compared with
Version 4 by Chris Ridd
on Nov 07, 2017 06:18.

This line was removed.
This word was removed. This word was added.
This line was added.

Changes (5)

View Page History

The {{/etc/shadow}} file is actually a file from the {{/usbkey}} filesystem on the persistent zpool, which is "lofs-mounted" over the file in the ramdisk-backed {{/etc}} filesystem. That mountpoint isn't writable by normal means (see below for details), so to change that, you'll want to make this change:

{code}umount /etc/shadow; cp /usbkey/shadow /etc/shadow; passwd root; cp /etc/shadow /usbkey/shadow{code}

This change will persist after reboots, because you've copied it back to the {{/usbkey/shadow}} location. After a reboot, "/etc/shadow" {{/etc/shadow}} will again be an un-writable lofs mountpoint.

Alternately, you can (carefully) edit the hash in the {{/usbkey/shadow}} file with a new one. The program "/usr/lib/cryptpass" {{/usr/lib/cryptpass}} will generate a valid hash:

{code}# /usr/lib/cryptpass somepassword
... this method will require a reboot to take effect.

Lofs-mounted single files \*can*, in fact, be written to, but due to the way they're mounted, you can't "create" them, so normal opens and writes (like from the "vi" {{vi}} editor, running the "passwd" command, or from shell ">" redirection) won't work.

This command will overwrite the lofs-mounted /etc/shadow logs-mounted {{/etc/shadow}} file with a (presumably edited) {{/tmp/shadow}} file, using the "socat" {{socat}} binary , which lets you specify the arguments to the open syscall:
{code}socat -u OPEN:/tmp/shadow,rdonly OPEN:/etc/shadow,wronly,trunc