Originally Posted by
RgnKjnVA
To answer your question without condescending lectures on what you should and shouldn't do, once you've created a password for root then locked it (passwd -l root) you simply need to unlock it (passwd -u root). Be sure to put root back on lockdown when you're done.
For the peanut gallery, there ARE times when you need root. I found this thread because some tunneling software I'm trying to install from my office needs root to install the network connector and I was getting the same 'expired' message.
The cause of this is that the effect of running password -l has recently changed, from Hardy onwards.
From man passwd:
Code:
-l, --lock
Lock the named account. This option disables an account by changing
the password to a value which matches no possible encrypted value,
and by setting the account expiry field to 1.
Why is this an issue? Because due to "and by setting the account expiry field to 1" (a recent change), cron jobs owned by root (almost all system wide cron jobs are owned by root) can no longer run and return an error "account root has expired".
This will of course in all probability affect other processes on a system whose administrator has enabled root then subsequently disabled it using sudo passwd -l root also.
It may, I suspect, be responsible for a number of the issues which are apparently affecting Hardy and Intrepid users, some of whom are reporting odd issues and problems with their machines which appear otherwise unrepeatable and inexplicable.
Of course, usage of password -l is documented (at present incorrectly in respect of Ubuntu versions from Hardy onwards) in this often referred to Ubuntu document:
https://help.ubuntu.com/community/RootSudo
The password -l behaviour change is a known bug though, which apparently originated upstream in Debian:
https://bugs.launchpad.net/ubuntu/ha...ow/+bug/238755
Bookmarks