Date: Tue, 30 May 2023 20:05:49 -0700 From: Mark Millard <marklmi@yahoo.com> To: bob prohaska <fbsd@www.zefox.net> Cc: Current FreeBSD <freebsd-current@freebsd.org> Subject: Re: Surprise null root password Message-ID: <C221AC0B-7DF3-4FC2-BE9F-BC136BEC4B9A@yahoo.com> In-Reply-To: <ZHalP9BhpSiKvDmb@www.zefox.net> References: <8721FE04-3769-473C-BAAD-EB0A4FCFA1D7.ref@yahoo.com> <8721FE04-3769-473C-BAAD-EB0A4FCFA1D7@yahoo.com> <ZHalP9BhpSiKvDmb@www.zefox.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On May 30, 2023, at 18:39, bob prohaska <fbsd@www.zefox.net> wrote: > On Tue, May 30, 2023 at 11:02:13AM -0700, Mark Millard wrote: >> bob prohaska <fbsd_at_www.zefox.net> wrote on >> Date: Tue, 30 May 2023 15:36:21 UTC : >>=20 >>> On Tue, May 30, 2023 at 08:41:33AM +0200, Alexander Leidinger wrote: >>>>=20 >>>> Quoting bob prohaska <fbsd@www.zefox.net> (from Fri, 26 May 2023 = 16:26:06 >>>> -0700): >>>>=20 >>>>> On Fri, May 26, 2023 at 10:55:49PM +0200, Yuri wrote: >>>>>>=20 >>>>>> The question is how you update the configuration files, >>>>>> mergemaster/etcupdate/something else? >>>>>>=20 >>>>>=20 >>>>> Via etcupdate after installworld. In the event the system >>>>> requests manual intervention I accept "theirs all". It seems >>>>> odd if that can null a root password. >>>>>=20 >>>>> Still, it does seem an outside possibility. I could see it adding >>>>> system users, but messing with root's existing password seems a >>>>> bit unexpected. >>>>=20 >>>> As you are posting to -current@, I expect you to report this issue = about >>>> 14-current systems. As such: there was a "recent" change = (2021-10-20) to the >>>> root entry to change the shell. >>>> = https://cgit.freebsd.org/src/commit/etc/master.passwd?id=3Dd410b585b6f00a2= 6c2de7724d6576a3ea7d548b7 >>>>=20 >>>> By blindly accepting all changes, this has reset the PW to the = default >>>> setting (empty). >>>=20 >>> So it's a line-by-line merge. That's the most sensible explanation = available. >>>=20 >>>>=20 >>>> I suggest to review changes ("df" instead of "tf" in etcupdate) to = at least >>>> those files which you know you have modified, including the = password/group >>>> stuff. After that you can decide if the diff which is shown with = "df" can be >>>> applied ("tf"), or if you want to keep the old version ("mf"), or = if you >>>> want to modify the current file ("e", with both versions present in = the file >>>> so that you can copy/paste between the different versions and keep = what you >>>> need). >>>>=20 >>>=20 >>> The key sequences required to copy and paste between files in the = edit screen >>> were elusive. Probably it was thought self-evident, but not for me. = I last tried=20 >>> it long ago, via mergemaster. Is there is a guide to commands for = merging files=20 >>> using /etcupdate? Is it in the vi man page? I couldn't find it. >>=20 >> # man etcpudate >> . . . >> CONFIG FILE >> The etcupdate utility can also be configured by setting variables = in an >> optional configuration file named /etc/etcupdate.conf. Note that = command >> line options override settings in the configuration file. The >> configuration file is executed by sh(1), so it uses that syntax = to set >> configuration variables. The following variables can be set: >>=20 >> . . . >>=20 >> EDITOR Specify a program to edit merge conflicts. >> . . . >> ENVIRONMENT >> The etcupdate utility uses the program identified in the EDITOR >> environment variable to edit merge conflicts. If EDITOR is not = set, >> vi(1) is used as the default editor. >>=20 >>=20 >>=20 >> So, if you do not want to use vi, you can use either the EDITOR >> environment variable or an EDITOR assignment in >> /etc/etcupdate.conf to change what editor etcupdate uses for >> you to edit merge conflicts with. >=20 > My difficulty is precisely a lack of skill with vi, which I've > used and cursed since starting with 386BSD. Evidently I'm a slow > learner.... I tried other editors, but vi is the only one always > available. =20 Well, there is ed ( and red ). But also built into FreeBSD is: ee ( and ree ). Beyond that you might have to install something. But if "always available" means across operating systems and built-in, instead of needing to be installed, it may be the most common for unixish contexts. But, as I understand, some Linux based OS's do not include (any variant of) vi, having things like, say, nano instead. Some variant of vi would be an install in such cases. I went something like 25 years between usage of vi and could do basic activity right off the bat. (Not that I was sure such would be true when I first had to edit via whatever editor I could find pre-installed at the time.) It is the only non-GUI editor for which such a thing has been true. Why it stuck so well, I do not know. An odd thing about this is that before the 25 year interval, my primary editor expertise was using TECO, including tailoring its interactive use. At this point, I only remember the name. > For the moment, etcupgrade isn't asking for manual intervention. > When it next does I'll pay closer attention and ask better questions. >=20 =3D=3D=3D Mark Millard marklmi at yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C221AC0B-7DF3-4FC2-BE9F-BC136BEC4B9A>