Anders Hogrelius wrote:
> 
> It seems it did something else, possibly related to the crash that occured
> later this morning. _All_ passwords were corrupted, so no one could log
> in, with the sole exception of the user I just had added using vipw. To be
> able to restore the server, and even be able to login as root, I had to
> copy passwd, master.passwd and spwd.db from the latest backup. Something
> isn't right with passwd or vipw, or possibly on a lower level. I'm not
> familiar enough with how handling of the passwords work to have a real
> opinion on the subject. No matter what caused it to fail, I would argue
> that no other failure should be allowed to propagate, and cause something
> like this. If something fails when setting a new password, the worst case
> scenario should be that the password wasn't changed.
> 
> The thing that happened with the files, was that master.passwd ended up
> with the same contents as passwd, that is there were no password hashes
> in spwd.db, and only * instead of the password in both files, for all
> users except the last user added. As far as I know this shouldn't be able
> to happen.
> 
> Anders
> 
> --

	Could this machine have been compromised by someone?

--
---   Dave Woyciesjes
---   ICQ# 905818