I just encountered a bizarre condition on a Debian system I was working on.
Out of nowhere, a program complained that its rungroup could not be found. After a bit of digging around, it seems like my system no longer thinks any users or groups exist on the entire system, including root
.
However, they are all still there in /etc/passwd
, /etc/group
, etc.
For example:
root@debian:/etc# getent passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/usr/sbin/nologin
systemd-timesync:x:101:102:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
systemd-network:x:102:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:103:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
messagebus:x:104:105::/nonexistent:/usr/sbin/nologin
unscd:x:105:109::/var/lib/unscd:/usr/sbin/nologin
ntp:x:106:112::/nonexistent:/usr/sbin/nologin
sshd:x:107:65534::/run/sshd:/usr/sbin/nologin
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
festival:x:108:29::/nonexistent:/usr/sbin/nologin
mysql:x:110:116:MySQL Server,,,:/nonexistent:/bin/false
Debian-exim:x:111:117::/var/spool/exim4:/usr/sbin/nologin
postfix:x:112:118::/var/spool/postfix:/usr/sbin/nologin
opendkim:x:113:120::/var/run/opendkim:/usr/sbin/nologin
telnetd:x:109:115::/nonexistent:/usr/sbin/nologin
com:x:1001:1001:,,,:/home/com:/bin/bash
asterisk:x:1004:1004:Asterisk,,,:/home/asterisk:/bin/bash
postgres:x:115:123:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash
memcache:x:116:124:Memcached,,,:/nonexistent:/bin/false
do-agent:x:998:998::/home/do-agent:/bin/false
root@debian:/etc# su - root
su: user root does not exist
root@debian:/etc# su - asterisk
su: user asterisk does not exist
root@debian:/etc# su - com
su: user com does not exist
root@debian:/etc# ls -la /etc/passwd
-rw-r--r-- 1 0 0 2227 Jul 29 06:28 /etc/passwd
root@debian:/etc# ls -la /etc/group
-rw-r--r-- 1 0 0 1013 Jul 29 06:28 /etc/group
Another strange thing as you can see is that ls
instead of showing the username and group of the file, just shows the uid and gid of the file.
I can cat the files and the output for all users and groups shows up just fine.
So of course now all kinds of things are not working: I can't make new SSH connections to the server, though some existing ones are still open (same for telnet, etc.)
I'm a little afraid to the reboot the server and see if that fixes it, since if it doesn't, then that will make it more difficult to proceed since I will have to use the console login (and given that it doesn't think root is a valid user, I'm a little wary of even that.)
Has anyone seen this kind of thing before and know why it's happening?