PDA

View Full Version : Can't open etc shadow



zaedi_ahmed
June 1st, 2008, 04:32 AM
Can't open etc shadow


I have also faced the same problem.

useradd: Cannot open /etc/shadow file.

and the ls -ali shows

read write permission for root but couldn't open.

Can any one help me.....

And

ls -l /etc/shadow

shows : -rw-r--r-- for shadow

lsattr /etc/shadow

shows : ---------- for shadow
Thanks in advance

p_quarles
June 1st, 2008, 04:40 AM
Moved to Security Discussions.

First, that's not a file that's supposed to be manually edited (in any circumstance I can think of). What are you trying to do?

HalPomeranz
June 1st, 2008, 06:12 AM
useradd: Cannot open /etc/shadow file.


Are you running the useradd command with "sudo useradd"? You must be root to add users.



ls -l /etc/shadow
shows : -rw-r--r-- for shadow


Those are not the correct permissions for /etc/shadow-- the file should NOT be world-readable! On my 8.04 system, the file is mode 640 (-rw-r-----) owned by root:shadow.

You should fix the permissions on this file. If /etc/shadow is world-readable then it's trivial for any user on the system to run a password cracker on your passwords.

Dr Small
June 1st, 2008, 07:52 PM
Moved to Security Discussions.

First, that's not a file that's supposed to be manually edited (in any circumstance I can think of). What are you trying to do?
I have manually edited /etc/shadow before.

scorp123
June 3rd, 2008, 09:42 PM
I have manually edited /etc/shadow before. Yes, e.g. for password recovery on a system where you locked yourself out (let's be honest here: it can happen :D ) you have to do that.

But under normal circumstances .... hmmmm, nope. You usually don't touch it manually. Ever.

zaedi_ahmed
June 8th, 2008, 07:53 AM
Thanks to "HalPomeranz" for his comments.


"Those are not the correct permissions for /etc/shadow-- the file should NOT be world-readable! On my 8.04 system, the file is mode 640 (-rw-r-----) owned by root:shadow.

You should fix the permissions on this file. If /etc/shadow is world-readable then it's trivial for any user on the system to run a password cracker on your passwords."

Well I have chnaged it (/etc/shadow) to 640 -rw-r-----

And I was not using "su" rather than using root to issue the:

"useradd" command

The problem is not about whether /etc/shadow file can be manually edited or not.

The problem is when I am issuing "useradd" command to create a user the command replies an error and I have got a snapshot of that hope someone could give solution of the problem.

There is an attachment with this to view the problem.

Thanks in advance.

Monicker
June 8th, 2008, 01:42 PM
Take a look at this thread post. Different distro but same error.

http://www.linuxquestions.org/questions/showthread.php?p=3042231#post3042231