5 Cups of Ubuntu
Quick question.. If the root user account is disabled what should the line in the /etc/passwd and /etc/shadow files look like? I just noticed that my /etc/shadow line reads:... I thought that a logon disabled account should readCode:root:!:number... Thanks!Code:name:*:number
Last edited by lou21; February 24th, 2013 at 02:09 PM. Reason: error
Way Too Much Ubuntu
In my opinion, you will be regretted for disabling the root account.Originally Posted by lou21
Samiux
Just Give Me the Beans!
Why would you want to disable the login for root?
Ubuntu comes pre-configured this way unless you run something like:
Code:sudo bash passwd
Ubuntu Member
It's not disabled, it's locked. https://help.ubuntu.com/community/RootSudo
From this: http://manpages.ubuntu.com/manpages/.../passwd.5.html
so the ! indicates to me that the root password is encrypted.The encrypted password field may be blank, in which case no password is
required to authenticate as the specified login name. However, some
applications which read the /etc/passwd file may decide not to permit
any access at all if the password field is blank. If the password field
is a lower-case “x”, then the encrypted password is actually stored in
the shadow(5) file instead; there must be a corresponding line in the
/etc/shadow file, or else the user account is invalid. If the password
field is any other string, then it will be treated as an encrypted
password, as specified by crypt(3).
May the Ubuntu Be With You!
It seems you're a little confused and I guess this is because you think root is like in-built Administrator account is Windows. In fact root is more like System in Windows. You can't really disable it.
Tea Glorious Tea!
The manual page for /etc/shadow reads
In other words, to answer the original question, he * and ! characters are equivalent in this case. People will not be able to login as the root user. You and other users may be able to perform admin tasks using sudo, but the root account itself is locked.Code:If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means).
5 Cups of Ubuntu
That line I quote in the original question is from /etc/shadow NOT /etc/passwd. The line in /etc/passwd looks like:Which I know points to the /etc/shadow file for a potential pass word.Code:root:x:0:0:root:/root:/bin/bash
Last edited by lou21; February 25th, 2013 at 03:10 AM.
5 Cups of Ubuntu
OK clearly I didn't express myself very well in the first post. First to be clear. I am referring to the /etc/shadow file. NOT to /etc/passwd. So a better simpler question would be. What is the difference between a * and a ! in the password field of the /etc/shadow file on an Ubuntu 12.10 system? I know that both of these imply that pass word baased logon is not possible. However, apparently on some systems the ! implies that key based logons are possible. In this case why is this possible on my ubuntu box? I am asking why this file is not how I expected or remembered it being and I am wondering if someone has cracked my system.
Last edited by lou21; February 25th, 2013 at 03:03 AM. Reason: error
5 Cups of Ubuntu
I personally never changed anything to do with root access. I never enabled nor disabled any sort of root logon.
I'm back baby.
Hi
You have not been hacked, as i have not. the x's i added.
Kind regardsCode:matthew-S206:/home/matthew/fxp % sudo grep root /etc/shadow root:!:xxxx:x:xxxx:7::: matthew-S206:/home/matthew/fxp %
If you believe everything you read, you better not read. ~ Japanese Proverb
If you don't read the newspaper, you're uninformed. If you read the newspaper, you're mis-informed. - Mark Twain
Thinking about becoming an Ubuntu Member?
Posting Permissions
Adv Reply
Bookmarks