On one of our RHEL6 servers I made a change to /etc/pam/d/system-auth and password-auth then after rebooting lost the ability to sudo and su. Specifically I changed this line:
auth sufficient pam_unix.so try_first_pass
to this:
auth optional pam_unix.so try_first_pass
I can still ssh to the server and get in with a standard user account however I have no rights to make any changes to any files so I can reverse this. This server is also a VM. Is there anything I can do? Any PAM tricks out there?
Best Answer
If you've locked yourself out of the root account, you'll need to use physical access. There are two approaches:
linux
, to addinit=/bin/sh
at the end. Boot, and you'll get a root shell. Use this to fix whatever configuration file needs fixing. This method requires access to the console and a bootloader that isn't locked up.Since your system is running in a virtual machine, the “physical” access is in fact access to the account on the host system that's running the virtual machine. Rebooting and accessing the console is a straightforward analog of the physical case. Accessing the disk can be done with virtual machine software. Here are some methods:
Use guestfs tools, specifically
guestmount
. Something like this should work:Expose the VM image as a network boot device: