LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

August 2019

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS August 2019

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Help with root password
From:	Nico Kadel-Garcia <[log in to unmask]>
Reply To:	Nico Kadel-Garcia <[log in to unmask]>
Date:	Thu, 1 Aug 2019 19:27:52 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (56 lines)

On Thu, Aug 1, 2019 at 1:56 PM Konstantin Olchanski <[log in to unmask]> wrote:
>
>
>
> You need a root password to ssh into and reboot a remote machine
> that stopped accepting logins from normal users (stuck NFS, stuck NIS,
> out of memory, dead user home directory disk, borked pam, etc).
>
> Definition of remote machine? Not under your desk; takes longer
> than 5 minutes to walk to a different building to press the reset
> button; it's at CERN and you have to send an email to somebody
> to go find it and press the reset button. etc.
>
> Why not "login as normal user and sudo into root?", see above,
> machine is borked and does not accept login from normal user.
>
>
> K.O.
>
>
> On Mon, Jul 22, 2019 at 01:52:35PM -0400, R P Herrold wrote:
> > On Sat, 20 Jul 2019, Nico Kadel-Garcia wrote:
> >
> > > > sudo passwd root
> > >
> > > If he had sudo access, why would he need or want a root password?
> >
> > a root password, rather than mediated 'sudo' access is needed
> > from time to time
> >
> > Before the system is up and recognizing, to do fsck' and such
> > which require the root password to be executed, comes to mind
> >
> >
> > -- Russ herrold

This thread was a while. In fact, he had sudo access, and managed to
get in and reset things.

There are many distinct ways to force a login on a remote machine,
depending on what resources you have. This sort of thing is why I
assumed he did *not* have sudo access.
I've been in such situations, including for over 1000 newly installed
machines when some fool had manually compiled a new kernel, from the
local source code on their laptop, without merging the patches from
the main source code repository, and left out a critical patch over a
year old. Fortunately for the company, I'd been a complete *weasel*
with the kernel installation tools, and used the old LILO features
that allowed me to say "the default is the current kernel, reboot once
and once only with the new kernel: if the new kernel boots
successfully, reset it as the default". So all we had to do was get
the engineers to push the power button on over 1000 hung servers
around the world. We also had to read the riot act to a few of them
who claimed they weren't supposed to touch servers, but our contracts
all specifically called for "hands and eyes" i fneeded.

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV