I modified a users name on my system. From ABCLast, to ALast (used as an example).
I modified the username, then the group name of the user (to align with the new name), and then I moved the users home directory from /home/ABCLast, to /home/ALast. Then using vipw, edited the home directory to use /home/ALast.
When I got finished editing the passwd file, I got the following message: You have modified /etc/passwd. You may need to modify /etc/shadow for consistency.
I don't know what to do here. Need some guidance please.
lastly, did I miss anything here? Any other steps I need to do to get this user squared away due to the name change?
Thanks,
Jay
On 6/14/20 1:39 PM, Jay Hart wrote:
You may need to modify /etc/shadow for consistency.
I don't know what to do here. Need some guidance please.
Run "vipw -s" and make the same change to that file's record for ABCLast.
In /etc/passwd the directory was shown in plain text. So I just moved over in the line and changed /home/ABCLast to /home/ALast. Saved file, and exited.
I don't see a directory name in /etc/shadow using 'vipw -s'
Jay
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Date: Sunday, June 14, 2020 17:26:42 -0400 From: Jay Hart jhart@kevla.org
On 6/14/20 1:39 PM, Jay Hart wrote:
You may need to modify /etc/shadow for consistency.
I don't know what to do here. Need some guidance please.
Run "vipw -s" and make the same change to that file's record for ABCLast.
In /etc/passwd the directory was shown in plain text. So I just moved over in the line and changed /home/ABCLast to /home/ALast. Saved file, and exited.
I don't see a directory name in /etc/shadow using 'vipw -s'
The /etc/shadow file doesn't have the user directory information, rather the username and the password (and some other bits - man shadow for the details). With the /etc/passwd and /etc/shadow out of sync - having different versions of the username - I suspect that the user can't log in. You should also fix the shadow group file (gshadow). Look at the man page for vipw for the command for doing that.
Date: Sunday, June 14, 2020 17:26:42 -0400 From: Jay Hart jhart@kevla.org
On 6/14/20 1:39 PM, Jay Hart wrote:
You may need to modify /etc/shadow for consistency.
I don't know what to do here. Need some guidance please.
Run "vipw -s" and make the same change to that file's record for ABCLast.
In /etc/passwd the directory was shown in plain text. So I just moved over in the line and changed /home/ABCLast to /home/ALast. Saved file, and exited.
I don't see a directory name in /etc/shadow using 'vipw -s'
The /etc/shadow file doesn't have the user directory information, rather the username and the password (and some other bits - man shadow for the details). With the /etc/passwd and /etc/shadow out of sync - having different versions of the username - I suspect that the user can't log in. You should also fix the shadow group file (gshadow). Look at the man page for vipw for the command for doing that.
All files seem to have the correct updated username, and the user can login.
Jay
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
On 6/14/20 4:41 PM, Richard wrote:
Date: Sunday, June 14, 2020 17:26:42 -0400 From: Jay Hart jhart@kevla.org
On 6/14/20 1:39 PM, Jay Hart wrote:
You may need to modify /etc/shadow for consistency.
I don't know what to do here. Need some guidance please.
Run "vipw -s" and make the same change to that file's record for ABCLast.
In /etc/passwd the directory was shown in plain text. So I just moved over in the line and changed /home/ABCLast to /home/ALast. Saved file, and exited.
I don't see a directory name in /etc/shadow using 'vipw -s'
The /etc/shadow file doesn't have the user directory information, rather the username and the password (and some other bits - man shadow for the details). With the /etc/passwd and /etc/shadow out of sync - having different versions of the username - I suspect that the user can't log in. You should also fix the shadow group file (gshadow). Look at the man page for vipw for the command for doing that.
Whenever you are attempting to edit UNIX user related files manually, keep in mind that information in the following files should be changed (not necessarily in all, depending on what you change):
/etc/passwd /etc/shadow /etc/group /etc/gshadow
There are also "previous versions" of each of these files which have the same names appended by hyphen ("minus").
Also, keep in mind that permissions for all of these files matter.
I hope, this helps.
Valeri
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
This might be of use to somebody. The Readme includes mention of some handy utilities for checking your database files.
On Sun, 2020-06-14 at 17:26 -0400, Jay Hart wrote:
On 6/14/20 1:39 PM, Jay Hart wrote:
You may need to modify /etc/shadow for consistency.
I don't know what to do here. Need some guidance please.
Run "vipw -s" and make the same change to that file's record for ABCLast.
In /etc/passwd the directory was shown in plain text. So I just moved over in the line and changed /home/ABCLast to /home/ALast. Saved file, and exited.
I don't see a directory name in /etc/shadow using 'vipw -s'
No, there's no directory in /etc/shadow, but the username (the first field) will need to be changed to match with the one in /etc/passwd. Apologies if you know this: /etc/passwd contains account information and is world readable because lots of programs need the information in it, the encrypted password use to be in that file (hence the name) but it too was visible and hence available for cracking; /etc/shadow is not world readable and holds all the "secret" password info; the only thing linking the two databases is the username, hence that has to match in the two files.
P.
-
Gordon Messmer -
Jay Hart -
Kenneth Porter -
Pete Biggs -
Richard -
Valeri Galtsev