[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [suse-security] root has no shell



There should not be a way to fix this without root access or by booting
the machine with an alternate configuration.

If there is, then we are in deep trouble.

Markus

> -----Original Message-----
> From: Ulrich Kautz [mailto:uk@xxxxxxxxxxxx] 
> Sent: Wednesday, October 08, 2003 10:47 AM
> To: alin.dobre@xxxxxxxxxxxxxxxx
> Cc: suse-security
> Subject: Re: [suse-security] root has no shell
> 
> 
> Hmm, /bin/false is 0755 and belongs to root. 
> 
> I also cant scp the passwd back and overwrite the existing 
> passwd (permission 
> denied).
> 
> And im not trying to hack someone else system. Actually its 
> not my System, but 
> the one who owns it asked me to help him.
> 
> OK, here is a short overview about my permissions:
> - I do have normal user access to the system. 
> - I am in the admin group (gid 500, normal usergroup).
> - I do have the root password (and my user password of course).
> - I do not have any physical access to the System.
> 
> 
> 
> >    Hi,
> >
> > here would be a workaround:
> > mv /bin/false /bin/false.TEMP
> > ln -s /bin/bash /bin/false
> > echo "/bin/false" >> /etc/shells
> > login as root
> > chsh root
> > set it to /bin/bash
> > *undo /bin/false:
> > rm /bin/false
> > mv /bin/false.TEMP /bin/false
> > *done
> >
> > Regards,
> > Alin.
> >
> > Ulrich Kautz wrote:
> > > Hello All,
> > >
> > > Ive got a big Problem. I changed the root shell to /bin/false.
> > >
> > > There is neither a user in the sudoers nor is there any 
> other root-user
> > > or even a user in the root group.
> > >
> > > Is it possible to switch back the shell to /bin/bash or 
> sh or something?
> > >
> > > Ive tried:
> > > sudo -- not in sudoers
> > > su -s /bin/bash -c "command" -- "using restricted shell: 
> /bin/false"
> > >
> > > thanks in advance,
> > > Ulrich
> >
> > --
> > Alin DOBRE
> > Technical Support Engineer - RAV Division
> > mailto:alin.dobre@xxxxxxxxxxxxxxxx
> > http://www.ravantivirus.com
> > ---------------------------
> > This message is confidential. It may also be privileged or otherwise
> > protected by work product immunity or other legal rules. If you have
> > received it by mistake please let us know by reply and then 
> delete it
> > from your system; you should not copy the message or disclose its
> > contents to anyone.
> 
> 
> -- 
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
> 


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here