Tuesday, 21 February 2017

Root Login Problems



 When we type username as “root” and password as “redhat”, system unable to login. In this case we need to trouble shoot this problem. Different case is to be considered.

Step 1 :

Start in single user mode and change the password:
#passwd root
Type password as ‘redhat’ and then restart the system, if problem still occurs do the

step 2:

We start the system with single user mode
#vi /etc/passwd
Check the following line
Root:x:0:0:root:/root:/bin/bash
Just check the first and last option, it should be root and /bin/bash
Case I:
If username is changed then do as follow
#username –l oldname newname
Case II:
If shell is changed to /sbin/nologin then change it to.
#usermode –s /binbash root
Before changing the shell, first check that /bin/bash exist in /etc/shells. If not then install the rpm of bash shell
#rpm –q bash
If problem still occurs do step Step 3

Step 3:

Check the file shadow find out if three is a (!)mark at the starting of password entry. If present, remove it . (!) mark lock the password
Root:!$2gr………….
And also check the last three column, it should be blank empty ( : : :)
If problem still occurs do the Step 4

Step 4:

Sometime some attribute are set on the /etc/passwd or /etc/shadow file, which make these two file write and append protected. If such attribute are present, we need to remove that.
Command to check the attribute
#lsattr /etc/passwd
#lsattr /etc/shadow
---------- /etc/passwd
Suppose attribute is set
---ai----- /etc/passwd
---ai----- /etc/shadow
In this case we need to remove the attribute
#chattr –ai /etc/passwd
#chattr –ai /etc/shadow

Note:
In order to add attribute (+) sign is used, to remove (-) sign is used. If problem still occurs then use the Step 5
If system shows message that ‘chattr’ and ‘lsattr’ command not found, we need to check the rpm if not installed . we need to install the rom
#rpm –q e2fsprogs

Step 5:

Open the file /etc/securetty file to check the entry of virtual console and tty entry
#vi /etc/securetty
Check the following entry
Console
vc /1
vc /2
vc/3
vc /4
vc /5
vc /6
vc /7
vc /8
vc /9
vc /10
vc /11
tty 1
tty 2
tty 3
tty 4
tty 5
tty 6
tty 7
tty 8
tty 9
tty 10
tty 11
if we remove any one line say tty1 then we cannot login at terminal 1 but we can login to another terminal. If we remove all these entry then we cannot login to any terminal. So in that case we need to make all these entry and again check for username and password
if problem still occur do step 6

Step 6:

Check the file /etc/nologin, if present remove this file. Then open the file
#vi /etc/rc.local
Check the entry /etc/nologin in the file if present remove that: in rc.local file only one entry is present
Touch /var/lock/subsys/local
If you find “ touch /etc/nologin” remove this line . even if we remove nologin file from /etc and if we restart, again the file will create . that is why we nned to remove the entry from /etc/rc.local file. If problem still accur then use Step 7

Step 7:

Check the permission for /etc/securetty file , it should be 600 (rw for user no permission for the group and other)
#ll /etc/securetty
If permission are changed we cannot login. So first change the permission
#chmod 600 /etc/securetty
Then login if problem still occur then do Step 8

Step 8:

Check the file /etc/pam.d/login
#vi /etc/pam.d/login
Check for following line
Auth               required                      denied.so
Remove this line if present. If problem still present then check the following line
Account          required                      pam_access.so
If this line is present, we cannot login through root, remove this line and along with this also check the file
#vi /etc/security/access.conf
Remove the following line from the bottom
-:ALL:ALL
If problem still occur so Step 9

Step 9:

If password is changing but still unable to login
Copy two file
#cp /etc/passwd- /etc/passwd
#cp /etc/shadow- /etc/shadow
Sometime we find that shadow file and its back file shadow- does’nt exist, in this case we need to generate the shadow file as
#pwconv

Step 10:

Sometime the password age expired then do the following to check the age
#chage –l root
If password age is expired
#chage root
In this
Account Expiration date : Change the date
Or
#chage –E -1 root
In this case the root password will never expire.

Step 11:

If problem still occur then simply open the file /etc/pam.d/login
And make all the field as optional

Step 12:

Sometime attribute is set on /etc/shadow file, password age is expired ad the root permission is changed for command ‘chattr’
In this case first change the permission for ‘chattr’
#chmod 700 /usr/bin/chattr
Remove the attribute on shadow file
#chattr –ai /etc/shadow
And finally set the date for the password
#chage –E -1 root

Step 13:

Recover  .bash file
All user has   .bash file
  .bash_history
  .bash_logout
  .bash_profile
  .bashrc
If   .bash file remove than can not any user accept bash like this [root@root~]#
Than use this command
Note: This command use for all user and all user’s home directory in  /home
#cp  /etc/skel/.bash*  /root

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)