2

I am using a Debian 9 server.

Usually I access via ssh to a normal user (say user1) and su into root, because I disabled ssh into root. Lately I was setting up a git-server where I created a user git with the group git and restricted him to git-shell. Playing around a little while I added user1 to the group git like this:

usermod -aG git user1

This worked alright, user1 was member of the groups user1 and git. At the end I wanted to undo this, so I used:

usermod -G user1 user1

Shortly after this, I lost my internet connection and had to reconnect. I can ssh into user1 alright, but when using su to access root, there is an error: 

user1@hostname:~$ su 
Password: 
Cannot execute git: No such file or directory
user1@hostname:~$

I included the information about git-shell, because I have no idea what else could be the reason. Hopefully it is not all lost and somebody can help me to regain control.

PS: There isn't any other root-like user, so sudo isn't working, since user1 "is not in the sudoers file".

PPS: I could reset the root password via VPS-login, but I am not quite sure whether this is going to work or make everything worse.

Jeff Schaller
  • 66,199
  • 35
  • 114
  • 250
Pratched
  • 151
  • 5
  • Can you try `su -s /bin/sh` to try to get a root shell? – doneal24 Jun 15 '19 at 01:11
  • unfortunately same error... – Pratched Jun 15 '19 at 01:13
  • To work it some more, how about `su -s /bin/sh -c /bin/sh`? Seems like overkill but it's worth a try. – doneal24 Jun 15 '19 at 01:23
  • `Cannot execute git` - so similar error, the "missing directory" ist not mentioned here – Pratched Jun 15 '19 at 01:25
  • would `root` password reset be worth a try? – Pratched Jun 15 '19 at 01:26
  • Out of curiosity, what shell is listed for root in /etc/passwd? – doneal24 Jun 15 '19 at 01:38
  • `root:x:0:0:root:/root:git` – Pratched Jun 15 '19 at 01:39
  • Definitely a problem. Boot into rescue mode or off of a rescue cd and change the root shell to `/bin/sh` – doneal24 Jun 15 '19 at 01:42
  • Any idea how this could have happend? – Pratched Jun 15 '19 at 01:44
  • (1) I’m guessing, from the discussion in the comments, that, after the system gave you that error message, it dropped you back into your normal `$ ` prompt.  *You should [edit] your question to say that.*  If it had given you the error message, but then given you the `# ` prompt, this would be a totally different question.  (2) You say “I could reset the root password”.  Since it’s not giving you a password-related error,   … (Cont’d) – Scott - Слава Україні Jun 15 '19 at 02:07
  • (Cont’d) …  changing the password is unlikely to help — but how would you reset the password when you can’t become `su`?  (I know how to do it; my point is that you should *say* how you would do it.)  (3) Once you get this straightened out, I encourage you to set up `sudo`.  (4) How could this have happened?  I’m wondering that, too.  If you’re bold and have time on your hands, after you get this straightened out, you might try repeating your steps, doing ``grep '^root' /etc/passwd`` after every step, to see where it happens. (And then report your findings.) – Scott - Слава Україні Jun 15 '19 at 02:07
  • Edited my question due to Scott´s comment and first thing in the morning, I will set up `sudo`. Following up my steps seems good practice, which I hopefully will try. Thanks a lot @Scott for your input and @doneal24 for the "solution". – Pratched Jun 15 '19 at 02:17
  • One of you: please post the answer ***as** **an answer*** and remove it from the question. – Scott - Слава Україні Jun 15 '19 at 02:21
  • @Pratched You shouldn't mark your answer as SOVLED like that, this is not the practice here, :-) Please chose a answer if it answer if it meets your needs for an answer, there is sign on the left of each answer which you click on to mark that answer as "the" answer – somethingSomething Jun 15 '19 at 03:50

1 Answers1

1

Solved only with rescue mode:

  • boot into "rescue mode" - probably available at most VPS
  • mount appropiate drive
  • nano /path/to/mounted/drive/etc/passwd
  • change root entry to root:x:0:0:root:/root:/bin/bash
  • save, exit and reboot without rescue mode

Different approaches like 

user1@hostname: ~$ su -s /bin/sh

or 

user1@hostname: ~$ su -s /bin/sh -c /bin/sh

did not work and only replied with the same error message.

I did not find the reason (yet), but based on the comments of @doneal24 I regained control over my system. If i can clearify the reason, I will provide the details - see edit below.

REPRODUCING: I (accidentally) found out how I changed the root shell. According to this from ProGit, I thought chsh -s $(command -v git-shell) <user> is enabling the git-shell for input. But inserting git for <user> changes the shell for root.

root@hostname ~ # chsh -s $(git init ./project1.git git-shell) git
usage: git init [-q | --quiet] [--bare] [--template=<template-directory>]             [--shared[=<permissions>]] [<directory>]
chsh: Warning: git does not exist
root@hostname ~ #

I probably misinterpreted the information on ProGit, because this seems a lot like what I wrote under EDIT.

EDIT1: See below on how it actually will be changed.

root@hostname ~# chsh root -s git
chsh: Warning: git does not exist
root@hostname ~#

changed the entry to 

root@hostname~ # cat /etc/passwd | grep root
root:x:0:0:root:/root:git
root@hostname~ #

which is curious, as something like 

root@hostname ~# chsh root -s /bin/bash
Password:
chsh: PAM: Authentication failure
root@hostname ~#

is not working.

Pratched
  • 151
  • 5