linux 修改密码 authen,Linux 修改密码“ Authentication token manipulation err”

修改服务器root密码 错误 “passwd: Authentication token manipulation error”

百度了各种解决方案

总结 1. 权限问题

lsattr /etc/passwd/ -------------e- /etc/passwd

lsattr /etc/shadow/ -------------e- /etc/passwd

用lsattr命令查看存放用户和密码的文件属性，发现有i选项： (i：不得任意更动文件或目录。)所以导致所有的用户都不能修改密码，因为没有权限允许。

这种情况我们需要用chattr命令将i权限撤销，然后再修改

总结 2 . ``同步/etc/passwd 和/etc/shadow出错

#pwconv

pwconv: can't lock passwd file

我的没有这个报错

总结3

看权限没有异常，也没有进程锁定该文件

ll /etc/passwd

文件权限已经开到最大

cp lock文件出错，提示空间不足

cp /tmp/.pwd.lock /etc

以上均没有报错

再次修改密码仍然出错，于是尝试修改/etc/passwd也出现错误

最后怀疑系统版本问题，centos7开始 对这个文件有保护

于是查找centos7报该错误的解决方案，果然有很多猿类都遇到该问题

是selinux导致的

关闭selinux就可以修改密码了

/usr/sbin/setenforce 0 立刻关闭 SELINUX

/usr/sbin/setenforce 1 立刻启用 SELINUX

但是尝试后仍然无法修改密码

最终总结

down vote

accepted

It's failing because passwd manipulates a temporary file, and then attempts to rename it to /etc/shadow. This fails because /etc/shadow is a mountpoint -- which cannot be replaced -- which results in this error (captured using strace):

102 rename("/etc/nshadow", "/etc/shadow") = -1 EBUSY (Device or resource busy)

You can reproduce this trivially from the command line:

cd /etc

touch foo

mv foo shadow

mv: cannot move 'foo' to 'shadow': Device or resource busy

You could work around this by mounting a directory containing my_shadow and my_passwd somewhere else, and then symlinking /etc/passwd and /etc/shadow in the container appropriately:

$ docker run -it --rm -v $PWD/my_etc:/my_etc centos

[root@afbc739f588c /]# ln -sf /my_etc/my_passwd /etc/passwd

[root@afbc739f588c /]# ln -sf /my_etc/my_shadow /etc/shadow

[root@afbc739f588c /]# ls -l /etc/{shadow,passwd}

lrwxrwxrwx. 1 root root 17 Oct 8 17:48 /etc/passwd -> /my_etc/my_passwd

lrwxrwxrwx. 1 root root 17 Oct 8 17:48 /etc/shadow -> /my_etc/my_shadow

[root@afbc739f588c /]# passwd root

Changing password for user root.

New password:

Retype new password:

passwd: all authentication tokens updated successfully.

[root@afbc739f588c /]#