Bug 12497

Summary: cannot logon because /etc/shadow is missing
Product: [Retired] Red Hat Linux Reporter: mdmoore
Component: shadow-utilsAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.1   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-06-19 01:40:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description mdmoore 2000-06-19 01:40:11 UTC
I am the only user who logs on to the server. I logon as root. The 
remaining users logon via Samba only from windows machines. On attempting 
to logon as root to setup a new user I found it would not accept the 
proper password for the root account. The server had been up for over a 
month since I last logged on. The Samba users could logon (probably 
because smbpasswd is ok). I logged on in single user mode and found that 
the /etc/shadow file was missing. I copied the file /etc/shadow- to 
create /etc/shadow then rebooted to multiuser mode. I could then logon as 
root. 

I believe that Samba is irrelevant to the problem as I believe that I 
encountered the same problem on my firewall which had no SAMBA support. On 
that machine I simply reinstalled to recover so I am not sure that the 
shadow file was gone. I don't know if it is relevant but I do use cron to 
schedule daily, weekly, monthly backups. I have had no repeat of this 
since I stopped using cron on the firewall machine. Tonight was my first 
detected problem on the Samba machine. Any thoughts?

Comment 1 Bernhard Rosenkraenzer 2000-07-10 20:44:00 UTC
I've never seen a Linux system deleting /etc/shadow without being told to.
Chances are someone figured out the root password and is playing games with you.
Also, check the permissions to make sure the samba users can't mount /etc
writable on their windoze boxes.