Can't Access /root After Reset Root Password

[mhakim]

After following Method 1 from this URL : https://pve.proxmox.com/wiki/Root_Password_Reset

I can't access my /root directory with this error :
Linux vm 5.11.22-1-pve #1 SMP PVE 5.11.22-2 (Fri, 02 Jul 2021 16:22:45 +0200) x8 6_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have mail.
Last login: Mon Dec 27 12:22:30 2021 from 192.168.111.164
Could not chdir to home directory /root: Permission denied
-bash: /root/.bash_profile: Permission denied
root@vm:/$ cd root
-bash: cd: root: Permission denied

anyone can help?

 

[t.lamprecht]

Hmm, what's your UID and what is the file ownership and permissions on /root? The following commands could help to get those details:

id
stat /root
ls -l /

 

[mhakim]

the result are :

root@vm:/$ id
uid=1(root) gid=0(root) groups=0(root)
root@vm:/$ stat /root
  File: /root
  Size: 16              Blocks: 17         IO Block: 1024   directory
Device: 1ah/26d Inode: 534         Links: 4
Access: (0700/drwx------)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2021-07-06 02:09:54.000000000 +0700
Modify: 2021-12-20 16:46:24.434340015 +0700
Change: 2021-12-20 16:46:24.434340015 +0700
 Birth: -
root@vm:/$ ls -l /
total 73
lrwxrwxrwx   1 root root    7 Jul  6 02:09 bin -> usr/bin
drwxr-xr-x   5 root root   11 Oct 11 12:29 boot
drwxr-xr-x  23 root root 5120 Dec 27 14:46 dev
drwxr-xr-x  87 root root  178 Dec 27 12:22 etc
drwxr-xr-x   2 root root    2 Apr 11  2021 home
lrwxrwxrwx   1 root root    7 Jul  6 02:09 lib -> usr/lib
lrwxrwxrwx   1 root root    9 Jul  6 02:09 lib32 -> usr/lib32
lrwxrwxrwx   1 root root    9 Jul  6 02:09 lib64 -> usr/lib64
lrwxrwxrwx   1 root root   10 Jul  6 02:09 libx32 -> usr/libx32
drwxr-xr-x   2 root root    2 Jul  6 02:09 media
drwxr-xr-x   3 root root    3 Jul  6 02:09 mnt
drwxr-xr-x   2 root root    2 Jul  6 02:09 opt
dr-xr-xr-x 369 root root    0 Dec 27 14:46 proc
drwx------   4 root root   16 Dec 20 16:46 root
drwxr-xr-x   4 root root    4 Oct  6 18:30 rpool
drwxr-xr-x  31 root root 1340 Dec 27 16:10 run
lrwxrwxrwx   1 root root    8 Jul  6 02:09 sbin -> usr/sbin
drwxr-xr-x   2 root root    2 Jul  6 02:09 srv
dr-xr-xr-x  13 root root    0 Dec 27 14:46 sys
drwxrwxrwt   9 root root    9 Dec 27 14:46 tmp
drwxr-xr-x  14 root root   14 Jul  6 02:09 usr
drwxr-xr-x  11 root root   13 Jul  6 02:09 var
root@vm:/$

 

[t.lamprecht]

uid=1(root)

Erm, you got 1 as UID, but root uses 0, e.g., the stat call uses 0:

Access: (0700/drwx------) Uid: ( 0/ root) Gid: ( 0/ root)

So, it'd seem to me that on password reset the root user got it's ID changed from 0 to 1 by mistake.

Can you also post the output of:

Can you also post the output of: grep -nT root /etc/passwd /etc/group

So that we can get the UID configuration (fyi: those files do not contain the actual sensitive information of the hashed password, that'd would be in /etc/shadow which should not be posted publicly)

You'd then need to repeat the steps from the password reset to get in an environment where you can actually write the passwd/group/shadow files, as currently you're using a users that's not actually root from POV of the system (while it's name is root, but the ID is what gets actually checked and that needs to be 0), but lets see above output first to get a better picture.

 

[mhakim]

this is the result:

root@vm:/$ grep -nT root /etc/passwd /etc/group
/etc/passwd:   1:       root:$y$XcensoredX:1:0:root:/root:/bin/bash
/etc/group:  1: root:x:0:
root@vm:/$

 

[t.lamprecht]

Yeah, your root users really is configured for the wrong ID, and it seems your hashed password was in the passwd file, not the shadow one - which is weird. I censored it for now in your post.

To fix the wrong uid you'd need to the steps from method 1 from the wiki up until the passwd one, there use an editor like nano or vi (more complicated if you're not used to vi/vim) and change that 1 after the second colon (:) to a 0, keep the rest as is!

 

[mhakim]

so i have to delete the underline one and change the bold one, Am I correct?
root@vm:/$ grep -nT root /etc/passwd /etc/group
/etc/passwd: 1: root:$y$XcensoredX:1:0:root:/root:/bin/bash
/etc/group: 1: root:x:0:
root@vm:/$

 

[t.lamprecht]

so i have to delete the underline one and change the bold one, Am I correct?

not quite, for the minimal-invasive change now you'd only change the bold one - keep the underlined part as it is in the file on your server.

 

[mhakim]

great, it's working.
i gain the real root access now.

thank you very much.