I deleted my passwd and shadow file

Please help me restore my system. I deleted my passwd and shadow file
after I forget the root password. Yes, I know that was wrong thing to
do.

The system is Mandrake 10.01 community. Using the CDs, going into the
rescue mode, I added the root user using useradd. However, when
starting the system up, login using root, but this "root" does not have
much priviledge at all (can't do anything that root can do) (funny
isn't it). The root directory also somehow got wiped out. The
graphical interface is gone.

I remember that there is many things in the shadow and passwd files, so
these probably cause it. Please tell me how to get the whole system
back without reinstall. Could copy the password and shadow file from
another linux system do it? I want my GUI back too.

Thank you very much,

vdu

Vy.Huy.Ho@gmail.com writes:

>Please help me restore my system. I deleted my passwd and shadow file
>after I forget the root password. Yes, I know that was wrong thing to
>do.

>The system is Mandrake 10.01 community. Using the CDs, going into the
>rescue mode, I added the root user using useradd. However, when
>starting the system up, login using root, but this "root" does not have
>much priviledge at all (can't do anything that root can do) (funny
>isn't it). The root directory also somehow got wiped out. The
>graphical interface is gone.

Yes, useradd is not the way to add a root user. You want to go in directly

Get onto the system as root. Then copy the following to /etc/passwd
(boot as single user.
Hit esc and then tab when the list of possible boot options is presented
and type linux 1
Then edit the file /etc/passwd

It may not have all the users for the programs you installed, or may have
more than you need, but it should get you started.


root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/sh
daemon:x:2:2:daemon:/sbin:/bin/sh
adm:x:3:4:adm:/var/adm:/bin/sh
lp:x:4:7:lp:/var/spool/lpd:/bin/sh
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/bin/sh
news:x:9:13:news:/var/spool/news:/bin/sh
uucp:x:10:14:uucp:/var/spool/uucp:/bin/sh
operator:x:11:0:operator:/var:/bin/sh
games:x:12:100:games:/usr/games:/bin/sh
nobody:x:65534:65534:Nobody:/:/bin/sh
rpm:x:13:101:system user for rpm:/var/lib/rpm:/bin/false
rpc:x:14:105:system user for portmap:/:/bin/false
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
xfs:x:70:70:system user for xorg-x11:/etc/X11/fs:/bin/false
apache:x:71:71:system user for apache2:/var/www:/bin/sh
postfix:x:72:72:system user for postfix:/var/spool/postfix:/bin/false
messagebus:x:73:73:system user for dbus:/:/sbin/nologin
sshd:x:74:74:system user for openssh:/var/empty:/bin/true
rpcuser:x:75:75:system user for nfs-utils:/var/lib/nfs:/bin/false
fax:x:76:76:system user for mgetty:/var/spool/fax:/bin/sh
ftp:x:77:77:system user for vsftpd:/usr/local/ftp:/bin/false

Into /etc/shadow put

root::12823:0:99999:7:::
bin:*:12823:0:99999:7:::
daemon:*:12823:0:99999:7:::
adm:*:12823:0:99999:7:::
lp:*:12823:0:99999:7:::
sync:*:12823:0:99999:7:::
shutdown:*:12823:0:99999:7:::
halt:*:12823:0:99999:7:::
mail:*:12823:0:99999:7:::
news:*:12823:0:99999:7:::
uucp:*:12823:0:99999:7:::
operator:*:12823:0:99999:7:::
games:*:12823:0:99999:7:::
nobody:*:12823:0:99999:7:::
rpm:!!:12823:0:99999:7:::
rpc:!!:12823:0:99999:7:::
vcsa:!!:12823:0:99999:7:::
xfs:!!:12823:0:99999:7:::
apache:!!:12823:0:99999:7:::
postfix:!!:12823:0:99999:7:::
messagebus:!!:12823:0:99999:7:::
sshd:!!:12823:0:99999:7:::
rpcuser:!!:12823:0:99999:7:::
fax:!!:12823:0:99999:7:::
sshd:!!:12600:0:99999:7:::
ftp:!!:12600:0:99999:7:::


and then immediately set a password for root
passwd

This should get you going. Now you need to add back all of your old users.

Note that there may be some old password files saved.
ls /etc/passwd*
will show if there are some left lying around. Use one of them instead of
the above if you have it since it will be more for your system, not mine.




>I remember that there is many things in the shadow and passwd files, so
>these probably cause it. Please tell me how to get the whole system
>back without reinstall. Could copy the password and shadow file from
>another linux system do it? I want my GUI back too.

Your root home directory is in /root. When you used adduser it probably
made a directory /home/root with not much in it.



>Thank you very much,

>vdu

On 2005-03-31, Vy.Huy.Ho@gmail.com <Vy.Huy.Ho@gmail.com> wrote:
> The system is Mandrake 10.01 community. Using the CDs, going into the
> rescue mode, I added the root user using useradd. However, when
> starting the system up, login using root, but this "root" does not have
> much priviledge at all (can't do anything that root can do) (funny
> isn't it). The root directory also somehow got wiped out. The
> graphical interface is gone.

You probably provided the wrong parameters to useradd. You can
follow Bill Unruh's advice, or you can use the rescue CD and usermod
your root user:

usermod -d /root -u 0 -g 0 root

The ''root'' directory probably didn't get wiped out, root just
had a different home directory; the above usermod will restore the
home dir. It'll also restore root's GUI prefs, since they are
in the home directory.

> I remember that there is many things in the shadow and passwd files, so
> these probably cause it. Please tell me how to get the whole system
> back without reinstall. Could copy the password and shadow file from
> another linux system do it? I want my GUI back too.

As Bill says, look for backup files in /etc. Those will be much
better than any other passwd/shadow files you can get elsewhere, but
if all else fails, you can use his.

And start doing backups, so that you don't have to panic next
time you accidentally delete an important file!

--keith

--
kkeller-usenet@wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom
see X- headers for PGP signature information