Thursday, May 28, 2009

UX: useradd: ERROR: Cannot update system files - login cannot be created | Ubuntu Linux Howto

Tech Blog - Recently while creating bunch of account on a bunch of Sun Unix and Linux server I encountered the error below, this is not the first time I have encountered this error, but in my experience troubleshooting it a bit tricky as this error could mean a lot of things, it could be corrupt passwd or shadow file, wrong permissions, it could be missing password, shadow file or both, it could be as simple as the root disk being full, below is some tips on troubleshooting it, make sure to the the stuff suggested below before rebooting your host as reboot is sometimes a luxury we don't have on production servers.

Error:

UX: useradd: ERROR: Cannot update system files - login cannot be created

Troubleshooting steps.

Make sure that passwd and shaodow file exist in /etc and have the correct permissions

$ ls -la
-r-------- 1 root sys 4872 May 28 00:30 shadow
-rw-r--r-- 1 root sys 12968 May 28 00:30 passwd

Make sure that root filessytem is not full or wehrever your /etc reside is not full

$ df -k
Filesystem 1024-blocks Used Available Capacity Mounted on
/ 2055591 1993926 0 100% /

If its full try looking for something to remove, looking at /var is always a good start

This command will look for files that are equal or bigger than 5mb on /var filessytem

$ find /var -size +50000000c -exec ls -la {} \;

If everything check out alright you can use pwck command

pwck scans the password file and notes any inconsistencies. The checks include validation of the number of fields, login name, user ID, group ID, and hether the login directory and the program-to-use-as-shell exist. The default password file is /etc/passwd.

Try fixing what error it find

$ pwck
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
Login directory not found

If all else fail you can use truss to trace error in detail

truss utility executes the specified command and produces a trace of the system calls it performs, the signals it receives, and the machine faults it incurs. Each line of the trace output reports either the fault or signal name or the system call name with its arguments and return value(s).

$ truss -o /tmp/useradd.truss -f useradd testuser

Short incomplete sample entry of truss output

$ cat /tmp/useradd.truss
20492: execve("/usr/sbin/useradd", 0xFFBFFB94, 0xFFBFFBCC) argc = 13
20492: resolvepath("/usr/lib/ld.so.1", "/lib/ld.so.1", 1023) = 12
20492: resolvepath("/usr/sbin/useradd", "/usr/sbin/useradd", 1023) = 17
20492: stat("/usr/sbin/useradd", 0xFFBFF970) = 0
20492: open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT
20492: stat("/lib/libsecdb.so.1", 0xFFBFF428) = 0
20492: resolvepath("/lib/libsecdb.so.1", "/lib/libsecdb.so.1", 1023) = 18
20492: open("/lib/libsecdb.so.1", O_RDONLY) = 3


Hope this help!

Check out other pages:

1 comment:

Anonymous said...

Thanks. You just helped me keep from going nuts.

For suggestion and concerns E-mail