I've tried to considate all the responses I've received for the
archives so that others can benefit from this experience.
-----------------------------------------------------------------------
My origional posting:
-----------------------------------------------------------------------
> From eidson_at_unix4.is.tcu.edu
> Date: Mon, 21 Apr 1997 10:46:19 -0500 (CDT)
> Subject: Help: C2 disabled root
>
>
> Hi all ....
>
> Well ... my first experience with C2 under DU 4.0a is not going well.
> I have somehow gotten my root login "Account is disabled -- see
> Account Administrator". I've been abled to boot from CD and mount
> the root partition, but dont know what to change. I thought is was
> the "*" in the /etc/passwd file but that didnt clear things.
>
> I'd appreciate any help/suggestions.
-----------------------------------------------------------------------
Most folks suggested:
-----------------------------------------------------------------------
I include the following since it probably would solve a lot of the
common lockups:
> You may change 'u_lock' to 'u_lock_at_' in /tcb/files/auth/r/root
>
> And look at prpasswd(4) for explanations about the contents of this file.
>
> As I have understood from prpasswd(4) and for my experience
>
> when the file contains u_lock, the account is disbled
> when the file contains u_lock_at_, the account is not disabled.
>
> Someone else noted:
>
> If it is locked due to too many unsuccessful logins, remove the
> number from u_numunsuclog.
> Perhaps you can see also u_retired.
> Note that the last parameter must be 'chkent'
The best way to edit this file is to make sure all your disks are
mounted (mount -a) and then run the following:
/usr/tcb/bin/edauth root
I was able to successfully boot to single user mode and get around.
It did not appear to be a u_lock problem at all. The "passwd" command
would not even work. I WAS able to delele the password out by
removing the "u_pwd" entry ... then "passwd" allowed me to set my
password but then I was STILL locked out! I could not even run the
"passwd" command second time.
-----------------------------------------------------------------------
Solution I used:
-----------------------------------------------------------------------
Jeff Payne offered me the following:
> It would appear that your databases have got out of step with each other.
> Check to see if you have .db files in /etc/auth/system/ttys.db,
> /tcb/files/auth.db and /var/tcb/files/auth.db. If so then you could
> try the following - assuming that you have been able to login from the
> console. You could boot into single user mode and do it from there if
> you are unable to login from the console.
> (boot -fl s)
>
> 1. cd /etc/auth/system
> mv ttys.db ttys.db.sav
> mv ttys ttys.sav
> cp .proto..ttys ttys
> /tcb/bin/convauth -d t -O (capital letter O)
>
> 2. cd /var/tcb/files/
> mv auth.db auth.db.sav
> cd /tcb/files/
> mv auth.db auth.db.sav
> /tcb/bin/convauth -d p -g
>
> 3. Change your password via 'passwd'
While I had to tweek some of his options, the above basically worked
for me. A gotya is that all my other users could no longer login
until after I issued the "convuser -c" command. While everyone has
lost their password ... this is not a big deal since there are only
a few folks on this system.
-----------------------------------------------------------------------
Other Alternatives:
-----------------------------------------------------------------------
In hind sight it sounds like things were all the files were out-of-sync
and use of the convuser would probably have worked. The following solution
from Stephen LaBelle would have probably worked better and would have kept
my other authorization:
> Instead of booting up with the CD, why don't you just boot into single
> user mode. You get a root login.
>
> >>> boot -fl s
>
> The real info for root to login in with is in the directory:
>
> /tcb/files/auth/r/root
>
> Try the following after booting into single-user mode:
>
> % rm /tcb/files/auth/r/root
>
> % /tcb/bin/convuser -a root
>
> % passwd root
>
> Reboot, you should have root access.
-----------------------------------------------------------------------
Thanks to all:
-----------------------------------------------------------------------
Big thanks go to:
Nopchai Tangtritham <nung_at_alpha.tu.ac.th>
MC.Vialatte_at_custsv.univ-bpclermont.fr
richard n. frank <root_at_cermet.llnl.gov>
Chris Pressley <chrisp_at_tidalwave.net>
Helgi Viggosson <helgi_at_mail.digital.is>
Loosh <mlucius_at_dwc.edu>
Kent R Arnott <karnott_at_falcon.tamucc.edu>
Subir Grewal <subir_at_crl.com>
Juergen Bock <bock_at_dbf.ddb.de>
Martin.Blomdahl_at_network.combitech.se
Rodrigo Filipe <rfilipe_at_soporcel.pt>
AHMADI Laifa <Laifa.Ahmadi_at_litp.ibp.fr>
Jeff Payne <payne_at_solg2.bnsc.rl.ac.uk>
Matti Saarinen <mjs_at_cc.tut.fi>
Stephen LaBelle <labelles_at_mscd.edu>
Juergen Bock <bock_at_dbf.ddb.de>
Scott Johnson <scott_at_dsuper.net>
Dejan Muhamedagic <muja_at_galeb.etf.bg.ac.yu>
Is this a great group our what???
-----------------------------------------------------------------------
Jon Eidson (J.Eidson_at_tcu.edu) Information Services
Senior Systems Programmer Texas Christian University
(817) 921-7695 ext 6835 Fort Worth, Texas 76129
-----------------------------------------------------------------------
Received on Wed Apr 23 1997 - 18:12:59 NZST