Sun Solaris root password reset

[vasser]

Does anyone knows how can I reset password for Sun Solaris without stopping services/applications?
Situation is easy - password was changed and nobody knows it. Critical application running on that server couldn`tbe stopped.

 

[Annihilannic]

Not unless you are still logged in as root from somewhere, no.

Annihilannic.

 

[mrn]

What version of solaris?

Mike

"A foolproof method for sculpting an elephant: first, get a huge block of marble, then you chip away everything that doesn't look like an elephant."

http://www.airport-parking-site.co.uk/

 

[vasser]

Solaris 8 - didn`t know exact release yet

 

[KenCunningham]

It's a management question as to how the password was changed without anyone being told what it is. Unless there's another account with root privileges, I think your only option is to bite the bullet and arrange some downtime and then follow the FAQ in this forum to boot from cd and change it. I'd be interested to hear of any other options people may come up with.

 

[vesposito]

If you already have an open root shell, no problem, if not your only recourse will be to boot from CD, mount your root partition to /mnt, then vi /mnt/etc/shadow easiest thing to do then is leave the password field empty, and reassign a real root password IMMEDIATELY when you boot back up- you will be very vulnerable to attack for the 30 seconds or so between boot completion and the time it takes to key in a password, so best practice is to boot single user first and finish resetting the password- if you're really paranoid, yank out your network cables while you do it, and reconnect them before you exit the single user shell and come up to multi-user.

Vincent Esposito

 

[vasser]

Thanks everyone for help - I think the only one choice for us to boot up from CD. Everything is fine with management - one company taked another and people who worked there cut the cables, stopped switches, the only thing they didn`t broke is main server (no chance or no time). Documentation doesn`t exist and we are trying to make all systems work ...

 

[KenCunningham]

Where are you working, Baghdad?

 

[vasser]

Far from Baghdad and not that far from Afganistan - Central Asia.

Interesting question come up from our customers - does any application can be dependant from root account ?- in ideal world I can promise NO because specific accounts always created by apps admins - but in situation like that? That is why we trying to manage it without reboot.

 

[KenCunningham]

As you say, in an ideal world, it is probably possible to manage without the root password, but if any OS component breaks or becomes unstable/unusable (full system filesystems, for example) then the system will probably grind to a halt if remedial steps can't be taken. I guess in some ways that would necessitate having to shutdown/power off anyway, and then you would be able reset the password before bringing it back up. A little drastic, but it's your call at the end of the day. All the best.

 

[mrn]

It may be worth searching the security vulnerability
listings like ciac and see if there are any buffer overflow vulns you could use to gain root access. I've done this in the past on AIX machines.

Mike

"A foolproof method for sculpting an elephant: first, get a huge block of marble, then you chip away everything that doesn't look like an elephant."

http://www.airport-parking-site.co.uk/