高手救命～～～Solaris10的root帐户过期了～～～

qingyangs

root密码过期，接串口会提示修改的。

michael1983

没有其他方法，只能光盘启动了

alex_xie

OK> boot cdrom -s

# mount /dev/rdsk/c0t0d0s0  /a
# cd /a/etc
# cp shadow  shadow.bak
# vi shadow
.....把root 一行 第一个冒号和第二个冒号之间的东东删掉，保存。

#init 6

如果做了镜像，最好先把它拆掉

awb2006

  顶

yhliu

ssh不能用root登录，就一定是root的密码过期了嘛,不觉得。如果可以用X终端的话，不防再试一下。

东方蜘蛛

我遇到过几次，没有提示输入新密码，只是说root密码过期，还好console进去后都在#下就直接改了，不过，密码过期一般会涉及到下面2个文件：
# grep -v "^#" passwd
MAXWEEKS=
MINWEEKS=
PASSLENGTH=6

# more /etc/shadow
root:N4QSDJnL.DvHw:14541::::::
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
nuucp:NP:6445::::::
smmsp:NP:6445::::::
listen:*LK*:::::::
gdm:*LK*:::::::
webservd:*LK*:::::::
postgres:NP:::::::
svctag:*LK*:6445::::::
nobody:*LK*:6445::::::
noaccess:*LK*:6445::::::
nobody4:*LK*:6445::::::
mailsrv:*LK*:::::::


Symptoms

If the number of days of inactivity set for a user are exceeded,
  the following messages are displayed as the user attempts to login:        invalid userid        login incorrect   The same message occurs when root attempts to modify the user   with the /bin/passwd command. The user is also inaccessible
   via Solstice Adminsuite[TM] or Solstice Admintools[TM]. To the system,the user   does not exist.



Resolution


The following steps are necessary to reactivate the expired user:
1) If a user is suspected to have expired, locate the "expired"   user in /etc/shadow.  We'll call him "userx".  
The entry may resemble this:        
userx:gBtBLe7w3wkFo:10973::90:7:45::
  Notice the 7th field is populated with '45', which means:            
"This user expires if inactive for 45 days"      
We'll assume 45 days have passed since userx user logged in,   and the user is now expired.

2) Use usermod to remove the "inactive" (7th) field for the user:        
# usermod -f 0 userx        
Changes this:   userx:gBtBLe7w3wkFo:10973::90:7:45::
        To this:        userx:gBtBLe7w3wkFo:10973::90:7:::   
If "usermod" is unavailable or fails to remove the entry, just   edit /etc/shadow manually removing the 7th field of the user.

3) Then, as root, reset the password for the user:
# passwd userx        
New password:        
Re-enter new password:        
passwd (SYSTEM): passwd successfully changed for userx

4) Now login, rlogin or telnet in as userx (not su), enter the password,
   then logout, the account is now reactivated.
To reset the "inactive" expiration period for userx, perform the following:As root, add the inactive field back for the user using either admintool  or usermod.
Example of usermod command:        
# usermod -f 45 userx      
This will place the value of 45 back in the "inactive" (7th) field   for the user:         
userx:gBtBLe7w3wkFo:10975::90:7:45::

[ 本帖最后由 东方蜘蛛 于 2009-11-20 10:57 编辑 ]

zhoujm1976

to:东方蜘蛛,
       我这边有多台台测试或dr用的主机，都是难得登陆一次的，每次都是可以输入新密码的，确实还没碰到过过期就完全无法登陆的情况，除非是inactive有设置时间，或是expired有设置。但是又有谁回去设置root的inactive或expired字段呢。我想楼主的服务器上应该也不会去设置root用户的这两个字段。

welcome008

原帖由 东方蜘蛛 于 2009-11-19 09:46 发表
http://pagebrin.com/2009/04/sola ... %E6%96%B9%E6%B3%95/
看看这个，可以试试

远程估计很难了吧？

很多机器禁止root远程登录的。

haishui

光盘最直接啊！

michael1983

原帖由 alex_xie 于 2009-11-19 11:35 发表
OK> boot cdrom -s

# mount /dev/rdsk/c0t0d0s0  /a
# cd /a/etc
# cp shadow  shadow.bak
# vi shadow
.....把root 一行 第一个冒号和第二个冒号之间的东东删掉，保存。

#init 6

如果做了镜像， ...

正解，