0

On Scientific Linux 6.4 ( like CentOs6.4)

When configuring a new server I have manually edited the file /etc/shadow so as to copy the password.

Now I can only log in as user root and I can not use any other user.

At the boot the server does not show the login message.

I put the previous shadow file, and passwd and group gshadow unsuccessfully

List the file permissions:

----------  1 root root 9   July 1501 11:47 shadow
----------. 1 root root 9   July 1445 11:46 shadow-
----------  1 root root 914 July 9    11:46 gshadow
----------. 1 root root 901 July 9    11:46 gshadow-
-rw-r--r--  1 root root 9   July 2835 11:46 passwd
-rw-r--r--. 1 root root 9   July 2774 11:46 passwd-
-rw-r--r--  1 root root 9   July 1107 11:46 group
-rw-r--r--. 1 root root 9   July 1091 11:46 group-

if I try to login as normal user I have the message : / bin / bash: Permission denied

SELinux is Disallowed

The /var/log/boot show this message:

Start di uuidd: runuser: /bin/bash: Permission denied

Start sendmail: 451 4.0.0 /etc/mail/sendmail.cf: line 93: fileclass: cannot open '/etc/mail/local-host-names': Group writable directory
451 4.0.0 /etc/mail/sendmail.cf: line 603: fileclass: cannot open '/etc/mail/trusted-users': Group writable directory
Start di sm-client: /etc/mail/submit.cf: line 556: fileclass: cannot open '/etc/mail/trusted-users': Group writable directory
can not chdir(/var/spool/clientmqueue/): Permission denied
Program mode requires special privileges, e.g., root or TrustedUser.

What did I do wrong?

famedoro
  • 145
  • 7
  • 1
    I won't say it's the cause, but your `shadow` should be `400` and `shadow-` should be `600`, the same for `gshadow` (`400`) and `gshadow-` (`600`). Set that right at least. – NickW Jul 09 '13 at 10:19
  • That might actually be the problem. However, it's useful to know things like what is in the log when someone tries to log in and what edit was made. – Falcon Momot Jul 09 '13 at 15:55
  • Looks like you might have filesystem corruption as well. – Michael Hampton Jul 10 '13 at 02:22

1 Answers1

3

Never, ever edit any system files by hand unless you have a good clue about what they do and their correct format.

By editing any copying those files by hand, you have corrupted their contents, and reset the permissions of the original ones (Thanks god you did a backup). I do not know about the stock configuration of CentOS, but this might or might not (given the botched state of the system) help. If not, try to to give at least read permission to root on those files.

user
  • 1,408
  • 8
  • 10
Roman
  • 3,825
  • 3
  • 20
  • 33
  • Many thanks for your precious advice, you saved me many hours of work. Another request how can I migrate the encrypted passwords between the two installations? – famedoro Jul 09 '13 at 10:56
  • This has been answered on both SF and the general internet. GIYF. – Roman Jul 09 '13 at 11:12