The best way to edit /etc/passwd, or shadow or group file is to use # vipw command. If you use vi to edit /etc/passwd file and same time any user try to change a password while root editing file, /etc/shadow file might be corrupted. To avoid this problem, put a lock while editing file /etc/passwd or /etc/group, use vipw and vigr command which will edit the files /etc/passwd and /etc/group with use -s option.
The main purpose of locks is to prevent file corruption. Do not use vi to edit password file.
# vipw -s : Edit /etc/passwd file
# vigr -s : Edit /etc/group file
Where,
-s : Secure file editing
The main purpose of locks is to prevent file corruption. Do not use vi to edit password file.
# vipw -s : Edit /etc/passwd file
# vigr -s : Edit /etc/group file
Where,
-s : Secure file editing
Example :-
Login as a root user:
# vipw -s
If on same time,other terminal login as normal user and try to change any of User Account password:
$ passwd
$(current) UNIX password:
$Enter new UNIX password:
$Retype new UNIX password:
$passwd: Authentication token lock busy
As you see it returned with an error "passwd: Authentication token lock busy"
This will help to avoid /etc/shadow file corruption.
0 Comments