You are not logged in.
- Topics: Active | Unanswered
#1 2025-03-23 14:02:33
- sigrid
- Member
- Registered: 2025-03-23
- Posts: 3
[Solved]Merged /etc/passwd.pacnew and now cannot login to user or root
I recently learned about .pacnew files, in a situation exactly like this post. Thinking some of my config files must be very outdated like my pacman.conf, I decided to use pacdiff to merge all files that had a ".pacnew" file...
I merged my "/etc/passwd" file with "/etc/passwd.pacnew" using pacdiff, and possibly also merged my "/etc/shadow" file. I understand now that you are not supposed to do this. Now I cannot run sudo, as it fails to recognize my password. I get "Authentication failure" when trying to change to root using "su root".
This was the terminal output as I was using pacdiff:
[sigrid@sc ~]$ pacdiff -s
==> pacnew file found for /etc/passwd
:: (V)iew, (M)erge, (S)kip, (R)emove pacnew, (O)verwrite with pacnew, (Q)uit: [v/m/s/r/o/q] m
find: ‘/var/cache/pacman/pkg/download-ewwuT1’: Permission denied
-> Merged without conflicts.
2 files to edit
:: Would you like to use the results of the merge? [y/n] y
[sudo] password for sigrid:
'/tmp/pacdiff-merge-passwd.86Y/passwd.merged.MCM' -> '/etc/passwd'
removed '/etc/passwd.pacnew'
removed '/tmp/pacdiff-merge-passwd.86Y/passwd.base.D48'
removed '/tmp/pacdiff-merge-passwd.86Y/passwd.merged.MCM'
removed directory '/tmp/pacdiff-merge-passwd.86Y'
==> pacnew file found for /etc/shadow
:: (V)iew, (M)erge, (S)kip, (R)emove pacnew, (O)verwrite with pacnew, (Q)uit: [v/m/s/r/o/q] m
find: ‘/var/cache/pacman/pkg/download-ewwuT1’: Permission denied
diff: /etc/shadow.pacnew: Permission denied
diff3: subsidiary program 'diff' failed (exit status 2)
2 files to edit
:: Would you like to use the results of the merge? [y/n] y
'/tmp/pacdiff-merge-shadow.CMk/shadow.merged.C5C' -> '/etc/shadow'
sudo: PAM account management error: Authentication service cannot retrieve authentication info
sudo: a password is required
==> pacnew file found for /etc/shells
:: (V)iew, (M)erge, (S)kip, (R)emove pacnew, (O)verwrite with pacnew, (Q)uit: [v/m/s/r/o/q] m
find: ‘/var/cache/pacman/pkg/download-ewwuT1’: Permission denied
-> Merged without conflicts.
2 files to edit
:: Would you like to use the results of the merge? [y/n] y
sudo: PAM account management error: Authentication service cannot retrieve authentication info
sudo: a password is required
==> WARNING: Unable to write merged file to /etc/shells. Merged file is preserved at /tmp/pacdiff-merge-shells.glE/shells.merged.O0U
:: (V)iew, (M)erge, (S)kip, (R)emove pacnew, (O)verwrite with pacnew, (Q)uit: [v/m/s/r/o/q] s
==> pacnew file found for /etc/fonts/fonts.conf
:: (V)iew, (M)erge, (S)kip, (R)emove pacnew, (O)verwrite with pacnew, (Q)uit: [v/m/s/r/o/q] m
find: ‘/var/cache/pacman/pkg/download-ewwuT1’: Permission denied
-> Merged without conflicts.
2 files to edit
:: Would you like to use the results of the merge? [y/n] y
sudo: PAM account management error: Authentication service cannot retrieve authentication info
sudo: a password is required
==> WARNING: Unable to write merged file to /etc/fonts/fonts.conf. Merged file is preserved at /tmp/pacdiff-merge-fonts.conf.adQ/fonts.conf.merged.2bg
:: (V)iew, (M)erge, (S)kip, (R)emove pacnew, (O)verwrite with pacnew, (Q)uit: [v/m/s/r/o/q] s
==> pacnew file found for /etc/locale.gen
:: (V)iew, (M)erge, (S)kip, (R)emove pacnew, (O)verwrite with pacnew, (Q)uit: [v/m/s/r/o/q] qI did not edit anything in vim, just closed all windows using ":q".
