Get the latest update from TechGyaan via Email
How do i restore default permission for “root” directories on Solaris
[11:27 AM | 0 comments ]

Q. How do i restore default permission for “root” directories on Solaris?
A. As a sysadmin we get lots of issues from users saying we are unable allowing to login to the machine. It throws the error message "module /usr/lib/security/pam_authtok_get.so.1 writable by group" which occurs b'cos user had changed the group & permission for whole "root" directories using sudo command.

Error Message:
techserver console login: root
techserver login: open_module: module /usr/lib/security/pam_authtok_get.so.1 writable by group
techserver login: load_modules: can not open module /usr/lib/security/pam_authtok_get.so.1
techserver login: open_module: module /usr/lib/security/pam_authtok_get.so.1 writable by group
techserver login: load_modules: can not open module /usr/lib/security/pam_authtok_get.so.1
techserver su: load_modules: can not open module /usr/lib/security/pam_dhkeys.so.1

Machine will not allow untill you restore the ownership and group of root files

Before:
#root@techserver:root [/sbin/sh] ls -l /etc/passwd
-rw-r--r-- 1 root sys 1722 Jan 22 2005 /etc/passwd
After:
#root@techserver:root [/sbin/sh] chmod 444 /etc/passwd
#root@techserver:root [/sbin/sh] ls -l /etc/passwd
-r--r--r-- 1 root sys 1722 Jan 22 2005 /etc/passwd/etc/passwd
you can't change each file permission & ownership for whole root directories

/etc/shadow
/usr/bin/login passwd and su
check /etc/pam.conf perms.

So I tried restoring the ownership and group for root files running "pkgchk"
Start the machine with single user mode using cdrom in maintenance mode & mount your devices
Here's an example...use your own devices but you'll need to mount "usr" and "var" under "/a"

"mount -F ufs /dev/dsk/c0t3d0s0 /a" to mount root to /a {Root Partition}
"mount -F ufs /dev/dsk/c0t3d0s1 /a/var" to mount var to /a/var {/var Partition}
"mount -F ufs /dev/dsk/c0t3d0s6 /a/usr" to mount usr to /a/usr {/usr Partition}

once you are done with mounting the partition
# pkgchk -R /a -fv
That should run the pkgchk on /a it will take time to restore the ownership & permission.
Once it is done you will be able to login to the machine.

Related: How to boot system in emergency mode

Related Posts by Categories



I'm reading: How do i restore default permission for “root” directories on SolarisTweet this!

0 comments

Post a Comment