Re: Surprise null root password

From: Alexander Leidinger <Alexander_at_leidinger.net>
Date: Tue, 30 May 2023 06:41:33 UTC
Quoting bob prohaska <fbsd@www.zefox.net> (from Fri, 26 May 2023  
16:26:06 -0700):

> On Fri, May 26, 2023 at 10:55:49PM +0200, Yuri wrote:
>>
>> The question is how you update the configuration files,
>> mergemaster/etcupdate/something else?
>>
>
> Via etcupdate after installworld. In the event the system
> requests manual intervention I accept "theirs all". It seems
> odd if that can null a root password.
>
> Still, it does seem an outside possibility. I could see it adding
> system users, but messing with root's existing password seems a
> bit unexpected.

As you are posting to -current@, I expect you to report this issue  
about 14-current systems. As such: there was a "recent" change  
(2021-10-20) to the root entry to change the shell.
      
https://cgit.freebsd.org/src/commit/etc/master.passwd?id=d410b585b6f00a26c2de7724d6576a3ea7d548b7

By blindly accepting all changes, this has reset the PW to the default  
setting (empty).

I suggest to review changes ("df" instead of "tf" in etcupdate) to at  
least those files which you know you have modified, including the  
password/group stuff. After that you can decide if the diff which is  
shown with "df" can be applied ("tf"), or if you want to keep the old  
version ("mf"), or if you want to modify the current file ("e", with  
both versions present in the file so that you can copy/paste between  
the different versions and keep what you need).

Bye,
Alexander.

-- 
http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org    netchild@FreeBSD.org  : PGP 0x8F31830F9F2772BF