Ubuntu - Root Account Expired

Discussion in 'other security issues & news' started by Ocky, Nov 20, 2008.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,713
    Location:
    George, S.Africa
    For some stupid reason (curiousity), I opened a root shell in terminal and
    then instead of just exiting, typed sudo passwd -l root to disable
    root account.
    Now in my auth.log I see entries like this :-
    CRON[32633]: pam_unix(cron:account): account root has expired
    On further investigation I have learnt that the above fateful command
    breaks cron jobs and that no new users can be added. Also some install
    scripts may not run. Apparently this is a bug in Hardy that has not been
    patched as yet. I want to get back to the default root account settings,
    i.e. disabled but not expiring.
    The workarounds I have come across are:-

    sudo usermod -p ! root

    and:-

    $ sudo vim /etc/shadow

    change the line:
    root:!:13919:0:99999:7::1:

    to
    root:!:13919:0:99999:7:::

    Question. Do both methods achieve the same result, or do I have to
    do both of them ??

    Regards.
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,215
    Hello,

    Rule of thumb: apply changes one at a time.

    Try method 1, reboot, see if it helps. If not, try method 2 ... etc. Only after exhausting all singlets try doublets and triplets.

    Mrk
     
  3. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,713
    Location:
    George, S.Africa
    Alright, first option no luck, but editing the shadow file has produced the desired
    result i.e. root account is disabled....

    desktop:~$ sudo getent shadow root|cut -d : -f 2
    !
    desktop:~$

    and no longer expires............

    CRON[13210]: pam_unix(cron:session): session opened for user root by (uid=0)
    CRON[13210]: pam_unix(cron:session): session closed for user root

    I trust this is Ubuntu default and of course will not ever again use the 'bad'
    command mentioned in my first post. :D
     
  4. MikeFleischmann

    MikeFleischmann Registered Member

    Joined:
    Feb 22, 2009
    Posts:
    1
    Hello all,

    There is a much simpler way to do this. Just use usermod -e 2019-01-01 root. This will correct the problem quickly.

    Have a great day!!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.