From a production accident-linux single-user mode, rescue mode, and so on
With the emergence of the bash vulnerability, the largest security vulnerability in linux this year, our company also began to fix the vulnerability. If there are more than one machine, it is prone to problems, A 64-bit linux Server accidentally upgrades the 32-bit bash rpm. Because of the root, oracle users log on through/bin/bash by default, this causes the user to be unable to log on to the server, causing great trouble. The following is a solution. Because it cannot be solved in the production environment, the virtual machine environment is used to simulate the current situation:
We can delete the bash rpm package to simulate the bash packaging error of the producer:
Before that, let's take a look at the relationship between several common linux shells.
[09:18:56 root()@kiwi ~]# ll /bin/shlrwxrwxrwx. 1 root root 4 Sep 15 07:59 /bin/sh -> bash[09:19:02 root()@kiwi ~]# ll /bin/ksh-rwxr-xr-x. 1 root root 168016 Jul 21 1999 /bin/ksh[09:19:09 root()@kiwi ~]# ll /bin/cshlrwxrwxrwx. 1 root root 4 Sep 15 08:03 /bin/csh -> tcsh[09:19:21 root()@kiwi ~]# ll /bin/tcsh-rwxr-xr-x. 1 root root 387328 Dec 18 2012 /bin/tcsh
As you can see, sh is only a soft connection to bash. If bash is damaged, sh will be damaged and you will not be able to log on to the system.
Simulate now
[09:19:29 root()@kiwi ~]# rpm -qa bashbash-4.1.2-15.el6_4.x86_64[09:21:46 root()@kiwi ~]# rpm -e bash --nodepswarning: %postun(bash-4.1.2-15.el6_4.x86_64) scriptlet failed, exit status 127[09:22:05 root()@kiwi ~]# rpm -qa bash[09:22:13 root()@kiwi ~]#
Now the bash rpm has been forcibly deleted, and the login methods of various users are displayed.
[09:22:13 root()@kiwi ~]# cat /etc/passwdroot:x:0:0:root:/root:/bin/bashoracle:x:500:500::/home/oracle:/bin/bash
Restart the server
The system is stuck here and cannot enter the login interface.
Generally, when there is a problem with the linux system, we think of the linux rescue mode. Well, now we can enter the rescue mode to see if this problem can be solved.
Step by step, we select the default
Many people are very happy to see this. Now we can install the bash rpm package directly, but this problem cannot be easily solved.
In fact, bash is only a virtual linux system provided by the CD. At this moment, we have not really entered the system of our server. Follow the above prompt to enter:
chroot /mnt/sysimage
We can see that the following error is reported. It should be that sh is only a soft connection to bash. Now bash is gone, and sh cannot be connected for the first time.
There is actually another login method in linux, called the login method that spans the console:
You do not need to enter the root password to log on across the console. If you lose the root password, you need to log on across the console. The rescue mode we mentioned earlier is essentially a logon across the console, you can log on to the system without password verification;
Cross-Console Logon mainly includes: Using grub and lilo to log on across the console; linux rescue mode; third-party livecd system and third-party Linux system;
1) if grub is used for system guidance;
After grub is started, move the keyboard to the Linux Startup item;
Press the e key;
Continue to press e
Then move the keyboard to a line similar to the following, that is, the line of the kernel:
Kernel/boot/vmlinuz-2.6.11-1.1369_FC4 ro root = LABEL =/1 rhgb quiet
Move the cursor to this line and press the e key to edit the line. Enter a space at the end of the line and enter the following:
kernel /boot/vmlinuz-2.6.11-1.1369_FC4 ro root=LABEL=/1 rhgb quiet linux init=/bin/ksh
End editing. Press enter to return;
Next we need to start the system and press the B key to start it;
In this way, we can use another shell to start the linux system.
The system may be read-only;
Run the following command;
#mount -o remount,rw /
Then we can use df-h to check the file system loading. Since all the file systems are mounted, What can't we do? Reset the root password and backup the file ......
We can see that we have mounted the disc to/media, and we can directly install the bash rpm image to fix it.
Restart the server and find that the remote connection to the server is successful. The problem is solved !!
How to enter Linux single-user mode
One of the advantages of the single-user mode is that you do not need to use a boot floppy disk or boot CD; however, it still provides you with the option of mounting the file system to read-only mode or simply not to mount the file system. In single-user mode, your computer is directed to runlevel 1. Your local file system is mounted, but your network is not activated. You have an available system to maintain the shell. Unlike the rescue mode, the single-user mode automatically tries to mount your file system. If your file system cannot be mounted successfully, do not use the single-user mode. If the running level 1 configuration on your system is corrupted, you cannot use the single-user mode. If your system is guided but you are not allowed to log on after the boot, you can try to use the single-user mode. If you are using GRUB, follow these steps to boot into the single-user mode: If you have configured the GRUB Password, type p and enter the password. Select Red Hat Linux with the kernel version you want to boot, and then type e to edit it. You will see a project list in the configuration file used for the selected volume label. Select the line whose name is kernel first, and type e to edit the line.
In linux, how many modes are there? What is the role of linux single-user mode? What other models are used?
0: Shutdown
1: single-user mode
2: multi-user mode without network support
3: multi-user mode with network support
4: reserved, not used
5. Multi-user mode with network support and X-Window support
6. reboot the system.
When the Linux system is in normal state, after the server host is started (or restarted), the system pilot program can automatically boot the Linux system to multi-user mode and provide normal network services. If the system administrator needs to perform system maintenance or a startup exception occurs, the system needs to be managed in single-user or repair mode. One premise of using the single-user mode is that your system Boot Tool (grub) works normally. Otherwise, you must use the repair mode for system maintenance. Note: In single-user mode, network service is not enabled and remote connection is not supported.
In a Linux system, different Run levels indicate different running states of the system. For example, if a Linux server is running normally at the Run Level 3, it is a multi-user mode that can provide network services; the running level 1 only allows administrators to operate on the server host through a single console, that is, "single user mode ".