Gelöst: Useradd schlägt fehl: useradd: / etc / passwd kann nicht gesperrt werden; versuchen Sie es später noch einmal [geschlossen]


8

Wenn ich versuche, einen Benutzer als root hinzuzufügen oder zu löschen, wird folgende Fehlermeldung angezeigt:

useradd: kann / etc / passwd nicht sperren; versuchen Sie es später erneut.

Nachdem ich viele Beiträge durchgesehen habe, habe ich keinen der üblichen Verdächtigen:

Keine Sperrdateien.

[root@r6 /]# ls -al /etc/*.lock
ls: cannot access /etc/*.lock: No such file or directory

Wurzel ist nicht voll

/ dev / sda1 40G 6,0G 32G 16% /

Inodes sind nicht voll

[root@r6 /]# df -i /etc
Filesystem      Inodes IUsed   IFree IUse% Mounted on
/dev/sda1      2621440 68931 2552509    3% /

Root ist RW montiert

/ dev / sda1 on / type ext4 (rw)

Aus dem gleichen Grund kann ich / etc / shadow oder / etc / passwd nicht in / etc. Kopieren

Zum Beispiel:

[root@r6 /]# cp /etc/passwd /etc/passwd.8122015
cp: cannot create regular file `/etc/passwd.8122015': Permission denied

Ich mache all diese Befehle als root. Ich habe mich beim Server angemeldet und sudo su-.

Jede Hilfe wäre großartig. Ich habe den ganzen Tag gekämpft.

