From owner-freebsd-questions@FreeBSD.ORG Wed Oct 22 09:50:25 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A9CCF16A4B3 for ; Wed, 22 Oct 2003 09:50:25 -0700 (PDT) Received: from ms-smtp-02.nyroc.rr.com (ms-smtp-02-qfe0.nyroc.rr.com [24.92.226.49]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9A79643FB1 for ; Wed, 22 Oct 2003 09:50:24 -0700 (PDT) (envelope-from pogrose@twcny.rr.com) Received: from dotcom.paradigm.design (rrcs-nys-24-24-30-220.biz.rr.com [24.24.30.220])h9MGoJYo007418 for ; Wed, 22 Oct 2003 12:50:19 -0400 (EDT) Date: Wed, 22 Oct 2003 12:50:03 -0400 From: Eric Pogroski To: freebsd-questions@freebsd.org Message-Id: <20031022125003.4f8ee9dc.pogrose@twcny.rr.com> In-Reply-To: <44smllcqp7.fsf@be-well.ilk.org> References: <3F8315EE.5CDBCE70@chatusa.com> <20031021002425.48bbda15.pogrose@twcny.rr.com> <44u162zr51.fsf_-_@be-well.ilk.org> <20031021101552.74469a30.pogrose@twcny.rr.com> <44smllcqp7.fsf@be-well.ilk.org> X-Mailer: Sylpheed version 0.9.6claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: [freebsd-questions] root passwd change X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Oct 2003 16:50:25 -0000 On Wed, 22 Oct 2003 10:06:12 -0400 Lowell Gilbert wrote: > Eric Pogroski writes: > > > here's whats needed: > > > > > > # shutdown now > > # (csh & tcsh both go fubar in > > single-user mode) > still mounted> > > # passwd root <--- this is important - lost one system by NOT doing > > this > > # exit -or- reboot <--- I prefer a reboot, but that's me. > > Oh, right; we're only trying to change the root password here. That's > not actually affected by securelevel at all, so that was a red herring > for me to bring up securelevel in the first place. > > > work's about 9 times out of 10. It's the tenth one that makes you > > bald from frustration... :) > > You need the ability to invoke shutdown. Since you don't have the > root password, you need some other account with either root (via sudo, > for example) or operator-group access. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" Alright, before this turns ugly, I have a better way to go about this: either a) just reboot the box, and boot off of a fixit disc, and use the emergency terminal, follow the directions regarding soft linking /etc/groups & /etc/*.db, and then change the password from there or b) reboot the box, hit any key but enter when the countdown appears, and enter single user mode, and do (providing no errors on boot): mount -u / (takes the / partition out of read only mode) mount -a -t ufs (mounts /tmp, /usr, and /var, and any other ufs filesystems for you) passwd root reboot login as root it's kinda like doing the build world routine, only no fsck or massive amounts of compiling. However, if kern.securelevel is set to anything but '-1', and kernsecurelevel_enable is set to "YES" in rc.conf, your not going to get in without some good, old fashioned hacking. Seeing as it was never mentioned what either or both of the previous settings are, we both are shooting in the dark here.