awatkins@lager.UVic.CA (Andrew Watkins) (06/07/91)
Hello, We recently purchased an HP/Apollo 400t computer running Domain 10.3. As a lone Apollo in a large network of Suns it has been the source of much frustration. Our latest and greatest experience to date is that it is not letting anyone log on. All that we have done so far is to install the operating system and start the daemons: llbd, rgyd and glbd. The original passwords were not changed from the default -apollo-. Now neither of the two default accounts 'user' or 'root' will work. I am quite sure that no one has intentially changed all the passwords, although this is a possibility. I have two questions: 1) can anyone tell what are the other standard accounts that come with the default /etc/passwd file, besides the 'user' and 'root' accounts? I want to try the -apollo- password on these too. 2) If all the passwords have all been lost, is it possible to get a shell with root permissions. I know this is possible with a Sun by booting up in single-user mode. I really want to avoid having to reload the OS. Thanks very much for any help, Andrew Watkins Research Programmer Dept. of Electrical and Computer Engineering University of Victoria Victoria, BC CANADA
thompson@PAN.SSEC.HONEYWELL.COM (John Thompson) (06/07/91)
> Our latest and greatest experience to date is that it is not letting anyone > log on. All that we have done so far is to install the operating system and > start the daemons: llbd, rgyd and glbd. The original passwords were not changed > from the default -apollo-. Now neither of the two default accounts 'user' or > 'root' will work. I am quite sure that no one has intentially changed all the > passwords, although this is a possibility. > I have two questions: > 1) can anyone tell what are the other standard accounts that come with the > default /etc/passwd file, besides the 'user' and 'root' accounts? I want to > try the -apollo- password on these too. Hmmmm. We're treading on security issues here, but I suppose, since you can open a book and find them, that it isn't _too_ harmful. The required accounts are - none.none.none user.none.none sys_person.none.none admin.none.none daemon.none.none bin.bin.none lp.bin.none uucp.daemon.none root.staff.none (From "Administering The Domain/OS Registry" -- 015363-A00) What might be happening is that an empty local registry got created, and the rgyd is not staying up. In that case, you can't log in, because it can find a registry that tells it that no one is allowed. If it can't find the network or a local registry, it'll log you in under the user.none.none account -- no matter WHO you entered as a login. When you try and log in, it should (briefly) flash error messages in the output line on the bottom-right of the screen. Try and see if you're getting messages like "Using local registry - network registry not found." That indicates that (for whatever reason) your registry isn't available, and you're stuck with only the local one, and its zero or one entry (I assume you haven't logged in too many times yet). Try this: Put the node into service mode (a front panel pushbutton on the 400 series, a little toggle on the DNxxxx series), shut down, and reboot the node. You'll go the a phase II shell with a ')' prompt. At this point, the disk is mounted and accessible (to DDS services, not via NFS). Look in the /sys/registry directory (ld /sys/registry) for a file called rgy_local. With a little luck, you'll be able to change the name of that file (chn /sys/registry/rgy_local save_me) so that there isn't a local registry present. (Note that you only have world's rights at this point, because you aren't logged in as anyone.) After changing the name, you might be able to get in as user.none.none <anypass>, if the rgyd isn't working. > 2) If all the passwords have all been lost, is it possible to get a shell with > root permissions. I know this is possible with a Sun by booting up in > single-user mode. I really want to avoid having to reload the OS. No. Apollo workstations were designed to sit on someones desk, and be shut down periodically. They are also _very_ dependent on a network of Apollos. Getting the first one going is always a pain. Unfortunately, unless you get a second, it'll always be a "first machine" problem for you, if anything goes wrong. -- jt -- John Thompson Honeywell, SSEC Plymouth, MN 55441 thompson@pan.ssec.honeywell.com When in danger, when in doubt -- run in circles, scream and shout.