Editing /etc/passwd

[RiezalR]

OK, call me silly, but i've accidentally deleted a 'passwd' file while i was in /etc. Thinking that it was another passwd file which i extracted from another host that I wanted to crack, i deleted my own. What i did was boot up my older RH 7.2 on another partition and copied my old /etc/passwd file to it. I'm not sure how it worked out, but i managed to log back on to my RH 8.0. I expected my older password to be used, but instead, it was my orignal RH 8.0 password that was used. I'm thinking that it had to do with the file being shadowed. OK so that's all good.

My problem now, is that I have lots of extra lines in my current /etc/passwd that I don't need. And now my other logins dont work anymore, only root works. Is it safe to simply delete these lines that I don't need? Or is there any way i can re-generate a passwd file that is appropriate for my current setup? I need to do this without using the User and Groups GUI as my RH 8.0 GUI is full of bugs.

 

[d3funct]

Yeah, you can go edit it using vi and delete the lines you don't want by positioning the cursor on the line you want to delete and typing "dd" to delete the entire line. I suggest you do not delete any of the default users that come in the file by default (i.e., nobody, guest, adm, etc..) If the user id/groupid seems wrong look in your existing /etc/group file, there should be a group for each user and the groupid should correlate to the original userid, same goes for all your users from your deleted /etc/passwd file. If what I'm saying is unclear let me know. I'm at work right now and do not have my linux box in front of me. But, as I say, all your users from your deleted /etc/passwd should still be defined with correct UID's in /etc/group and /etc/shadow. You might also look for a file in /etc/shadow called opasswd and check it out. An infinite number of monkey typing at an infinite number of keyboards will eventually populate the internet.

 

[RiezalR]

Ok i'll give that a go. Just wanted to know if deleting the lines manually is a wise option. Was afraid the passwd file would be corrupt or erronous. Thanks for your advice.

 

[RiezalR]

OK i've managed to delete most of the lines, but now i realise I have some lines missing. My server is set to run OpenSSH. But the service is not actually up. When i start the service, an error comes up. "Privilege seperation user sshd does not exist". Im thinking this is an error because there is no line in the /etc/passwd for SSH? Would it be possible for someone to post to me how an SSH entry in /etc/passwd and /etc/shadow would look like? Thanks.

 

[RiezalR]

I could make up the line, but uncertain as to how to assign the numbers and what not. Never done this before.

sshd:x:22:22::/usr/bin/sshd

I simply put in the number 22 there. I think it should be some other number. Could someone post theirs?

 

[d3funct]

I don't think the UID:GID numbers matter as long as they are not being used by a previous entry. BTW, always make a copy of the file you are going to edit. Before I edit any files I do "cp {filename I'm gonna edit} {filename}.bak An infinite number of monkey typing at an infinite number of keyboards will eventually populate the internet.