Re: Surprise null root password

From: Mark Millard <marklmi_at_yahoo.com>
Date: Wed, 31 May 2023 03:05:49 UTC 
On May 30, 2023, at 18:39, bob prohaska <fbsd@www.zefox.net> wrote:

> On Tue, May 30, 2023 at 11:02:13AM -0700, Mark Millard wrote:
>> bob prohaska <fbsd_at_www.zefox.net> wrote on
>> Date: Tue, 30 May 2023 15:36:21 UTC :
>> 
>>> On Tue, May 30, 2023 at 08:41:33AM +0200, Alexander Leidinger wrote:
>>>> 
>>>> Quoting bob prohaska <fbsd@www.zefox.net> (from Fri, 26 May 2023 16:26:06
>>>> -0700):
>>>> 
>>>>> On Fri, May 26, 2023 at 10:55:49PM +0200, Yuri wrote:
>>>>>> 
>>>>>> The question is how you update the configuration files,
>>>>>> mergemaster/etcupdate/something else?
>>>>>> 
>>>>> 
>>>>> Via etcupdate after installworld. In the event the system
>>>>> requests manual intervention I accept "theirs all". It seems
>>>>> odd if that can null a root password.
>>>>> 
>>>>> Still, it does seem an outside possibility. I could see it adding
>>>>> system users, but messing with root's existing password seems a
>>>>> bit unexpected.
>>>> 
>>>> As you are posting to -current@, I expect you to report this issue about
>>>> 14-current systems. As such: there was a "recent" change (2021-10-20) to the
>>>> root entry to change the shell.
>>>> https://cgit.freebsd.org/src/commit/etc/master.passwd?id=d410b585b6f00a26c2de7724d6576a3ea7d548b7
>>>> 
>>>> By blindly accepting all changes, this has reset the PW to the default
>>>> setting (empty).
>>> 
>>> So it's a line-by-line merge. That's the most sensible explanation available.
>>> 
>>>> 
>>>> I suggest to review changes ("df" instead of "tf" in etcupdate) to at least
>>>> those files which you know you have modified, including the password/group
>>>> stuff. After that you can decide if the diff which is shown with "df" can be
>>>> applied ("tf"), or if you want to keep the old version ("mf"), or if you
>>>> want to modify the current file ("e", with both versions present in the file
>>>> so that you can copy/paste between the different versions and keep what you
>>>> need).
>>>> 
>>> 
>>> The key sequences required to copy and paste between files in the edit screen
>>> were elusive. Probably it was thought self-evident, but not for me. I last tried 
>>> it long ago, via mergemaster. Is there is a guide to commands for merging files 
>>> using /etcupdate? Is it in the vi man page? I couldn't find it.
>> 
>> # man etcpudate
>> . . .
>> CONFIG FILE
>>     The etcupdate utility can also be configured by setting variables in an
>>     optional configuration file named /etc/etcupdate.conf.  Note that command
>>     line options override settings in the configuration file.  The
>>     configuration file is executed by sh(1), so it uses that syntax to set
>>     configuration variables.  The following variables can be set:
>> 
>>     . . .
>> 
>>     EDITOR          Specify a program to edit merge conflicts.
>> . . .
>> ENVIRONMENT
>>     The etcupdate utility uses the program identified in the EDITOR
>>     environment variable to edit merge conflicts.  If EDITOR is not set,
>>     vi(1) is used as the default editor.
>> 
>> 
>> 
>> So, if you do not want to use vi, you can use either the EDITOR
>> environment variable or an EDITOR assignment in
>> /etc/etcupdate.conf to change what editor etcupdate uses for
>> you to edit merge conflicts with.
> 
> My difficulty is precisely a lack of skill with vi, which I've
> used and cursed since starting with 386BSD. Evidently I'm a slow
> learner.... I tried other editors, but vi is the only one always
> available.  

Well, there is ed ( and red ). But also built into FreeBSD is:
ee ( and ree ). Beyond that you might have to install something.

But if "always available" means across operating systems and
built-in, instead of needing to be installed, it may be the
most common for unixish contexts.  But, as I understand, some
Linux based OS's do not include (any variant of) vi, having
things like, say, nano instead. Some variant of vi would be
an install in such cases.

I went something like 25 years between usage of vi and could do
basic activity right off the bat. (Not that I was sure such would
be true when I first had to edit via whatever editor I could find
pre-installed at the time.) It is the only non-GUI editor for
which such a thing has been true. Why it stuck so well, I do not
know.

An odd thing about this is that before the 25 year interval, my
primary editor expertise was using TECO, including tailoring its
interactive use. At this point, I only remember the name.

> For the moment, etcupgrade isn't asking for manual intervention.
> When it next does I'll pay closer attention and ask better questions.
> 


===
Mark Millard
marklmi at yahoo.com