I deleted the "/etc/passwd" file and cannot log in

authentication users passwd-file login

21,207

Solution 1

No, given your description, you did not lose any of your files (except /etc/passwd, which you deleted, but which you had backed up).

Boot an Ubuntu live CD/DVD or live USB flash drive. Select Try Ubuntu (not Install Ubuntu). When the desktop loads, open a Nautilus (file browser) window. You can find the partition for your Ubuntu system under Devices. Click on it to mount it.

Now you can restore the backup. You have to do it as root, however. Here's one pretty easy way to do it.

Open a Terminal window (Ctrl+Alt+T). In the Terminal, type cd and type the Space key, but don't press Enter yet.
In Nautilus, find the etc directory inside the installed Ubuntu system. (This is not the same as the etc directory for the live CD. The etc directory inside the installed Ubuntu system is in the partition you just mounted.)
Drag this etc directory into the Terminal, which will paste its full path into the Terminal, completing the cd ... command.
Press Enter to run the command. Now you're in the directory that contained your passwd file. I am assuming that your backup file, passwd_bkp, is also located here.
Run this command:
```
sudo cp passwd_bkp passwd
```

That restores the passwd file from your backup, so now you should be able to reboot, remove the CD/DVD or USB flash drive, and boot back into your installed Ubuntu system. Your installed Ubuntu system should work again.

For the future, you should be aware that it is not recommended to manually edit /etc/passwd, /etc/group, /etc/shadow, or /etc/gshadow. Instead, you should use the utilities provided as part of Ubuntu to make any changes you need to users and groups on your system. You're probably aware that you can edit this in System Settings or with users-admin. But there are also very powerful command-line utilities for this, which are still much safer and easier than manually editing the configuration files yourself. Here's documentation on the most relevant such utilities in Ubuntu:

adduser / addgroup
deluser / delgroup
usermod
groupmod
useradd (lower-level than adduser, you should usually use adduser instead)
userdel (lower-level than deluser, you should usually use deluser instead)
groupadd (lower-level than addgroup, you should usually use addgroup instead)
groupdel (lower-level than delgroup, you should usually use delgroup instead)
passwd
gpasswd
pwck
grpck

You can change your username with some of those utilities. This answer explains one way in detail. However, you should be aware (as is currently touched on by a comment there) that some applications assume your username remains the same. So changing your username might cause some problems.

Solution 2

As an alternative to booting a livecd, you could press e at the grub menu to edit the rescue mode entry, and add init=/bin/sh to the kernel arguments. This will drop you right to a root shell where you can copy the backup file back to the original after remounting the filesystem read-write with mount -o remount,rw /.

Solution 3

You should read first Eliah Kagan's answer, before continuing reading this answer. He explains how to deal with the situation and why it is usually not necessary to change /etc/passwd manually.

Anyhow if you really know what you are doing and you need to edit /etc/passwd manually, you can do it, but still you should not simply change the files with your favourite editor. Instead there is the tool

vipw

From the man pages:

The vipw and vigr commands edits the files /etc/passwd and /etc/group,
respectively. With the -s flag, they will edit the shadow versions of those
files, /etc/shadow and /etc/gshadow, respectively. The programs will set
the appropriate locks to prevent file corruption.

For e.g. if you want to change a users UID, as far as I know, to edit the files manually, is the only way. Also if you want to change a users password and then back to its previous without knowing it, there is no way with usermod or so. But if you save the hashed password form the shadow file, then change the user's password you can afterwards add the hashed password again editing the shadow file with vipw -s.

Solution 4

After following @EliahKagan's answer I could not login from lightdm and my account wasn't listed. I discovered that the permission of the passwd file was not set up properly; the lightdm user did not have access to it. Here's how I fixed it:.

change to the /etc directory

cd /etc

Then change the permissions to 644

sudo chmod 644 passwd

Then do ls -la

the permission string should look like this

-rw-r--r--

View more solutions

21,207

joao rodrigo leao

Updated on September 18, 2022

Comments

joao rodrigo leao over 1 year

I was trying to change my username and also my home directory (/home/username) and my system started to crash. I deleted the passwd file but I had a backup named passwd_bkp. I tried to rename this passwd_bkp as passwd and it did not work. No commands were being executed... I was in a terminal window.

I restarted my system and now I cannot log in. GRUB gives two options: Linux and recovery mode.

I tried to open a sessions as root but it says the filesystem is corrupted. I cannot access my files.

Did I lose all my files?
- david6 almost 12 years
  
  To your follow-up question: Replace your password, using recovery technique. See: askubuntu.com/questions/24006/…
- Eliah Kagan almost 12 years
  
  @david6 When a user cannot login because there is no /etc/passwd file, it is also not possible to reset the password. You have to restore (or recreate) the passwd file. And once that's done, generally there is no need to reset the password.
- david6 almost 12 years
  
  @Eliah Kagan: Agreed, but I was answering the follow-up question, after /etc/passwd was (supposedly) restored from backup copy.
joao rodrigo leao almost 12 years

Thank you so much. It is four o' clock in the morning here in south Brazil...I was so woried that I could not sleep. I will try that...
Eliah Kagan almost 12 years

Are you sure this will work? Without /etc/passwd, there is no user called root, and no user with uid=0. Will the needed utilities necessarily work under those unusual conditions?
psusi almost 12 years

@EliahKagan, there is always a user with uid=0 since that is the uid that the kernel starts the first process out with. cp or mv don't need /etc/passwd.
Lekensteyn over 10 years

If you did not make a backup, try using /etc/passwd- or /var/backups/passwd.bak. Be sure to set the correct permissions. Example: sudo install -m644 /etc/passwd- /etc/passwd
rowntreerob about 10 years

this saved my dumb butt! i manual edit on /etc/shadow regarding crontab stuff. I did not know one does not mess with 'shadow'.... I thought that i was f**ckd but thank god for @psusi.... I edited the grub menu for recovery added /bin/sh as he said , followed his mount and just copied shawdow from /var/backups over the corrupt one in /etc... Good as new.. thanks