修改服务器root密码 错误 “passwd: Authentication token manipulation error”
百度了各种解决方案
总结 1. 权限问题
lsattr /etc/passwd/ -------------e- /etc/passwd
lsattr /etc/shadow/ -------------e- /etc/passwd用lsattr命令查看存放用户和密码的文件属性,发现有i选项: (i:不得任意更动文件或目录。)所以导致所有的用户都不能修改密码,因为没有权限允许。
这种情况我们需要用chattr命令将i权限撤销,然后再修改
总结 2 . ``同步/etc/passwd 和/etc/shadow出错
#pwconv
pwconv: can't lock passwd file我的没有这个报错
总结3
看权限没有异常,也没有进程锁定该文件
ll /etc/passwd
文件权限已经开到最大
cp lock文件出错,提示空间不足
cp /tmp/.pwd.lock /etc
以上均没有报错
再次修改密码仍然出错,于是尝试修改/etc/passwd也出现错误
最后怀疑系统版本问题,centos7开始 对这个文件有保护
于是查找centos7报该错误的解决方案,果然有很多猿类都遇到该问题
是selinux导致的
关闭selinux就可以修改密码了
/usr/sbin/setenforce 0 立刻关闭 SELINUX
/usr/sbin/setenforce 1 立刻启用 SELINUX
但是尝试后仍然无法修改密码
最终总结
down vote
accepted
It's failing because passwd manipulates a temporary file, and then attempts to rename it to /etc/shadow. This fails because /etc/shadow is a mountpoint -- which cannot be replaced -- which results in this error (captured using strace):
102 rename("/etc/nshadow", "/etc/shadow") = -1 EBUSY (Device or resource busy)
You can reproduce this trivially from the command line:
cd /etc
touch foo
mv foo shadow
mv: cannot move 'foo' to 'shadow': Device or resource busy
You could work around this by mounting a directory containing my_shadow and my_passwd somewhere else, and then symlinking /etc/passwd and /etc/shadow in the container appropriately:
$ docker run -it --rm -v $PWD/my_etc:/my_etc centos
[root@afbc739f588c /]# ln -sf /my_etc/my_passwd /etc/passwd
[root@afbc739f588c /]# ln -sf /my_etc/my_shadow /etc/shadow
[root@afbc739f588c /]# ls -l /etc/{shadow,passwd}
lrwxrwxrwx. 1 root root 17 Oct 8 17:48 /etc/passwd -> /my_etc/my_passwd
lrwxrwxrwx. 1 root root 17 Oct 8 17:48 /etc/shadow -> /my_etc/my_shadow
[root@afbc739f588c /]# passwd root
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@afbc739f588c /]#