Page 1 of 1

Bad advice to mess with /etc/passwd

Posted: Mon Mar 11, 2013 3:19 pm
by Hubertrum
I am trying to get Apache2/PHP/MySQL working but on this URL

http://www.wikihow.com/Make-a-Raspberry-Pi-Web-Server

It mentions going into .etc/passwd and
"
Find the line pi:x;1000:1000:Raspberry Pi User,,,:home/pi:/bin/bash and add a # sign to the beginning of it. Now save and exit the file."

Which I have done and now i'm stuffed as it doesn't recognise Pi. Or allow e to add Pi as a new user. How can I get around this?

Re: Bad advice to mess with /etc/passwd

Posted: Mon Mar 11, 2013 3:26 pm
by joan
Edit the file and remove the #.

Easiest if you mount the SD card in another Linux machine.

From Windows/Macs you'll need to find some software to download to allow the machine to recognise ext4 formatted disks.

Re: Bad advice to mess with /etc/passwd

Posted: Mon Mar 11, 2013 3:33 pm
by jojopi
If you followed all those instructions, you set a root password before disabling pi. So log in as root and re-edit /etc/passwd.

If not, boot in single user mode. Add the word "single" to cmdline.txt, keeping it all on one line. Now the system boots to a root shell. Re-edit passwd and cmdline.txt.

Re: Bad advice to mess with /etc/passwd

Posted: Mon Mar 11, 2013 3:38 pm
by rurwin
^what he said.

(But I thought it was a single "S" not the word "single". It might be either.)

Personally I would have thought that disabling a rather obscure but standard username, and enabling a widespread and very well-known standard username instead was questionable security. It also ophans all files owned by pi, which has got to be wrong.

It would be a whole lot better to create a new user with an obscure name that only you know, and disable both of the other ones by setting their password to "*" in /etc/shadow. But make sure the new user has sudo rights first.

Re: Bad advice to mess with /etc/passwd

Posted: Mon Mar 11, 2013 3:55 pm
by Hubertrum
I can't edit etc/passwd to remove '#' as I now don't have authority. I don't have another Linux machine. So how can I follow your advice and boot in single user mode?

Re: Bad advice to mess with /etc/passwd

Posted: Mon Mar 11, 2013 3:58 pm
by RaTTuS
you can edit /bbot/cmdline.txt on a windows machines with notepad+

Re: Bad advice to mess with /etc/passwd

Posted: Mon Mar 11, 2013 4:25 pm
by Hubertrum
Thanks

I editted cmdine.txt on Windows using Notepad Plus to add "single" to cmdline.txt. Rebooted the pi and then edited the etc/passwd file to remove the "#". Then I changed the cmdline.txt back to what it was.

Re: Bad advice to mess with /etc/passwd

Posted: Wed Mar 13, 2013 2:47 am
by technion
[quote="rurwin]
It would be a whole lot better to create a new user with an obscure name that only you know, and disable both of the other ones by setting their password to "*" in /etc/shadow. But make sure the new user has sudo rights first.[/quote]

+1
Just because it's in a guide doesn't mean it's right. Unfortunately in this case, the advice given really isn't great.