General :: How To Recover /etc/passwd File
Apr 11, 2010Unfortunately i lost my passwd file...so who to recover that.
View 8 RepliesUnfortunately i lost my passwd file...so who to recover that.
View 8 Replieswe know that /etc/passwd - is a replica of /etc/passwd file and acts as a backup in any damage done to /etc/passwd file..i have observed a strange thing in RHEL 5.4....for example... if /etc/passwd has 100 accounts.. then /etc/passwd - is having only 99 accounts....when i add 101 useraccount with "useradd" then /etc/passwd has 101 accounts and /etc/passwd is having the 100th account of /etc/passwd - ..when i delete /etc/passwd and recover it with /etc/passwd - from runlevel 1 the lastly created user is not having his account after recovery.. what is the solution? this is same case even with /etc/shadow and /etc/shadow -
View 2 Replies View RelatedWell we all know that it holds passwords. But cat-ing it gives out nothing. Not even encrypted gibberish. So how exactly is a password stored in this? Is this like a device file or something?
View 4 Replies View RelatedI was doing some experiment about resource-accessing. By mistake, I executed this command,$ sudo mv /etc/passwd /etc/passwd.bakThen I could not execute any command with privilege(eg. sudo mv /etc/passwd.bak /etc/passwd). When I shut the system down, I could not boot it any more.
View 2 Replies View RelatedI got a user account on a linux network. But when I look in the /etc/passwd file, I don't see my username there. Where would I find my username
View 3 Replies View RelatedI deleted root from passwd and shadow file.Can I crate a new root user?
View 1 Replies View Relatedwhen loggin as a normal user and search for a file passwd under /etc. i get few errors with permission denied.how to ignore this permission denied errors.
csh hostname 109 % find . -name passwd
find: ./lvm/backup: Permission denied
find: ./lvm/archive: Permission denied
[code]....
I used the ext3 format when I formatted my partition prior to installing Ubuntu10.10. I had accidentally deleted a file and began the process to get it back. It wasn't critical but helpful to recover the file. To make a long story short I ran into to some unexpected road blocks. I tried to use PhotoRec to get the job done but with no success.
I'm just looking down the road in the event I might have to recover something important.If it would be better going back to the Fat32 file system I would rather do it sooner than later. Just as a side note I am dual booting between linux and windows.
[Code]....
Password: su: /bin/bash:/sbin: No such file or directory i cannot delete that entry from /etc/passwd as i cannot login as root.
By accident, I used rm on a file I didn't want to delete. Is there any way that I can get it back under Linux?
View 4 Replies View RelatedCan I recover the file which has been overwritten.
View 7 Replies View RelatedAccidentally i have deleted my /bin/hostname file
i am using redhat centos 5.4 so me how to recover it
Say I have a file that's downloading (from a source that's hard to re-download from), but accidentally deleted from the filesystem namespace (/tmp/blah), and I'd like to recover this file. Normally I could just cp /proc/$PID/fd/$FD /tmp/blah, but in this case that would only get me a partial snapshot, since the file is still downloading. Furthermore, once the download completes, the downloading process (e.g. Chrome) will close the FD. Any way to recover by inode/create a hard link? Any other solutions? If it makes any difference, I'm mainly concerned with ext4.
View 3 Replies View RelatedI have accidentally removed my apache2 startup file /etc/init.d/apache2 using rm /etc/init.d/apache2 command.
How can I get that back?
How to recover a removed file under linux
Is there any free undelete software for the Mac?
I have accidentally deleted a very-very important file in my Linux (Ubuntu) machine using the command rm.
Is there any way to recover it?
$ cat important_file > /dev/null &
[1] 9711
$ rm important_file
[code]....
I removed my Ubuntu install and decided to replace it with Debian. I backed up the /home directory onto the Windoze installation on the other hard drive. That was a "home.disk" file. Now, I copied the file over to the Debian hard drive, and can't figure out how to recover the files. Is this possible to do in Debian?
View 14 Replies View RelatedI have accidentally removed vmware virtual disk, my host operating system is RHEL5.2 with ext3 file system, i have used photorec, magicresue and foremost but still no luck to recover the vmdk file. i have seen in foremost configuration file that there are some predefined files (ex- doc, pdf, jpg, avi, zip, etc),
1. is there any way to add vmdk file extension on that configuration file?
2. if yes how can i do ?
3. by adding vmdk on configuration file, can i specifically use recover option for vmdk?
I have a Debian 5.0.7 installed to my server. I try to install Apache and SVN to this server. I use this tutorial: http://www.howtoforge.com/subversion...-ubuntu-server
But is unfortunately not working.
My apache virtual host configuration file is:
Code:
This passwd file containing 1 user:
Code:
The rights for the passwd file:
Code:
And apache2 is running like this:
Code:
And if I try to login to my page I got an "Internal Server Error" page.
And my error is in the apache log is this:
Code:
So I'm a little bit confused about it. The apache2 should have rights to open this file. I checked it, the file is exist and the apache2 is have rights for it. I don't understand it.
