You are not logged in.

#1 2018-12-12 21:29:13

greenisagoodcolor
Member
Registered: 2016-06-17
Posts: 11

Broke Shadow/password file for Pacdiff merge

I finally got around to trying to merge the pacnew files for shadow and password. I attempted to merge the pacnew file for shadow and password during the upgrade.

I feel that I broke something as can be evidenced. I tried reinstalling shadow, but that didn't fix it. I think there is a permissions problem with my user?

Feeling quite lost (should probably be in n00b corner with this big messup). Any tips? Couldn't find an

$grpck
grpck: cannot open /etc/group
grpck: failed to unlock /etc/group
grpck: failed to unlock /etc/gshadow

$pwck
pwck: cannot open /etc/passwd
pwck: failed to unlock /etc/shadow
pwck: failed to unlock /etc/passwd

#pwck
[no output]

#pwck
[no output]

Last edited by greenisagoodcolor (2018-12-12 21:47:04)

Offline

#2 2018-12-12 21:32:35

greenisagoodcolor
Member
Registered: 2016-06-17
Posts: 11

Re: Broke Shadow/password file for Pacdiff merge

sorry this should be in system admin not in multimedia and games.

Offline

#3 2018-12-12 21:36:02

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: Broke Shadow/password file for Pacdiff merge

Right the first time. Moving to NC...

And please use code tags when pasting here: https://wiki.archlinux.org/index.php/Co … s_and_code


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#4 2018-12-12 21:47:28

greenisagoodcolor
Member
Registered: 2016-06-17
Posts: 11

Re: Broke Shadow/password file for Pacdiff merge

Jason, thank you for moving it appropriately. I appended the code tags. Appreciate the assistance.

Offline

#5 2018-12-12 22:01:05

eschwartz
Fellow
Registered: 2014-08-08
Posts: 4,097

Re: Broke Shadow/password file for Pacdiff merge

greenisagoodcolor wrote:

I finally got around to trying to merge the pacnew files for shadow and password. I attempted to merge the pacnew file for shadow and password during the upgrade.

I don't need to read any further in order to know why this happened.

The pacnew files were created IIRC about a year ago, at the time several people made the same mistake and received clarification in help threads here.

Don't merge pacnew files for this. These files are the user accounts database, and we go to great lengths to ensure that upgrades do not require merging changes in order to have working user accounts. On the other hand, it's really easy to get it wrong when you modify a database by hand. So just don't do that. smile


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#6 2018-12-13 01:07:42

greenisagoodcolor
Member
Registered: 2016-06-17
Posts: 11

Re: Broke Shadow/password file for Pacdiff merge

Point taken, eschwartz. I couldn't find a particular answer on the threads that produced the output I saw in pwck and grpck. ..in my enthusiasm, looks like I did modify it by hand in my misunderstanding of how to use pacdiff. (still a n00b after all these years)...

Is there any hope to rebuild that user database? what do you think the best path forward?

Offline

#7 2018-12-13 01:49:23

eschwartz
Fellow
Registered: 2014-08-08
Posts: 4,097

Re: Broke Shadow/password file for Pacdiff merge

Well, I don't know what damage, if any, was done. Did you run pwck and grpck as root, specifically? All this does, by the way, is verify each line has the correct format and so on. So it is possible that your manual editing has deleted users which pwck does not know should exist and cannot throw errors for.

To determine if you are missing users... well, the systemd-sysusers program is usually used to parse the https://www.freedesktop.org/software/sy … ers.d.html files and install new users defined by packages on your system. The remaining users will have been created by you yourself using the useradd program, e.g. your login account. You'd need to verify by hand whether they still exist.

More or less no official packages use useradd in the post-install scripts anymore, because sysusers.d allows these to be declaratively defined and recreated just by running "sudo systemd-sysusers" to ensure your system is up to date on the needed users.

...

Some tools will create /etc/passwd- as a backup file when performing changes. The shadow utilities do so, for example. You may also have an /etc/passwd.OLD but I forget what it is that creates that...

This file could be used to compare against, in order to see what has changed since the timestamp of the file when it was created. This may or may not indicate errors, but it is pretty likely that the last time you used useradd/usermod/userdel was *before* editing the file with a text editor.


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#8 2018-12-13 02:01:11

greenisagoodcolor
Member
Registered: 2016-06-17
Posts: 11

Re: Broke Shadow/password file for Pacdiff merge

Thank you for the leads. Running as pwck and grpck as sudo returns no output. Tried rerunning sudo systme-sysusers, didn't repair the

matt@msm_t470s ~ $ pwck
pwck: cannot open /etc/passwd
pwck: failed to unlock /etc/shadow
pwck: failed to unlock /etc/passwd
matt@msm_t470s ~ :( $ grpck
grpck: cannot open /etc/group
grpck: failed to unlock /etc/group
grpck: failed to unlock /etc/gshadow

I took a look at vimdiff for shadow and shadow-, and passwd and passwd-. They are the same. Odd mystery. Perhaps I'll delete my home user "matt" and readd using useradd to see if that fixes the problem.

Offline

#9 2018-12-13 02:08:28

eschwartz
Fellow
Registered: 2014-08-08
Posts: 4,097

Re: Broke Shadow/password file for Pacdiff merge

It's entirely normal for grpck and pwck to error like that when not running as root. It's trying to read the restricted passwords file (/etc/shadow) and open the other files for *writing*, and only root can do any of that...

If it completed without errors when run as root, then that is all you need to know. The files are not broken. You may still be missing users, but the fact that systemd-sysusers completed without verbosely outputting the names of users it is creating, means there are no system users missing.

My guess is that your attempt to edit the files was ultimately harmless. Perhaps you changed the order of the lines, but that doesn't matter. Crisis averted, hopefully. wink


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

Board footer

Powered by FluxBB