Hubertrum
Posts: 29
Joined: Tue May 22, 2012 11:56 am

Bad advice to mess with /etc/passwd

Mon Mar 11, 2013 3:19 pm

I am trying to get Apache2/PHP/MySQL working but on this URL

http://www.wikihow.com/Make-a-Raspberry-Pi-Web-Server

It mentions going into .etc/passwd and
"
Find the line pi:x;1000:1000:Raspberry Pi User,,,:home/pi:/bin/bash and add a # sign to the beginning of it. Now save and exit the file."

Which I have done and now i'm stuffed as it doesn't recognise Pi. Or allow e to add Pi as a new user. How can I get around this?

User avatar
joan
Posts: 14388
Joined: Thu Jul 05, 2012 5:09 pm
Location: UK

Re: Bad advice to mess with /etc/passwd

Mon Mar 11, 2013 3:26 pm

Edit the file and remove the #.

Easiest if you mount the SD card in another Linux machine.

From Windows/Macs you'll need to find some software to download to allow the machine to recognise ext4 formatted disks.

User avatar
jojopi
Posts: 3085
Joined: Tue Oct 11, 2011 8:38 pm

Re: Bad advice to mess with /etc/passwd

Mon Mar 11, 2013 3:33 pm

If you followed all those instructions, you set a root password before disabling pi. So log in as root and re-edit /etc/passwd.

If not, boot in single user mode. Add the word "single" to cmdline.txt, keeping it all on one line. Now the system boots to a root shell. Re-edit passwd and cmdline.txt.

User avatar
rurwin
Forum Moderator
Forum Moderator
Posts: 4258
Joined: Mon Jan 09, 2012 3:16 pm
Contact: Website

Re: Bad advice to mess with /etc/passwd

Mon Mar 11, 2013 3:38 pm

^what he said.

(But I thought it was a single "S" not the word "single". It might be either.)

Personally I would have thought that disabling a rather obscure but standard username, and enabling a widespread and very well-known standard username instead was questionable security. It also ophans all files owned by pi, which has got to be wrong.

It would be a whole lot better to create a new user with an obscure name that only you know, and disable both of the other ones by setting their password to "*" in /etc/shadow. But make sure the new user has sudo rights first.

Hubertrum
Posts: 29
Joined: Tue May 22, 2012 11:56 am

Re: Bad advice to mess with /etc/passwd

Mon Mar 11, 2013 3:55 pm

I can't edit etc/passwd to remove '#' as I now don't have authority. I don't have another Linux machine. So how can I follow your advice and boot in single user mode?

User avatar
RaTTuS
Posts: 10493
Joined: Tue Nov 29, 2011 11:12 am
Location: North West UK

Re: Bad advice to mess with /etc/passwd

Mon Mar 11, 2013 3:58 pm

you can edit /bbot/cmdline.txt on a windows machines with notepad+
How To ask Questions :- http://www.catb.org/esr/faqs/smart-questions.html
WARNING - some parts of this post may be erroneous YMMV

1QC43qbL5FySu2Pi51vGqKqxy3UiJgukSX
Covfefe

Hubertrum
Posts: 29
Joined: Tue May 22, 2012 11:56 am

Re: Bad advice to mess with /etc/passwd

Mon Mar 11, 2013 4:25 pm

Thanks

I editted cmdine.txt on Windows using Notepad Plus to add "single" to cmdline.txt. Rebooted the pi and then edited the etc/passwd file to remove the "#". Then I changed the cmdline.txt back to what it was.

technion
Posts: 238
Joined: Sun Dec 02, 2012 9:49 am

Re: Bad advice to mess with /etc/passwd

Wed Mar 13, 2013 2:47 am

[quote="rurwin]
It would be a whole lot better to create a new user with an obscure name that only you know, and disable both of the other ones by setting their password to "*" in /etc/shadow. But make sure the new user has sudo rights first.[/quote]

+1
Just because it's in a guide doesn't mean it's right. Unfortunately in this case, the advice given really isn't great.

Return to “Other programming languages”