user account disappeared
Lehel Bernadt
lehel at maxer.hu
Sun Feb 28 11:12:35 UTC 2021
On Sun, Feb 28, 2021 at 10:58:08AM +0200, Gareth de Vaux wrote:
>On Sat 2021-02-27 (18:12), J. Hellenthal wrote:
>> Looks like your master passwd db is out of sync.
>>
>> Command is mkpwdb or something similar then run init q
>>
>> Personally it would seem someone got ahold of master.passwd and doesn???t know how it works or a port upgrade failed to complete properly updating the db
>
>I'm the only one with root on the machine, and it doesn't look like ports changed any users
>looking at my backups of /etc/passwd. The only change in that area was when I changed the passwd
>with passwd(1) of a different user. So passwd(1) or something similar is buggy?
FreeBSD gets the user data from the bdb format database files pwd.db &
spwd.db. These are generated from /etc/master.passwd.
So first, regenerate the db files by running
"pwd_mkdb -p /etc/master.passwd"
Now check if the user is really there:
"db_dump185-5 -p /etc/pwd.db | grep lostuser"
(the right dump command might be named differently on your system; check every
db_dump* to see which one works)
If the user still doesn't appear, check if libc's nsswitch is configured
correctly:
"grep passwd: /etc/nsswitch.conf"
this should say "files" or "compat"
"getent passwd lostuser"
this should list lostuser's entry in passwd(5) format
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20210228/1d389dca/attachment.sig>
More information about the freebsd-security
mailing list