I have a list of locked accounts, called lockedusers, how can I with a bash script compare it to /etc/passwd on the server and print them out if they match?
View 2 Replies View Relatedactually i upload a password protect folder software, but unfortunately it was a trial version which i didn't know . now i am unable to recover my files from that.
View 2 Replies View Relatedcreating a script which evaluates whether or not the passwd file has changed.
View 4 Replies View RelatedI work for a seismic company that has recently experienced a security issue. Because we have an isolated network that is used for HPC work we have a very open security structue ie password less accounts rsh rlogin etc. We had, seemingly,a user that has maliciously deleted another user's files but I still haven't figured out how. So far I have been able to prove that this user has remotely logged into another host under that user's account... or at least that their workstation did. The /var/log/message file shows logins from their workstation as that user multiple times durring the times that these files were being deleted. There are wildcard searches for these files in the history in this host. There is a vi session initiated on this host for a file called delme (delete me) and then a chmod +x for this file. and then a deletion of this file (rm delme). Funny things: this user has no business in this acct. this user was bounced off the other host (permission denied) when trying to log into the other host and then as root logged into the other host as the other acct. repeatedly... ie. rsh -l xxx (permis den) then as root rsh -l xxx (logged in) why not su xxx and then rsh? password less acct?! why use root privs (which they sholuld not have) to log into a passwd less acct? Can't see any remote logins to their workstation from elsewhere. can't find smoking gun. no execution of delme script or any other rm /*/xxx/* sort of command that proves when file deletion of striped files happened?!
changing root passwd soon.need proof that no remote logins to a CentOS 5.3 workstation could be responsible.
Could mean someone gets fired.how can I be sure that no other users logged into this machine and then into another machine for sure?
What is the easiest way to replace a hash in a shadow file for one particular user, not using passwd, and when the current password is unknown?
View 3 Replies View RelatedI'm trying to recover movie files from my TNT receiver hard drive but it corrupts its FAT32 allocation table (crappy cheap device...)
Using dosfsck is useless because the correct file length is the cluster length, not the (shorter) one in the table, and dosfsck only proposes to shorten the file, which I won't do.
Question: how to recover a file using the FAT cluster chain instead of using the stored length in the FAT table?
My main hard disk died and I replaced it. After installing windows in a small partition in /dev/sda, I thought I will try linux mint and went for it. (I need windows to play AOE, but ubuntu is my primary OS)I didnt see the options properly or some distraction, I choose the "install alongside windows" option probably expecting it to install it in the unallocated partition next to the windows installation. I had completely forgotten my second internal drive /dev/sdb which has the backup data. Linux mint went and installed itself on that drive.
Is there a way to recover individual files from the second harddrive. Now if I boot or open it through live cd, all I see in the linux mint file systems. I want to aleast recover my CV/resume from the second drive. The second drive is a single ext4 file system The old drive is completely dead, it doesnt even get recognized when I attach it to SATA.
the last filed of /etc/passwd file is the login_shell;how if I replace it to /usr/bin/date
what would it happen.by the way I try to use $ subut do't know the password.what s the default root passworf for ubuntu
i have just updated to openSuSE 11.4 [64 bit]; rkhunter is giving these Warnings :
Warning: User 'rtkit' has been added to the passwd file.
Warning: User 'pulse' has been added to the passwd file.
Warning: User 'statd' has been added to the passwd file.
Warning: Changes found in the group file for group 'audio': User 'pulse' has been added to the group
Warning: Group 'rtkit' has been added to the group file.
Warning: Group 'pulse' has been added to the group file.
Warning: Group 'pulse-access' has been added to the group file.
Warning: Suspicious file types found in /dev: /dev/shm/initrd_exports.sh: ASCII text
Warning: Hidden directory found: /dev/.sysconfig
Warning: Hidden directory found: /dev/.mount
Do these look Normal, Are these False-Positives??
If I configure a crontab like below.12 3 12 4 4 cat /etc/passwd I know that the cat command will get executed at the configured time. But where will the output of that command go?If it is something like below, then out put will be routed to /tmp/file1.12 3 12 4 4 cat /etc/passwd > /tmp/file1
View 4 Replies View RelatedAll servers mentioned below run OpenSuSE, either 10 or 11.I am currently working on a few scripts that are meant to be used as part of a continuous integration setup. I am trying to keep these scripts reasonably secure, and so I have made sure that all the servers run these scripts only as a specific user (user1) that has permissions to basically nothing else. The problem I am currently running into is that I need to start and stop tomcat as user1 but this user doesn't have permissions to the tomcat rectory (only tomcat has execute permissions). I have a temporary workaround in place while I work on the scripts (I have an SSH key in place that allows me to SSH from user1o tomcat without a password and execute my commands that way) but it is not very secure. I have tried adding the following line to /etc/sudoers:
Code:
tomcat localhost = NOPASSWD: /opt/tomcat/bin/startup.sh, /opt/tomcat/bin/shutdown.sh
but it doesn't work as I expected it to. I tried a few different syntaxes for that line,
[code]...