Red Hat Bugzilla – Bug 23267
passwd shadow and resolv.conf overwritten
Last modified: 2007-03-26 23:38:50 EDT
Wanted to point out a possible problem..... not sure what with though....
On a running system the following files were somehow overwritten:
Appeared to be overwritten by parts of up2date or the GTK file for the red
had update agent.
I did sign up for the update agent but never finished the install....
System was up and running, was not used for several hours, went to log in
and was unable to log in.
A root session I was using was on one of the mscreens so I hunted down the
problem and rebuild the passwd and shadow....
I am on a cable modem and behind a floppyfw based firewall that does MASQ
and is not running any services and should not be forwarding anything but
MASQ replies. Can't rule out being hacked at this point.
I have the contents of the file overwrites if they would be helpful.
Let me know if there is any other info you would like.
Looks like I have a currupted superblock on that filesystem..... appears to be a bad sector..... the above most likely happened as a result of the corrupted
Sorry for the false alarm.