So I'm trying to migrate a Firewall-1 Management Server from one box to a
freshly installed box. I have an image that takes care of the baseline
installation of Solaris and an unconfigured Firewall-1 NG installation. I
just tried blatting /etc/{passwd,shadow,group} as well as configuring the
hostname and all the interfaces. I gave it a reboot to see how it all went,
and wasn't able to login. I'd just get
cannot chdir to /root, errno = 2
After providing a username and get returned to a login prompt. What I
believed to be the root password wasn't accepted in single-user mode. I'm
not sure if it's a permissions thing. I was relatively careless and just
went
cat > /etc/passwd
<pasted contents of /etc/passwd on existing server here>
^D
(and so on for /etc/shadow and /etc/group). This potentially left an
/etc/shadow with suboptimal permissions, but you wouldn't expect it to lock
you out altogether. I did fail to create home directories, but again, I
wouldn't expect that to lock me out either. So now I've booted into
single-user mode from a Solaris CD... Brown paper bag job by the looks of
it. I think I pasted /etc/group into /etc/shadow. That'll do it.
Now this is humorous:
# grep sarah /mnt/etc/passwd
sarahr:x:2001:500:Sarah Kay Roper:/home/sarahr:/bin/false
She contracted out here a long time ago. I guess this is a test
machine, so the password database isn't maintained (or was based on an old
snapshot of the production password database). Still, it's funny.
Yet I have digressed, and I have spoken too soon. That doesn't seem to have
resolved my lockout problems. I tire of this two-man reset and break to PROM
crap.
{1} ok setenv auto-boot? false
auto-boot? = false
Subsequent power cycling will result in a PROM prompt without any further
ado.
Ah, the problem is quite simple (I think I was grepping the wrong
/etc/passwd when I booted from CD and mounted the hard drive on /mnt). Some
brainiac has changed root's home directory to be /root (I actually prefer
this, but it's not the norm for Solaris) and this directory didn't exist.
That's quite incredible how if root's home directory doesn't exist, no one
can log in...