Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 27 Jul 2020 10:58:24 +0100
From:      matthew@FreeBSD.org
To:        freebsd-questions@freebsd.org
Subject:   Re: how to reset login in freebsd if the password is expired
Message-ID:  <3a7c5322-4e29-a839-cab1-a724fd2bd87f@infracaninophile.co.uk>
In-Reply-To: <1595842414286.43801@citrix.com>
References:  <1595842242103.79959@citrix.com> <1595842414286.43801@citrix.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 27/07/2020 10:33, Jiang Xu wrote:
> I set the root login to be expired in 90 days, and we forget to
> update the password of the login, and the password is expired, and
> now we can not login in on it? but we can access the disc with attach
> it to another instance, is there any way to reset the expired
> password?
First of all, as you have discovered, setting the root password to 
expire is not a good idea.  In some ways, the root account is your 
account of last resort for regaining access to or control of the system, 
so don't implement policies that would ever deny that.

See the passwd(5) manual page.  The 7th column in the master.passwd file 
is the account expiry time.  If you can mount your drive on a second 
machine, then edit `master.passwd` and set that field to `0` for the 
root account.  It should look something like this:

root:$1$XXXXXXXCENSOREDXXXXXXXXXXXXXX:0:0::0:0:Charlie &:/root:/bin/csh
                                              ^
                                              this field

Then, assuming you've temporarily mounted the disk at /mnt so the file 
you're editing is /mnt/etc/master.passwd, you need to run:

    pwd_mkdb -d /mnt/etc -p /mnt/etc/master.passwd

After that, replace the drive in the original machine and reboot.

You can also do this without taking the drive out of the original 
machine by booting into single user mode, but in that case you will need 
to remount the root partition read-write:

    mount -u / -o rw

and obviously in this case the root partition will be mounted in the 
usual location, so adjust paths in `pwd_mkdb` appropriately.

	Cheers,

	Matthew

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3a7c5322-4e29-a839-cab1-a724fd2bd87f>