clewis@mnetor.UUCP (02/06/86)
BEWARE: In /etc/passwd blank or otherwise badly formatted lines can
cause *extremely* anomalous behaviour. Eg: System V accounting can run
away and fill up the entire /usr partition. It just happened to mnetor...
4 man-hours and a couple of lost UUCP transfers later, our netnews is back
on-line.
We're a Pyramid running OSx 2.3 [one of these days we'll have time to
catch up to the latest O/S] using USG accounting. Thanks to our field
service, Mike Stephenson at Genamation, for pointing us in the right
direction. Similar behaviour has been noted on other *non-Pyramid* System V
systems in the past.
It was probably my fault in this case, but we're not certain. Grovel, grovel...
Apologies to our downstreams.
Around 4-10 UUCP transfers were lost (probably all news from utcs, but
we can't tell - UUCP wasn't able to log anything). If you sent anything to
or thru us between 11pm last night and 8am this morning, please verify that
it got where it was supposed to go.
--
Chris Lewis,
UUCP: {allegra, linus, ihnp4}!utzoo!mnetor!clewis
BELL: (416)-475-8980 ext. 321justin@cxmd.UUCP (Justin C. Walker [Curmudgeon at Large]) (02/07/86)
From Chris: > BEWARE: In /etc/passwd blank or otherwise badly formatted lines can > cause *extremely* anomalous behaviour. Eg: System V accounting can run Now that the horse is gone, there is a program called /etc/pwck which you can use to check the integrity of the passwd file. It comes with System V. There is also /etc/grpck, for /etc/group. Although it's a pain, you might want to use these every time you make a change to one of these files. There really should be a user program which does this, and locks the file while it's doing it. Oh well... Cheers -- ============================================================================== Justin C. Walker, Curmudgeon at Large Computer X, Inc., Germantown (at long last), MD BELL: 301/972-9440 UUCP: {allegra, decvax}!utzoo!mnetor!cxmd!justin SNAIL: 20271 Goldenrod Lane Suite 110 Germantown, MD 20874
steve@jplgodo.UUCP (Steve Schlaifer x3171 156/224) (02/09/86)
In article <3039@mnetor.UUCP>, clewis@mnetor.UUCP (Chris Lewis) writes: > BEWARE: In /etc/passwd blank or otherwise badly formatted lines can > cause *extremely* anomalous behaviour. ..... [discussion of runaway accounting due to grundged passwd file] I religiously run /etc/pwck after making any modifications to /etc/passwd. Even if I am sure I couldn't have made a mistake :-) -- ...smeagol\ Steve Schlaifer ......wlbr->!jplgodo!steve Advance Projects Group, Jet Propulsion Labs ....group3/ 4800 Oak Grove Drive, M/S 156/204 Pasadena, California, 91109 +1 818 354 3171
gwyn@brl-smoke.ARPA (Doug Gwyn ) (02/09/86)
> BEWARE: In /etc/passwd blank or otherwise badly formatted lines can > cause *extremely* anomalous behaviour. This is an understatement. Any time a line of /etc/passwd is edited so that it contains the wrong number of fields, subsequent updating (e.g., by the "passwd" command) can produce one or more lines in /etc/passwd of the form ::0:0::: which has the interesting consequence that one can "log in" using a null username, not have to give a password, and end up as superuser. This problem was fixed in the /etc/passwd-reading library routines in UNIX System V, but not in 4.2BSD. I have seen this problem occur several times.