Date: Sun, 28 Feb 2021 12:12:23 +0100 From: Lehel Bernadt <lehel@maxer.hu> To: Gareth de Vaux <security@lordcow.org> Cc: FreeBSD-security@freebsd.org Subject: Re: user account disappeared Message-ID: <20210228111223.z2gogfincelvaw7q@aurora> In-Reply-To: <YDtbIGCExWkJRoBo@lordcow.org> References: <YDq4LEPA/1YaZg02@lordcow.org> <D5C4A93C-8919-4DAF-B539-A8C0B825BE9B@dataix.net> <YDtbIGCExWkJRoBo@lordcow.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--hs3mjxui4v6e5rdf Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 28, 2021 at 10:58:08AM +0200, Gareth de Vaux wrote: >On Sat 2021-02-27 (18:12), J. Hellenthal wrote: >> Looks like your master passwd db is out of sync. >> >> Command is mkpwdb or something similar then run init q >> >> Personally it would seem someone got ahold of master.passwd and doesn???= t know how it works or a port upgrade failed to complete properly updating = the db > >I'm the only one with root on the machine, and it doesn't look like ports = changed any users >looking at my backups of /etc/passwd. The only change in that area was whe= n I changed the passwd >with passwd(1) of a different user. So passwd(1) or something similar is b= uggy? FreeBSD gets the user data from the bdb format database files pwd.db &=20 spwd.db. These are generated from /etc/master.passwd. So first, regenerate the db files by running "pwd_mkdb -p /etc/master.passwd" Now check if the user is really there: "db_dump185-5 -p /etc/pwd.db | grep lostuser" (the right dump command might be named differently on your system; check ev= ery=20 db_dump* to see which one works) If the user still doesn't appear, check if libc's nsswitch is configured=20 correctly: "grep passwd: /etc/nsswitch.conf" this should say "files" or "compat" "getent passwd lostuser" this should list lostuser's entry in passwd(5) format --hs3mjxui4v6e5rdf Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEYzGLyHPLsHj6GHOaqfkkbRQqsLoFAmA7epcACgkQqfkkbRQq sLoJFhAAhpIlJ950Am5EIMSYnBxX8ky0G7ASiLNkks8nrhe1yNjNghkp/GIZ3PyD ZKkvDMbJo/WbZO17iINmVCfMQl8fKJhVeJKSq/fSV9+d3q3gNq20xl8SoDaNu18i 6F581dNP4jqqM3wjDUChdHgrzUe6OR5ffUiHFyfDW3DXKYR/2rpzv2NQrL7pDu12 I1XmHpHIVK1qrjG7j8SHE2Tzr5g9jp/4PRK39p5OCPEDh9hZjD4MskTz7TEDdKdi hyKuV2lIegP/CMH7OptmYbBfZtECQ1geobspysIbA/X5lukZ7DqFWOZvg1WNfhg2 sqCjp1lxNrpctb06KRcu5hT1Qha5x4kfYLO4dbbsxy8ipy1ZcbxAOWrnLevqzUrd Rd0df71L0V3JvOiiW3M6smapevYWa2lFHjN6UHTa1925K/HzoEe5oqXzmWG2sbMd +6jlkIGJ0kpDyJA7KsGq0kHGhj7uyvMVtHf7lpnw0gq3s1UJG7GyAenurS8DImZ2 3etiZ13Bjkn2ltQ1EBRocYHinQVRGe4/N5E2zuNv7W4vvstLDVQ9fOuPdxI/5w7T WL0oo2uz+nEtrej05h1hLzRUCwI4cXA9fJQSPR6tnvyM/McI0K5vQc3FCFRVjsFM WuwYp5M16H/SfL3E9bJHc7zjz6+korjm90x4pmnCcqf282EY1uk= =OzPR -----END PGP SIGNATURE----- --hs3mjxui4v6e5rdf--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20210228111223.z2gogfincelvaw7q>