With the emergence of this year's largest Linux security vulnerability Bash Vulnerability, our company also began Fengfenghuohuo bug repair work, more machines, also prone to problems, a 64-bit Linux server accidentally upgraded 32 bash rpm, due to root, Oracle these users by default are through the/bin/bash to login, which caused the user can not log on the server caused great distress, the following is the solution, because in the production environment to solve the time, through the virtual machine environment to simulate the situation:
We simulated the manufacturer Bash packaging error by removing Bash's RPM package:
Before that, let's take a look at some of the most common shell relationships in Linux
[09:18:56 root () @kiwi ~]# ll/bin/shlrwxrwxrwx. 1 root root 4 Sep 07:59/bin/sh-bash[09:19:02 root () @kiwi ~]# ll/bin/ksh-rwxr-xr-x. 1 root root 168016 Jul 1999/bin/ksh[09:19:09 root () @kiwi ~]# ll/bin/cshlrwxrwxrwx. 1 root root 4 Sep 08:03/bi N/CSH-tcsh[09:19:21 root () @kiwi ~]# ll/bin/tcsh-rwxr-xr-x. 1 root root 387328 Dec 2012/bin/tcsh
As you can see, SH is just a soft connection to bash, and if bash is damaged, SH will be damaged and you won't be able to log into the system.
Now for simulation
Bash has now been forced to remove the RPM, see the user's login mode
[09:22:13 root () @kiwi ~]# Cat/etc/passwdroot:x:0:0:root:/root:/bin/bashoracle:x:500:500::/home/oracle:/bin/bash
Restarting the server
I found the system stuck here, and I couldn't get into the login screen.
Usually, the Linux system a problem, we think of the Linux rescue mode, OK, now enter the rescue mode to see if we can solve such a problem
Step by step We all choose the default
See here, a lot of people must be very happy, now directly install bash RPM package, this problem can be easily solved
In fact, now Bash just has to provide a virtual Linux system for the CD, at the moment we have not really entered our server system, follow the prompts above to enter:
Chroot/mnt/sysimage
can see the following error, should be sh just bash soft connection, now bash is gone, SH will not be able to connect the first attempt failed
Linux actually has another way of landing, called crossing the console of the landing mode:
Crossing the console login is not required to enter the root password, if you lose the root password, it is necessary to think of crossing the console login; The rescue model we mentioned earlier is essentially a cross-console login, because no password authentication is required to log on to the system;
Cross Console login includes: Login with grub and lilo across console, Linux rescue mode, third party LIVECD system and third party Linux system;
1) If you are using grub for system boot;
After Grub is started, move the keyboard to Linux startup items;
Press the E key;
Continue to press E
Then move the keyboard to a line similar to the following, which is kernel:
KERNEL/BOOT/VMLINUZ-2.6.11-1.1369_FC4 ro root=label=/1 rhgb quiet
After moving the cursor over the line, click the E key, enter the edit line, and then enter the following:
KERNEL/BOOT/VMLINUZ-2.6.11-1.1369_FC4 ro root=label=/1 rhgb quiet Linux Init=/bin/ksh
End edit, press ENTER to return;
Then we have to start the system, click the B button to start;
So we can start the Linux system with another shell.
The system may be read-only;
To run the following command;
#mount-O REMOUNT,RW/
Then we can see the file system loading through df-h, and since all the file systems have been mounted, what is there to work on? Reset root password, backup file ...
You can see that we have attached the disc to the/media and can install Bash's rpm image directly to fix it.
Restart the server, found that the remote can be a smooth connection to the server, problem solving!!
From a production accident--linux single-user mode, rescue mode, etc.