chsh corrupts /etc/pwd.db

Tom Samplonius tom at samplonius.org
Thu Aug 22 01:22:53 UTC 2019



> On Aug 21, 2019, at 2:55 PM, Alan Somers <asomers at freebsd.org> wrote:
> 
> Today I tried to use chsh to change my shell from bash to fish.  The
> command completed successfully, but new logins continued to use bash!
> Investigating, I discovered that /etc/pwd.db and /etc/spwd.db seem to
> contain 3-4 entries per user.  One of those still refers to my old

  Berkeley DB files can only have a single index, so users are stored three times, once by username, once by uid, and once by line number.  So that isn’t corruption.


> shell.  Worse, if I try using chsh again, it fails with an "entry
> inconsistent" error, and I have to restore the password files from
> backup.  Has anybody seen something like this before?  This is just a
> single system, with no NIS or LDAP.

  You shouldn’t need to restore the files.  You should be able to just regenerate the *.db files from the master.passwd file:

/usr/sbin/pwd_mkdb -p /etc/master.passwd


Unless, of course your master.passwd file was damaged.  But the *.db files are really just caches for faster access to user data.  The real master file is master.passwd.


The ch* tools typically just change master.passwd, and then call pwd_mkdb to rebuild the *.db files.  



Tom


More information about the freebsd-stable mailing list