vanmane@sumax.UUCP (Mohan Vanmane) (06/27/89)
I have a Convergent Tech miniframe running unix system V. Last thing I did on the system was change the root password (while I was logged in as root). Since then no one can login. System seems to be running fine. I reset the system and it boots up fine. File system is OK and the system comes up in multiuser mode. How can I bring this machine down to administrative mode so that I can change the password file? I appreciate any help to solve this problem. Thank you. vanmane%sumax.uucp@beaver.cs.washington.edu
dold@mitisft.Convergent.COM (Clarence Dold) (06/27/89)
in article <664@sumax.UUCP>, vanmane@sumax.UUCP (Mohan Vanmane) says: > I have a Convergent Tech miniframe running unix system V. > Last thing I did on the system was change the root password (while > I was logged in as root). > How can I bring this machine down to administrative mode so that I can > change the password file? How can I tell, via news, whether this is a legitimate request from an authorized System Administrator, or a joke from an 'Intro to UNIX' student that has a bet with his teacher that he can break into the system? -- --- Clarence A Dold - dold@tsmiti.Convergent.COM (408) 434-5293 ...pyramid!ctnews!tsmiti!dold P.O.Box 6685, San Jose, CA 95150-6685 MS#10-007
stripes@wam.UMD.EDU (06/28/89)
In article <664@sumax.UUCP> vanmane@sumax.UUCP (Mohan Vanmane) writes: [stuff deleted] >How can I bring this machine down to administrative mode so that I can >change the password file? > >vanmane%sumax.uucp@beaver.cs.washington.edu Since nobody else can get on you don't need to go into single user mode :-) If it makes you feel better I beleve it's "init 1", but you don't need to be in single-user mode to safely edit the passwd file. There should be a /etc/vipw that will let only one person edit /etc/passwd, provided they all use /etc/vipw (or /etc/lockpw & /etc/unlockpw). If for some reason you don't have thoes just make shure nobody else, and nothing else edits the file while you do. (and yes the shurest you can be in in single user mode). Also if you system has shadow password file support (and you are useing it) to check the shadow password file (where ever it is). -- stripes@wam.umd.edu "Security for Unix is like Josh_Osborne@Real_World,The Mutitasking for MS-DOS" "The dyslexic porgramer" - Kevin Lockwood "A career is great, but you can't run your fingers through it's hair"
sid@friday.rtech.COM (Sid Shapiro) (06/28/89)
In article <8906271706.AA22357@cscwam.UMD.EDU> stripes@wam.UMD.EDU writes: >In article <664@sumax.UUCP> vanmane@sumax.UUCP (Mohan Vanmane) writes: >[stuff deleted] >>How can I bring this machine down to administrative mode so that I can >>change the password file? >> >>vanmane%sumax.uucp@beaver.cs.washington.edu >Since nobody else can get on you don't need to go into single user mode :-) I'd say that he doesn't know the root passwd so he can't change it without being logged in as root, but since he doesn't know it the only way to do it is to go into single user. There should be a keyswitch on the fron of the machine. Turn it off, then to "remote" (it may not be "remote", but normally it turned clockise as far as it can go. Turn off, then back on such that it is one click to the counter-clockwise of normal.) This will bring you up in "administrative" mode (single user in ct-ese). You will probably have to figur out where the real root is and mount it, then you can edit the passwd file. Good luck - those machines are a bitch. / Sid /
rhealey@umn-d-ub.D.UMN.EDU (Rob Healey) (06/29/89)
In article <747@mitisft.Convergent.COM> dold@mitisft.Convergent.COM (Clarence Dold) writes: >in article <664@sumax.UUCP>, vanmane@sumax.UUCP (Mohan Vanmane) says: >> How can I bring this machine down to administrative mode so that I can >> change the password file? > >How can I tell, via news, whether this is a legitimate request from an >authorized System Administrator, or a joke from an 'Intro to UNIX' student >that has a bet with his teacher that he can break into the system? If the person in question can get to the power switch to bring the machine into administration mode then all the software security is pretty much moot. Also, the quickest way to fix things up would be to fire up the original installation/distribution tape and go into "maintainance" mode. Once in maintainance mode you can mount / and edit the password file. Of course one needs to find that original installation tape/disk that's hiding in some mysterious dark corner... -Rob Healey
dold@mitisft.Convergent.COM (Clarence Dold) (06/29/89)
in article <1127@umn-d-ub.D.UMN.EDU>, rhealey@umn-d-ub.D.UMN.EDU (Rob Healey) says: > If the person in question can get to the power switch to bring the > machine into administration mode then all the software security is > pretty much moot. Also, the quickest way to fix things up would > be to fire up the original installation/distribution tape and go > into "maintainance" mode. Once in maintainance mode you can mount > / and edit the password file. Of course one needs to find that > original installation tape/disk that's hiding in some mysterious > dark corner... I started to mail a reply, when I realized that Washington University was one of the recipients in a 'University Gift Program' where we gave away several hundred MiniFrames. Two of the reasons we gave them away: 10 Mhz 68010 wasn't state of the art anymore. These models were Floppy only, couldn't be upgraded to QIC. If this is a floppy only system, he is pretty much out of luck. The disk could be added as drive one to another machine, and mounted, or he could back up what he can, and then 'clone' the disk via the Diagnostics across the 'cluster' a proprietary LAN. -- --- Clarence A Dold - dold@tsmiti.Convergent.COM (408) 434-5293 ...pyramid!ctnews!tsmiti!dold P.O.Box 6685, San Jose, CA 95150-6685 MS#10-007