This is the current contents of my "/etc/passwd" file:
root:x:0:0::/root:/bin/bash
bin:x:1:1::/:/sbin/nologin
daemon:x:2:2::/:/sbin/nologin
mail:x:8:12::/var/spool/mail:/sbin/nologin
ftp:x:14:11::/srv/ftp:/sbin/nologin
http:x:33:33::/srv/http:/sbin/nologin
nobody:x:65534:65534:Nobody:/:/sbin/nologin
dbus:x:81:81:System Message Bus:/:/sbin/nologin
systemd-journal-remote:x:982:982:systemd Journal Remote:/:/sbin/nologin
systemd-network:x:981:981:systemd Network Management:/:/sbin/nologin
systemd-resolve:x:980:980:systemd Resolver:/:/sbin/nologin
systemd-timesync:x:979:979:systemd Time Synchronization:/:/sbin/nologin
systemd-coredump:x:978:978:systemd Core Dumper:/:/sbin/nologin
uuidd:x:68:68::/:/sbin/nologin
polkitd:x:102:102:PolicyKit daemon:/:/sbin/nologin
sigrid:x:1000:1000::/home/sigrid:/bin/bash
avahi:x:977:977:Avahi mDNS/DNS-SD daemon:/:/sbin/nologin
colord:x:976:976:Color management daemon:/var/lib/colord:/sbin/nologin
ntp:x:87:87:Network Time Protocol:/var/lib/ntp:/bin/false
rtkit:x:133:133:RealtimeKit:/proc:/sbin/nologin
git:x:975:975:git daemon user:/:/usr/bin/git-shell
tor:x:43:43::/var/lib/tor:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/usr/bin/nologin
cups:x:209:209:cups helper user:/:/usr/bin/nologin
dhcpcd:x:973:973:dhcpcd privilege separation:/var/lib/dhcpcd:/usr/bin/nologin
systemd-oom:x:971:971:systemd Userspace OOM Killer:/:/usr/bin/nologin
brltty:x:968:968:Braille Device Daemon:/var/lib/brltty:/usr/bin/nologin
dnsmasq:x:967:967:dnsmasq daemon:/:/usr/bin/nologin
named:x:40:40:BIND DNS Server:/:/usr/bin/nologin
mysql:x:965:965:MariaDB:/var/lib/mysql:/usr/bin/nologin
usbmux:x:140:140:usbmux user:/:/usr/bin/nologin
libvirt-qemu:x:964:964:Libvirt QEMU user:/:/usr/bin/nologin
tss:x:963:963:tss user for tpm2:/:/usr/bin/nologin
qemu:x:962:962:QEMU user:/:/usr/bin/nologin
rpcuser:x:34:34:RPC Service User:/var/lib/nfs:/usr/bin/nologin
systemd-journal-upload:x:960:960:systemd Journal Upload:/:/usr/bin/nologin
geoclue:x:959:959:Geoinformation service:/var/lib/geoclue:/usr/bin/nologin
_talkd:x:958:958:User for legacy talkd server:/:/usr/bin/nologin
alpm:x:956:956:Arch Linux Package Management:/:/usr/bin/nologin
chrony:x:955:955:Network Time Protocol:/var/lib/chrony:/usr/bin/nologinThe backup "/etc/passwd-" (which I do not know when was created) is identical, except the last "chrony" line is missing.
As far as I can tell, I do not think my "/etc/shadow" file was changed, as it seems to me pacdiff was unable to write to it after me merging the passwd files beforehand. But I don't know, as I cannot get permission to read the file. Seemingly, both my user "sigrid" and the root user has not been deleted, or edited, and neither have the shadow file, so I do not understand why I am unable to login to either.
While searching old forum posts, it seems like similar issues for some people were caused by deleting "/bin/zsh" in their /etc/shells file, but I do not use zsh (as far as I am aware...)
I do not have a second computer, and I am working on a time-sensitive project, so I hope to try every possible troubleshoot while still logged in to my current session before rebooting or trying to boot from a live USB to reset passwords. Any help or hints to what the issue is would be greatly appreciated.
Last edited by sigrid (2025-03-29 11:32:23)
Offline
#2 2025-03-23 14:54:15
- V1del
- Forum Moderator
- Registered: 2012-10-16
- Posts: 24,197
Re: [Solved]Merged /etc/passwd.pacnew and now cannot login to user or root
Those are two files you're generally not supposed to merge unless you know what you're doing. since /etc/shadow is the one that's actually relevant since password lookups happen there. it likely did get changed, shadow also has a backup file, compare that and the shadows- file. Since that will have hosed sudo, check whether su still works, but if you followed reccommendations it's likely that won't stick either. So you might have to chroot anyway
Last edited by V1del (2025-03-23 14:56:41)
Offline
#3 2025-03-23 16:17:36
- seth
- Member
- Registered: 2012-09-03
- Posts: 62,203
Re: [Solved]Merged /etc/passwd.pacnew and now cannot login to user or root
sudo: PAM account management error: Authentication service cannot retrieve authentication infoAfaict this isn't about a bogus/insecure shell.
You'll need an open root shell to fix this, if you don't have one right now, fixing it offline (ie. rescue.target, init=/bin/bash or from a live system boot) is inevitable.
root shells can come at a surprise - if you were eg. dumb smart enough to run "sudo less something", you have a root shell.
But you'll not authenticate as root anymore and that will kill sudo, su, pkexec, … everything.
Offline
#4 2025-03-23 19:39:04
- sigrid
- Member
- Registered: 2025-03-23
- Posts: 3
Re: [Solved]Merged /etc/passwd.pacnew and now cannot login to user or root
Thank you for the inputs, I do not have any running root shell. I will try to keep my computer and my current session running for the week for work and try to start fixing offline on the weekend. I will post any fixes or further issues in this thread.
Offline
#5 2025-03-29 11:28:41
- sigrid
- Member
- Registered: 2025-03-23
- Posts: 3
Re: [Solved]Merged /etc/passwd.pacnew and now cannot login to user or root
I have solved my issue now. It took 5 minutes. It turned out that my /etc/shadow was completely empty, so it had indeed been "merged".
Here is a detailed run through of the actions I took, in case someone just as clueless as me runs into the same problem in the future:
I simply followed the steps here:
I added "systemd.debug_shell" to the kernel parameters by pressing 'e' on the GRUB menu, and, after booting, pressed 'Ctrl+Alt+F9' to switch to the root shell. I reset the root password by running "passwd", and afterwards reset my user password by running "passwd sigrid". None of the user settings were altered, so outside of double checking everything looked good, I did not need to run any further commands in the debug shell. Pressing 'Ctrl+Alt+F1' returned me to my login prompt and I could login as "sigrid" without any issues. Lastly, I stopped the debug shell by running "sudo systemctrl stop debug_shell.service".
Offline