Monday, January 29, 2018

Recover a forgotten root password on Redhat 7 Linux Selinux system

The way on how you can reset a forgotten root password on a Linux system have not changed for many years. Resetting a root password on RHEL7 Linux system have not change much except that now we deal with SElinux and the system is now using systemd instead of init. Nevertheless, those who have already did reset root password on the Linux system will be with the following steps familiar. Here is the procedure of what needs to be done in order to recover a forgotten root password on Redhat 7 Linux:

  1. We need to edit GRUB2 boot menu and enter user single mode
  2. Next, we need to remount / partition to allow read and write
  3. Reset the actual root password
  4. Set entire system for SElinux relabeling after first reboot
  5. Reboot the system from a single mode
Now that we understand the procedure we can proceed with Redhat 7 password recovery.

Edit GRUB2 boot menu


Start your system and once you see your GRUB2 boot menu use e key to edit your default boot item. Usually it is the first line:


Once you hit e key you will see a screen similar to the one below:


Depending on you terminal screen size you may see more or less information. In case you have a small terminal screen size note the little down pointing arrow on the right edge of your screen. The arrow means that more text is available when scrolling down. Scroll down and locate a line with rhgb quiet keywords:



Move your cursor ( HINT: move to end of the line with CTRL+E ) on rhgb quiet keywords and replace them with init=/bin/bash as show below:


Once you edit the boot line as show above press CTRL + x to start booting your RHEL 7 system into a single mode. At the end of the system boot you will enter a single mode:




Read&Write root partition remount

Once you enter a single your root partition is mounted as Read Only ro. You ca confirm it with the following command:

# mount | grep root

In order to mount our partition with Read/Write flag we use mount with a remount option as follows:

# mount -o remount,rw /

Next, confirm that the root file system is mounted Read/Write rw:

# mount | grep root

All the above steps are show below:


Change root's password

Still in the single mode we can proceed with the actual root password recovery. To do this we use passwdcommand:

# passwd

You will need to enter your password twice as shown below:



SELinux relabeling

The additional step which needs to be taken on SELinux enables Linux system is to relabel SELinux context. If this step is ommited you will not be able to login with your new root password. The following command will ensure that the SELinux context for entire system is relabeled after reboot:

# touch /.autorel



Reboot System

The final step when resetting your lost root password on RHEL 7 linux system is to reboot. This can be done with a following command:

# exec /sbin/init

After reboot you will be able to use your new root password.

No comments:

Post a Comment

Configure NFS Client

This example is based on the environment below. +----------------------+           |           +----------------------+ | [...