Managing a linux machine can be from extremely easy to extremely difficult depending on the level of abstraction to the system you are willing to use. For instance, using an Ubuntu distribution with an administrator-like user account (that’s a sudo-er) and synaptic, makes things actually pretty easy. But, in my humble opinion, the time when you need to get your hands a bit dirty will come sooner or later. Either you will need a program that is not available from the official sources (so compiling seems to be the only way) or you will be curious on “how can this be done manually”. And then the magic begins…
You start a quest on installing or modifying something and, as the time goes by, you get tired. Now, what is wrong with that? Well, you start typing without really thinking. You just hit the keys on your keyboard and press enter. What’s wrong with that? Well, if you are logged in as root – and chances is that you are since you work on something on the system – then most probably you will be in a lot of trouble. Why’s that? Because, when the system gets a command from his root, his absolute and true God, his one and only master, will do exactly what is told to do. Even if it means messing up things for good.
I can already see a face from all the Ubuntu users with one thought going through their mind “i use sudo”. I would say that sudo is good (too good to be true actually) but when you have a batch of things to do you get tempted on just logging in as root and get it over with (i know that you can do a sudo session but that’s not the point here).
To make things clear we have all been there, including me. You just type and hit enter and ten seconds later you are like “what the @#$%#$%^$%^ have i done!”. In this post i decided to list a few nice and glorious moments i have collected from my experience with Linux and through talking with poor friends. It’s just for fun and not actually to insult or make fun of anyone. So, here i go!
There you are opening your first ssh to a machine that someone gave you access. Normally, that guy just used a simple password and urged you to change it once you log in. Once you successfully have a console under your fingers you decide to type in some smart password. Something you use a lot and in most places (like mails, forums etc). You simply type this:
Yes that was mine. What’s wrong with this? Well Read The Fine(??) Manual or RTFM.
passwd [options] [LOGIN]
Duh! You type the passwd command, followed from the username you want to change the password for. If no username provided the current user’s is selected. But what will happen above?
passwd: unknown user mySuperExtraSafePassword
And why is that bad? Because you entered an invalid parameter to a command and this is getting logged. Yes genius, now the system’s root can see your password. So, you better get to work, find a new one and start changing it to all your accounts. Bravo good job!
Suppose you have the following C program.
Roughly, the above code does the following. It takes a parameter that is a file name and opens that file for writing. Then, some serious code follows that is suppose to do some stuff to the file contents and write back some results. Then the function returns and the program exits. Now what is wrong with the above? No fclose on the file! What does that mean? Well, fopen with “w” as a parameter means that you will be replacing the file contents entirely rather than appending (you would use “a” as parameter for a simple append). Moreover you do not issue an fclose which means that all the changes and maybe data are buffered and never written back to the file. Nice! You just created a file truncater.
Now, you are trying the program your self and you don’t see any results (yes just an empty file i know). You are starting to feel frustrated and head over to a friend to test it. You are known as an excellent programmer and your friend has faith on you. Too much to be honest. So, he is like “well what do you need me to do?”. A small conversation follows and then “well you need to run it with a file as a parameter. Fine…”. And the following command comes:
root@a_soon_dead_machine$gcc -o my_disasterous_program my_disasterous_program.c
First line compiles the program. Yes, no error or warning occurs so your confidence to your friend’s programming grows. Line two runs it with /etc/passwd as a parameter. And then you are pretty much in big trouble. You have not realized it yet, but still, you are in trouble. Now, i bet a very long conversation on what the program should do and didn’t do follows with your friend. One thing leads to another and there you have it, you finally log out. So far so good. What happens of you try to log in again? Disaster knocks on your door, bursting out to laughs, and you simply can’t log in no matter what. Weird, you think. I’ll try root see what happens. Well the message is always the same:
The gates are closed and you are outta here! But wait what exactly happened? You think what you did the last time you were logged in and, bingo! Let me take a quick look on the program again…. Yada yada yada……. Wait! Where is fclose? And why is it “w”! And why in heaven did i run it with /etc/passwd?? That’s it. You nailed your problem. That innocent little thing emptied out your passwd file for good and, yes, no login is possible in any way what so ever. At least you found the bug… Way to go!
For some reason the passwd file has been on the target of every self respected system administrator when it comes to testing. It’s among the most crucial files on your Linux system, yet, it still is the first thing you try your luck on. It’s like a jugler playing with fire. He knows he won’t get burned because he has too much self esteem. You know you are king of the jungle, the one and only. Thus, a simple test with the passwd file will never hurt you (as illustrated above clearly). Moreover who needs those nice little command line tools for managing accounts and changing shells. You are the master and you know your way around. You want to change your default shell from bash to tcsh and you will do it manually. So, first things first:
Ok. Now you have the future of your machine in the surgical table except you haven’t noticed it yet. You think it’s something easy and trivial. You keep on going. You find the line where root user is defined and then you see that the shell is /bin/bash. Because you are overconfident, as mentioned, you simply change that to /bin/tcsh. No checking if the shell is even installed or at that exact path. Just put it there like it’s nothing. That confidence will come back at you and bite you in the ahm… you know where. You just save and exit. Finally, you log out and try to login again to run in tcsh. Here is a sample of what might happen:
Password: [you type the super long secure pass]
/bin/tcsh: Command not found.
Ok now i wish i could see your face (i have seen mine!). Then what follows naturally is something like this:
dumb_user@already_dead_machine>ls /bin | grep tcsh
Aha. It’s official, you are dead. What you did here is disasterous. You changed your root shell without verifying it exists and now you are trying to log in, the system tries to run that non existent shell, which obviously it can’t, so you are simple locked out. There is only one salvation to it and this is only if you are lucky to have sudo installed. If so then you can run this:
dumb_user@already_dead_machine>sudo vim /etc/passwd
If everything goes well and you are lucky, you will be able to change the shell of the root user back to the original one. If not then, all i have to say is that you were after it.
All the above where real cases that where brought to my attention. I either was there when they happened, or even worse, did them myself. They sound funny and stupid now but, believe me, they are not funny neither so obviously stupid when they happen. It’s painfull to lose an installation of a machine (especially a server) from such a stupid reason. So, i hope this made you laugh and maybe remind you of some story of your own?