, but to no avail. They rebuilt ok, but same problems occur.
I ran a fverify on the security fileset, and this found a few permission
weirdos, but the problem still exists :-(
We have a program that produces a shadow password file like output for
use by our terminal servers, and this now only produces one line of
output, for root! and nothing else (it should give one line for
every user).
I've poked around for a few hours now checking permissions and looking
for things like changed libraries, shared libraries(there don't seem
to be any) and things like this, but I'm out of ideas. The OSF/1
manual is sketchy enough on the TCB as it is, so I can't seem to
find anything in there to help.
Does anyone have any ideas or seen anything like this before?
-richard
--
Richard A. Muirden, Sys. Admin |Fan of Shostakovich, "Star Trek" and the Boeing
Mailto: richard_at_rmit.EDU.AU |777 (launch: May 15, 1995 - United Airlines).
Phone: (+61 3) 660 3814 |I created alt.fan.shostakovich! Fly: UA,QF,WN
http://www.rmit.edu.au/richard |Can *YOU* beat my 102 Shost CD's? :-)
Received on Mon Jan 02 1995 - 05:19:51 NZDT