Early this morning, one of my colleagues in the office reported a problem with one of our Solaris (SPARC) servers. He claimed that he can’t login as root anymore. I verified the report and it was true. I’m not sure though if the problem was due to disk corruption since the disk was quite slow and we had to fsck the disk several times in single user mode, or it’s a security breach wherein someone managed to get into the server and change the root password. We’re still trying to confirm the cause of the problem but first things first .. we have to bring up the server since it’s being used by one of our development team for their current project. 
Here’s what I did to bring up the server and reset the root password (I think this would also be useful for those password forgetful admin). 
1. Through a terminal window, enter the LOM prompt and then boot the server from the CD-ROM:
#.
lom> break
ok> boot cdrom -s
2. After booting from the CD-ROM, mount the / partition. In this example, let’s say that your / partition on the disk is /dev/dsk/c0t0d0s1:
mount /dev/dsk/c0t0d0s1 /mnt
Note: You may want to check the disk for errors first by executing the command:
fsck -y /dev/dsk/c0t0d0s1
3. Now edit the /etc/shadow file using vi located in the /mnt directory (/mnt/etc/shadow). Just look for the line that looks something like this:
root:1d7jJmN023LM:12573::::::
This is the root account password data and what we want to do next is to make the password blank so edit the line so it woul look like this (removed the alpha-numeric characters after root
:
root::12573::::::
4. Reboot the system and the root password would be blank so you can logon as root to the server without entering any password. Make sure that you change the password as soon as possible.
That’s all folks! Ciao!
Popularity: 3% [?]