A student at my school, whilst logged in as root, committed
userdel -r root
We quickly came to the consensus that he needed to reinstall (not too big a burden in this environment). But is this situation, where the root account has actually been removed, not just disabled - is this even theoretically recoverable?
If all goes wrong and you can't use sudo or boot in single user mode as suggested by Zypher, put on a live CD, mount the partition and add it manually to the /etc/passwd and /etc/shadow.
You will have to fix groups too after that.
For reference, there're the lines on passwd and shadow. The password for root in this shadow line is test
passwd
root:x:0:0:root:/root:/bin/bash
shadow
root:$6$YlqpNCBt$yYpknNzO8e4NLEKwXqHeJLTixssV8AxNRPKn/pr1CrsIlHSv7chPRDJ9Li3XMqsDm9zytWt8KQOd99VT0cBGF0:14824:0:99999:7:::
theoretically you should be able to use a sudo user, or single user mode and re-add the user with the --uid 0 & --gid 0 & --home /root options. I've never tried it but it should work.
From the man page, userdel will remove the account and the "home" directory of the deleted user. The crontab for the user will also be removed.
My guess is that the root account and password could be regenerated. And from backups, the root crontab and the /root directory could be recovered.
