Fixing expired accounts (How to)

Freebird

From:http://www.bsdforum.org
Expired accounts

Caused by using KUser, changing root password in Freebsd 4.9.

I am very new to FreeBSD so please correct me if I am wrong.

Thought I might pass this info on. I changed the root password with KUser (big mistake) & it expired the root account, I was able to log into other user accounts but unable to su -, only getting "account expired" thought I was toast, after an hour or two searching, I came up with this.
--------------------------------------------------------------
First tried to boot in single user mode to change the admin password at boot prompt: hit any key
got: ok
then typed
ok boot -s
It then asked for the default of /bin/bash, hit return, now we have
#
Now mount your file system with:
# mount -t ufs -a
#passwd

new passwd:_
retype new passwd:_
passwd: updating the database
passwd: done

# exit

I then tried to login to root & no go  "account expired", No problem got one more thing up my sleeve.

Here's what worked.
----------------------------------------------------------------

Boot to single user mode again,

At boot prompt: hit any key
got: ok
then typed
ok boot -s
It then asked for the default of /bin/bash, hit return, now we have
#
Now mount your file system with:
# mount -t ufs -a
Then just for fun I enabled the swap space
# swapon -a

You can now fix your "expired accounts" by editing "/etc/master.passwd" in the text editor of your choice, I only had the default editor "ee' installed,
Here's what I did.

# ee /etc/master.passwd
FIRST MAKE A BACKUP OF THIS FILE JUST IN CASE

Then
You will see a bunch of lines that end with "-1 or -0"(zero)
The ones with "-1" are the "expired accounts" just change them to "-0" (zero), you must change all lines that end in "-1" or you will still have expired accounts.
Save the file & close your editor.

Example: highlighted in red is wrong, needs to be "0" (zero).

root1$xxxxxxxxxxxxxxxx.:0:0::0:1:Charlie &:/root:/bin/csh
toor:*:0:0::0:-1:Bourne-again Superuser:/root:
daemon:*:1:1::0:-1:Owner of many system processes:/root:/sbin/nologin
operator:*:2:5::0:-1:System &:/:/sbin/nologin
bin:*:3:7::0:-1:Binaries Commands and Source:/:/sbin/nologin
tty:*:4:65533::0:-1:Tty Sandbox:/:/sbin/nologin

Continue this for all entrys.

Now:

You have to run:
# /usr/sbin/pwd_mkdb /etc/master.passwd

~Done~

Your account should be restored with your old password or if you tried to change your admin password in single user mode use that one.

* You may need to run "fsck" if you have shutdown uncleanly.

Lesson from School of Hard Knox