strace -o / root / blah -ff useradd gmiller

cat /root/blah.30644

execve("/usr/sbin/useradd", ["useradd", "gmiller"], [/* 21 vars */]) = 0
brk(0)                                  = 0x7f0388d2b000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878df000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=39702, ...}) = 0
mmap(NULL, 39702, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f03878d5000
close(3)                                = 0
open("/lib64/libaudit.so.1", O_RDONLY)  = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20( r5\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=144208, ...}) = 0
mmap(NULL, 2236976, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f038749e000
mprotect(0x7f03874b5000, 2097152, PROT_NONE) = 0
mmap(0x7f03876b5000, 49152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7f03876b5000
close(3)                                = 0
open("/lib64/libselinux.so.1", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320X\240q5\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=124624, ...}) = 0
mmap(NULL, 2221912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f038727f000
mprotect(0x7f038729c000, 2093056, PROT_NONE) = 0
mmap(0x7f038749b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000) = 0x7f038749b000
mmap(0x7f038749d000, 1880, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f038749d000
close(3)                                = 0
open("/lib64/libacl.so.1", O_RDONLY)    = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\36 w5\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=33816, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878d4000
mmap(NULL, 2126416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0387077000
mprotect(0x7f038707e000, 2093056, PROT_NONE) = 0
mmap(0x7f038727d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f038727d000
close(3)                                = 0
open("/lib64/libc.so.6", O_RDONLY)      = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\356!p5\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1926800, ...}) = 0
mmap(NULL, 3750152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0386ce3000
mprotect(0x7f0386e6d000, 2097152, PROT_NONE) = 0
mmap(0x7f038706d000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x18a000) = 0x7f038706d000
mmap(0x7f0387072000, 18696, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f0387072000
close(3)                                = 0
open("/lib64/libdl.so.2", O_RDONLY)     = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340\r\240p5\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=22536, ...}) = 0
mmap(NULL, 2109696, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0386adf000
mprotect(0x7f0386ae1000, 2097152, PROT_NONE) = 0
mmap(0x7f0386ce1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f0386ce1000
close(3)                                = 0
open("/lib64/libattr.so.1", O_RDONLY)   = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\23\340t5\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=21152, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878d3000
mmap(NULL, 2113888, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f03868da000
mprotect(0x7f03868de000, 2093056, PROT_NONE) = 0
mmap(0x7f0386add000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f0386add000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878d2000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878d0000
arch_prctl(ARCH_SET_FS, 0x7f03878d07a0) = 0
mprotect(0x7f0386add000, 4096, PROT_READ) = 0
mprotect(0x7f0386ce1000, 4096, PROT_READ) = 0
mprotect(0x7f038706d000, 16384, PROT_READ) = 0
mprotect(0x7f038727d000, 4096, PROT_READ) = 0
mprotect(0x7f038749b000, 4096, PROT_READ) = 0
mprotect(0x7f03876b5000, 4096, PROT_READ) = 0
mprotect(0x7f0387af9000, 4096, PROT_READ) = 0
mprotect(0x7f03878e0000, 4096, PROT_READ) = 0
munmap(0x7f03878d5000, 39702)           = 0
statfs("/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
statfs("/selinux", {f_type=0xf97cff8c, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, 0}, f_namelen=255, f_frsize=4096}) = 0
stat("/selinux", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
brk(0)                                  = 0x7f0388d2b000
brk(0x7f0388d4c000)                     = 0x7f0388d4c000
socket(PF_NETLINK, SOCK_RAW, 9)         = 3
fcntl(3, F_SETFD, FD_CLOEXEC)           = 0
open("/usr/lib/locale/locale-archive", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=99158576, ...}) = 0
mmap(NULL, 99158576, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f0380a49000
close(4)                                = 0
open("/proc/sys/kernel/ngroups_max", O_RDONLY) = 4
read(4, "65536\n", 31)                  = 6
close(4)                                = 0
mmap(NULL, 528384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f038784f000
access("/etc/shadow", F_OK)             = 0
access("/etc/gshadow", F_OK)            = 0
open("/etc/default/useradd", O_RDONLY)  = 4
fstat(4, {st_mode=S_IFREG|0600, st_size=119, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878de000
read(4, "# useradd defaults file\nGROUP=10"..., 4096) = 119
socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 5
connect(5, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(5)                                = 0
socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 5
connect(5, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(5)                                = 0
open("/etc/nsswitch.conf", O_RDONLY)    = 5
fstat(5, {st_mode=S_IFREG|0644, st_size=1688, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878dd000
read(5, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1688
read(5, "", 4096)                       = 0
close(5)                                = 0
munmap(0x7f03878dd000, 4096)            = 0
open("/etc/ld.so.cache", O_RDONLY)      = 5
fstat(5, {st_mode=S_IFREG|0644, st_size=39702, ...}) = 0
mmap(NULL, 39702, PROT_READ, MAP_PRIVATE, 5, 0) = 0x7f0387845000
close(5)                                = 0
open("/lib64/libnss_files.so.2", O_RDONLY) = 5
read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360!\0\0\0\0\0\0"..., 832) = 832
fstat(5, {st_mode=S_IFREG|0755, st_size=65928, ...}) = 0
mmap(NULL, 2151824, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7f038083b000
mprotect(0x7f0380847000, 2097152, PROT_NONE) = 0
mmap(0x7f0380a47000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xc000) = 0x7f0380a47000
close(5)                                = 0
mprotect(0x7f0380a47000, 4096, PROT_READ) = 0
munmap(0x7f0387845000, 39702)           = 0
open("/etc/group", O_RDONLY|O_CLOEXEC)  = 5
fcntl(5, F_GETFD)                       = 0x1 (flags FD_CLOEXEC)
fstat(5, {st_mode=S_IFREG|0644, st_size=1188, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878dd000
read(5, "root:x:0:\nbin:x:1:bin,daemon\ndae"..., 4096) = 1188
close(5)                                = 0
munmap(0x7f03878dd000, 4096)            = 0
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x7f03878de000, 4096)            = 0
open("/etc/login.defs", O_RDONLY)       = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=1814, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878de000
read(4, "#\n# Please note that the paramet"..., 4096) = 1814
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x7f03878de000, 4096)            = 0
socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=2342, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878de000
read(4, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2342
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x7f03878de000, 4096)            = 0
open("/etc/group", O_RDONLY|O_CLOEXEC)  = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=1188, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878de000
read(4, "root:x:0:\nbin:x:1:bin,daemon\ndae"..., 4096) = 1188
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x7f03878de000, 4096)            = 0
open("/etc/.pwd.lock", O_WRONLY|O_CREAT|O_CLOEXEC, 0600) = 4
fcntl(4, F_GETFD)                       = 0x1 (flags FD_CLOEXEC)
rt_sigaction(SIGALRM, {0x7f0386dd2180, ~[], SA_RESTORER, 0x7f0386d156a0}, {SIG_DFL, [], 0}, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [ALRM], [], 8) = 0
alarm(15)                               = 0
fcntl(4, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = 0
alarm(0)                                = 15
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigaction(SIGALRM, {SIG_DFL, [], SA_RESTORER, 0x7f0386d156a0}, NULL, 8) = 0
getpid()                                = 30644
open("/etc/passwd.30644", O_WRONLY|O_CREAT|O_EXCL, 0600) = 5
write(5, "30644\0", 6)                  = 6
close(5)                                = 0
link("/etc/passwd.30644", "/etc/passwd.lock") = -1 EACCES (Permission denied)
open("/etc/passwd.lock", O_RDWR)        = -1 ENOENT (No such file or directory)
unlink("/etc/passwd.30644")             = 0
close(4)                                = 0
open("/usr/share/locale/locale.alias", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=2512, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03878de000
read(4, "# Locale name alias data base.\n#"..., 4096) = 2512
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x7f03878de000, 4096)            = 0
open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en_US.utf8/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en_US/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en.UTF-8/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, "useradd: cannot lock /etc/passwd"..., 51) = 51
exit_group(1)                           = ?
+++ exited with 1 +++

