[SUMMARY]Corrupted security database from Larry Griffith on 1996-07-23 (tru64-unix-managers)

From: Larry Griffith <larry_at_garfield.wsc.mass.edu>
Date: Mon, 22 Jul 1996 14:02:04 -0400

Dear managers,

        I received one reply:

Robert Honore <robert_at_digi-data.com>

Original posting
-------- -------

        I just installed DU 4.0 with C2 security. Due to my
stupidity, the file /etc/auth/files/auth.db was corrupted on one
client and as a result I cannot login as root except in single-user
mode. (I can login to my NIS user account in multi-user mode.)

        I rebooted in single-user mode, did a bcheckrc and then logged
in as root. I tried the edauth command, but concluded that I
obviously didn't understand it. It kept telling me there was no entry
for root. I tried convauth, which I thought would convert the ASCII
databases into a new auth.db file (using /tcb/bin/convauth -dp -v),
but it doesn't seem to work.

        Any suggestions as to how I can recover from this?

Reply and resolution
----- --- ----------

        Robert suggested editing /tcb/files/auth/r/root. I've done
this many times under DU v3.x and it always worked, but it doesn't
seem to help with DU v4.0 since the auth.db (new?) was corrupted.
Nonetheless, thanks to Robert for his assistance.

        I finally tried a rather insane stunt that did work: on
another client as root, I copied its copy of auth.db to my ordinary
user's home directory (which is NFS-distributed) and gave my account
ownership. I rebooted the problem client, logged into my ordinary
account (which I could do) and copied the auth.db file to /tmp. I
then shut down to single user mode, logged in as root, copied auth.db
(after backing up) from /tmp to /tcb/files, changed the owner to
auth:auth and the mode to 660, and rebooted. It worked (probably
because root is the only local account that is actually used), but
surely there is a more orthodox way!

                                                Larry

============================================================================
Larry Griffith Dept. of Computer & Info Science
larry_at_garfield.wsc.mass.edu Westfield State College
(413) 572-5294 Westfield, MA 01086 USA
PGP public key available at: http://garfield.wsc.mass.edu/dcis/griffith.html
============================================================================
Received on Mon Jul 22 1996 - 20:19:15 NZST

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:46 NZDT