Ubuntu - Root Account Expired

Discussion in 'other security issues & news' started by Ocky, Nov 20, 2008.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    For some stupid reason (curiousity), I opened a root shell in terminal and
    then instead of just exiting, typed sudo passwd -l root to disable
    root account.
    Now in my auth.log I see entries like this :-
    CRON[32633]: pam_unix(cron:account): account root has expired
    On further investigation I have learnt that the above fateful command
    breaks cron jobs and that no new users can be added. Also some install
    scripts may not run. Apparently this is a bug in Hardy that has not been
    patched as yet. I want to get back to the default root account settings,
    i.e. disabled but not expiring.
    The workarounds I have come across are:-

    sudo usermod -p ! root

    and:-

    $ sudo vim /etc/shadow

    change the line:
    root:!:13919:0:99999:7::1:

    to
    root:!:13919:0:99999:7:::

    Question. Do both methods achieve the same result, or do I have to
    do both of them ??

    Regards.
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Hello,

    Rule of thumb: apply changes one at a time.

    Try method 1, reboot, see if it helps. If not, try method 2 ... etc. Only after exhausting all singlets try doublets and triplets.

    Mrk
     
  3. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Alright, first option no luck, but editing the shadow file has produced the desired
    result i.e. root account is disabled....

    desktop:~$ sudo getent shadow root|cut -d : -f 2
    !
    desktop:~$

    and no longer expires............

    CRON[13210]: pam_unix(cron:session): session opened for user root by (uid=0)
    CRON[13210]: pam_unix(cron:session): session closed for user root

    I trust this is Ubuntu default and of course will not ever again use the 'bad'
    command mentioned in my first post. :D
     
  4. MikeFleischmann

    MikeFleischmann Registered Member

    Joined:
    Feb 22, 2009
    Posts:
    1
    Hello all,

    There is a much simpler way to do this. Just use usermod -e 2019-01-01 root. This will correct the problem quickly.

    Have a great day!!
     
Loading...
Thread Status:
Not open for further replies.