Error in System Log about pwd_mkdb [solved]



  • 2.2-ALPHA (amd64)
    built on Fri Sep 05 02:50:29 CDT 2014

    php-fpm[71149]: /rc.reload_all: The command '/usr/sbin/pwd_mkdb -d /etc/ /etc/master.passwd' returned exit code '1', the output was 'pwd_mkdb: corrupted entry pwd_mkdb: at line #1 pwd_mkdb: /etc/master.passwd: Inappropriate file type or format'
    

    I don't know if this is related, but after an unexpected power outage & reboot tonight, I wasn't able to access the WAN from the LAN anymore, my port forwarding didn't work, and the firewall log stopped logging anything; trying to access LAN websites from WAN would just show me the pfSense login page, which should be accessible only from the LAN side.  I tried lots of things but couldn't fix the problem and couldn't think of anything that has changed except updating to the latest version, adding a virtual CPU, and doubling the virtual RAM on Friday.  I then tried to run through the whole Setup Wizard again, and somehow, that fixed the problem even though I didn't change any settings during the wizard.  It must have forced something to reset itself that even multiple pfSense reboots didn't fix.  All seems to be ok now except I notice the above error message in my system log.


  • Rebel Alliance Developer Netgate

    Sounds like parts of the filesystem were corrupted due to the unexpected power loss. If you edit the file it mentions, it probably is either completely not the right file or it may have some unexpected characters at the start that need removed. If you have another pfSense install handy, compare the file mentioned to one that is known to be good.

    Ultimately because you can't be sure what else was corrupted, it's probably best to take a config backup, wipe the VM and reload pfSense, and then restore the config.

    What type of virtual environment are you using?



  • Hyper-V on Server 2012.

    When I use Diagnostics>Edit File and load "/etc/master.passwd", here's what I see:

    bool trimcr);
    
    /**
     * Allocate a new struct pkg and add it to the deps of pkg.
     * @return An error code.
     */
    int pkg_adddep(struct pkg *pkg, const char *name, const char *origin, const
    			   char *version, bool locked);
    int pkg_addrdep(struct pkg *pkg, const char *name, const char *origin, const
    			   char *version, bool locked);
    
    //int pkg_addfile(struct pkg *, const char *fmt);
    /**
     * Allocate a new struct pkg_file and add it to the files of pkg.
     * @param sha256 The ascii representation of the sha256 or a NULL pointer.
     * @param check_duplicates ensure no duplicate files are added to the pkg?
     * @return An error code.
     */
    int pkg_addfile(struct pkg *pkg, const char *path, const char *sha256,
    		bool check_duplicates);
    
    /**
     * Allocate a new struct pkg_file and add it to the files of pkg;
     * @param path path of the file
     * @param sha256 The ascii representation of the sha256 or a NULL pointer.
     * @param uname the user name of the file
     * @param gname the group name of the file
     * @param perm the permission
     * @param check_duplicates ensure no duplicate files are added to the pkg?
     * @return An error code.
     */
    int pkg_addfile_attr(struct pkg *pkg, const char *path, const char *sha256,
    		     const char *uname, const char *gname, mode_t perm,
    		     bool check_duplicates);
    
    /**
     * Add a path
     * @return An error code.
     */
    int pkg_adddir(struct pkg *pkg, const char *path, bool try,
    		    bool check_duplicates);
    
    /**
     * Allocate a new struct pkg_file and add it to the files of pkg;
     * @param path path of the file
     * @param uname the user name of the file
     * @param gname the group name of the file
     * @param perm the permission
     * @return An error code.
     */
    int pkg_adddir_attr(struct pkg *pkg, const char *path, const char *uname,
    		    const char *gname, mode_t perm, bool try,
    		    bool check_duplicates);
    
    /**
     * Add a category
     * @return An error code.
     */
    int pkg_addcategory(struct pkg *pkg, const char *name);
    
    /**
     * Add a license
     * @return An error code.
     */
    int pkg_addlicense(struct pkg *pkg, const char *name);
    
    /**
     * Add a user
     * @return An error code.
     */
    int pkg_adduser(struct pkg *pkg, const char *name);
    
    /**
     * Add a group
     * @return An error code.
     */
    int pkg_addgroup(struct pkg *pkg, const char *group);
    
    /**
     * Add a user
     * @return An error code.
     */
    int pkg_adduid(struct pkg *pkg, const char *name, const char *uidstr);
    
    /**
     * Add a gid
     * @return an error code
     */
    int pkg_addgid(struct pkg *pkg, const char *group, const char *gidstr);
    
    /**
     * Allocate a new struct pkg_script and add it to the scripts of pkg.
     * @param path The path to the script on disk.
     @ @return An error code.
     */
    int pkg_addscript(struct pkg *pkg, const char *data, pkg_script type);
    
    /**
     * Helper which call pkg_addscript() with the content of the file and
     * with the correct type.
     */
    int pkg_addscript_file(struct pkg *pkg, const char *path);
    int pkg_appendscript(struct pkg *pkg, const char *cmd, pkg_script type);
    
    /**
     * Allocate a new struct pkg_option and add it to the options of pkg.
     * @return An error code.
     */
    int pkg_addoption(struct pkg *pkg, const char *name, const char *value);
    
    /**
     * Add a default value to an already exsting struct pkg_option
     * @return An error code.
     */
    int pkg_addoption_default(struct pkg *pkg, const char *key,
    			  const char *default_value);
    
    /**
     * Add a description to an already exsting struct pkg_option
     * @return An error cod
    

    That first line does look awfully suspicious since it only has one parenthesis.


  • Rebel Alliance Developer Netgate

    That's completely the wrong file, as I sort of suspected. The disk has been corrupted significantly.

    It should look like…

    # $FreeBSD: src/etc/master.passwd,v 1.39 2004/08/01 21:33:47 markm Exp $
    #
    root:$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.:0:0::0:0:Charlie &:/root:/bin/sh
    toor:*:0:0::0:0:Bourne-again Superuser:/root:
    daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
    operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
    bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
    tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
    kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
    games:*:7:13::0:0:Games pseudo-user:/usr/games:/usr/sbin/nologin
    news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
    man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
    sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
    smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
    mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
    bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
    proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
    _pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
    www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
    nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
    dhcpd:*:1002:1002::0:0:DHCP Daemon:/nonexistent:/sbin/nologin
    _dhcp:*:65:65::0:0:dhcp programs:/var/empty:/usr/sbin/nologin
    _isakmpd:*:68:68::0:0:isakmpd privsep:/var/empty:/sbin/nologin
    uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
    pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
    _ntp:*:123:123::0:0:NTP daemon:/var/empty:/sbin/nologin
    _relayd:*:913:913::0:0:Relay Daemon:/var/empty:/usr/sbin/nologin
    

    More lines below that with your custom users, users added by packages, etc, etc.

    (The root password in that case is the default 'pfsense' password from a fairly stock VM. :-)



  • Wow, I'm glad it's working at all with that kind of corruption.  I'll do as you recommended: create a new pfSense VM and import my config.  Hopefully it's that easy.  I'll report back here when that has been done.



  • Thank you.  That seems to have fixed the problem and the settings restore went very smoothly.  pfSense is happy again.


Log in to reply