SUMMARY: Fixing /etc/vfstab and booting from cdrom

From: ryanm (ryanm@accn.org)
Date: Mon May 17 1999 - 07:15:13 CDT


Thanks to all 90 people who replied. I appreciate everyone's help!!!
Here is a 8 step procedure for getting your password file, /etc/fstab
or any other file to work again if things aren't booting correctly
taken from teh sun faq which I now have a pritned copy of :) This
was sent to me by Stefan Voss Thanks Stefan!!! and again thanks to
everyone who replied!!!!!!

Ryan

Subject: 15.1) I've forgotten the root password; how can I recover?
 
  You need to have access to the machine's console.
 
  1. Note the root partition (e.g. /dev/sd0a or /dev/dsk/c0t3d0s0)
  2. Hit STOP-A or L1-A (or, on an ASCII terminal or emulator, send a
     <BREAK>) to halt the operating system, if it's running.
  3. Boot single-user from CD-ROM (boot cdrom -s) or network
     install/jumpstart server (boot net -s) (NB: if it asks you for a prom
     password, see below.)
  4. Mount the root partition (e.g. /dev/dsk/c0t3d0s0) on "/a". "/a" is
     an empty mount point that exists at this stage of the installation
     procedure. (mount /dev/dsk/c0t3d0s0 /a)
  5. Set your terminal type so you can use a full-screen editor, e.g. vi.
     (you can skip this step if you know how to use "ex" or "vi" from open
     mode). If you're on a sun console, type "TERM=sun; export TERM"; if
     you're using an ascii terminal (or terminal emulator on a PC) for your
     console, set TERM to the terminal type (e.g. TERM=vt100; export TERM).
  6. Edit the passwd file (/a/etc/passwd for SunOS 4.x, /a/etc/passwd.adjunct
     for SunOS 4.x with shadow passwords/C2 security), /a/etc/shadow for
     Solaris 2.x and remove the encrypted password entry for root
  7. cd to /; Type "umount /a"
  8. reboot as normal in single-user mode ("boot -s"). The root account will
     not have a password. Give it a new one using the passwd command.
 
  Thanks to Stefan Voss <s.voss@terradata.de>
 
  PROM passwords:
 
  Naturally, you may not want anyone with physical access to the machine to
  be able to do the above to erase the root password. Suns have a security
  password mechanism in the PROM which can be set (this is turned off by
  default). The man page for the eeprom command describes this feature.
 
  If security-mode is set to "command", the machine only be booted without
  the prom password from the default device (i.e. booting from CD-ROM or
  install server will require the prom password). Changing the root password
  in this case requires moving the default device (e.g. the boot disk) to a
  different SCSI target (or equivalent), and replacing it with a similarly
  bootable device for which the root password is known. If security-mode is
  set to full, the machine cannot be booted without the prom password, even
  from the default device; defeating this requires replacing the NVRAM on the
  motherboard. "Full" security has its drawbacks -- if, during normal
  operations, the machine is power-cycled (e.g. by a power outage) or halted
  (e.g. by STOP-A), it cannot reboot without the intervention of someone
  who knows the prom password.



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:19 CDT