Gelöst! Der Mcafee HIPs-Agent hat verhindert, dass Kennwort- und Schattendateien im Verzeichnis / etc / erstellt werden.

Hier ist ein Link zum KB-Artikel, der zeigt, wie der Agent gestoppt wird:

Mcafee HIPs Agent


Sanity Check: Sind Sie auch root, wenn Sie useradd starten? Können Sie bitte den gesamten Befehl anzeigen, den Sie eingeben?
Bacon

[root @ r6 etc] # useradd gmiller
user1712037

Können Sie erstellen alle Dateien in / etc? touch /etc/foo Gibt es hier auch ein Host-Intrusion-Protection-System (Selinux, Symantec, Mcafee)?
Steve

1
Können Sie überprüfen , /proc/mountsund dmesgnur für den Fall wurde das Root - Dateisystem schreibgeschützt gemountet. Es wird nicht immer in der mountAusgabe des Befehls angezeigt.
Bratchley

Alternativ können Sie auch versuchen, es zwangsweise erneut zu montieren, um diesen Status zu löschen, wenn es schreibgeschützt ist.
Bratchley

Antworten:


0

Was zeigt strace?

strace -o /root/blah -ff useradd imatestuser

Insbesondere würde die Datei "/etc/.pwd.lock" von Ihrem Globus "/etc/*.lock" nicht gefunden.

blah.26812:statfs("/selinux", {...
blah.26812:open("/etc/.pwd.lock", O_WRONLY|O_CREAT|O_CLOEXEC, 0600) = 7
blah.26812:link("/etc/passwd.26812", "/etc/passwd.lock") = 0
blah.26812:link("/etc/shadow.26812", "/etc/shadow.lock") = 0
blah.26812:link("/etc/group.26812", "/etc/group.lock") = 0
blah.26812:link("/etc/gshadow.26812", "/etc/gshadow.lock") = 0
blah.26812:unlink("/etc/shadow.lock")              = 0
blah.26812:unlink("/etc/passwd.lock")              = 0
blah.26812:unlink("/etc/group.lock")               = 0
blah.26812:unlink("/etc/gshadow.lock")             = 0

Strace zur Frage hinzugefügt.
user1712037

Der fehlgeschlagene Aufruf lautet link("/etc/passwd.30644", "/etc/passwd.lock") = -1 EACCES (Permission denied): Dies ist, nachdem useraddDaten geschrieben werden können /etc/passwd.30644, sodass das Dateisystem nicht schreibgeschützt ist. Wenn Sie link(2)angeben, warum ein Link nicht hergestellt werden kann, wird angezeigt, dass das Dateisystem die Erstellung von Hardlinks nicht unterstützt. Dies bedeutet, dass Sie entweder ein seltsames Dateisystem haben oder eine seltsame Dateisystem-ACL etwas blockiert oder eine "Sicherheits" -Bibliothek wie Selinux oder Apparmour sticht dich zurück. Selinux hat ein Protokoll, das einen Blick wert sein könnte ...
Thrig
Durch die Nutzung unserer Website bestätigen Sie, dass Sie unsere Cookie-Richtlinie und Datenschutzrichtlinie gelesen und verstanden haben.
Licensed under cc by-sa 3.0 with attribution required.