Skip to main content

RHEL Recover your root Password

Root Password recovery

In this tutorial I will demonstrate you how to recover you lost password.

This tutorial is for RHEL 7 Password recovery.

Before we go further I would like to brief Linux boot process,
  • When pushed power button your PC/Server it will powered on and the system firmware will runs POST (Power On Self Test) which will check and initiate attached hardware. You can do modifications to these process by BIOS/UFFI configuration
  • After POST, system firmware will look for bootable device in other words it look for Master Boor Record (MBR)
  • Then the System will reads the boot loader from the disk and let boot loader to take control of the system
  • Now the boot loader loads its configuration from disk, at that point you may display the boot options

  • Depends on your selection boot loader will load the kernel and initramfs from disk to you memory(RAM). Initramfs  is some gziped archive contains kernel modules for hardware all hardware which requires on boot.  
  • Now boot loader hand over control to kernel with the optional commands to the kernel and memory location for initramfs.
  • Then kernel will initialize all the hardware according to the driver which found in initramfs. This process will execute as PID 1.  Further initramfs contains copy of systemd and also an udev (for hardware initialization)
  • Now at this point root file system will mount on /sysroot
  • Afterwards initramfs root file system which mounted on /sysroot will switched to system root file system. and re-executed the copy of systemd which is installed on the system
  • And finally system will look for the default target and start it by resolving dependencies   
Now Lets get back to our issue, 

To resolve this issue, we can pause initramfs at some point and provide a shell and do the changes that we requires and continue when our shell exists.

Following Steps will do the trick,

  1. Reboot the System
  2. Interrupt the boot loader
  3. Select the entry which need to be booted
  4. Edit the entry
  5. And boot the system with changes 
  6. remount the /sysroot with read write permission
  7. Switch to chroot jail
  8. Change your password 
  9. Make system to relabel its file system (This is for SELinux purposes)
Now after rebooting the system interrupt the boot loader by pressing a arrow key, and it may look like this.


Select your desired entry to boot and press e to edit

Now find the the line that starts with "linux16" line and jump to the end of the line press ("END" button on key board) remove it till ro and add the entry 

          rd.break

And it will look like this
Press CTRL+X to boot with changes




At the completion system will be mounted on /sysroot and but it will be read only mount

In order to the changes it is required re-mount  /sysroot with read-write permission

         #mount -oremount,rw /sysroot

At this point we want system to treat /sysroot as our root file system. In order to that you may switch in to a chroot jail
  
          #chroot /sysroot

Now you may change the root password 

          #passwd root

And in order to make sure all the unlabeled files relabel during the boot you may create a file call ".autorelabel" on the root directory

          #touch /.autorelabel

Now you may exit from chroot jail and also from iniframs debugging shell by using exit command.



Now it will continue the boot process but it may take some time since relabeling takes some time.


Afterwards your may use newly configured password to log in to the system.

Comments

Popular posts from this blog

Asterisk on Docker

This Document covers asterisk basic installation on docker. Since till now there is no official asterisk image on Docker hub we will use Debian core to install the asterisk. Prerequisites Linux host to install docker, Internet connectivity and docker account to download docker images. 1. Installing Docker (Ensure your Internet connectivity) Centos 7           #wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm           #rpm -ivh epel-release-latest-7.noarch.rpm           #yum install docker  Install Docker on RHEL and CentOS 6          # yum install epel-release          # yum install docker-io 2. Start Docker Centos 7          # systemctl start docker          # systemctl status docker          # systemctl enable docker ...

Simple Squid (Proxy server) Configuration

1.  SETUP THE INITIAL NETWORK CONNECTIVITY ON CENTOS After installing centos completely configured the network interfaces as follows, 1. Add a network interface to centos virtual machine as “Lan segment”(Centos lan) 2. And configure the ip address for that LAN segment If this centos machine has only one NIC we have to create two vlans and trunk them.             One to connect to the internet.            One to connect to the local area network interface which we created earlier 3. Using fedora(Another vm guest os) verify the network connectivity 4. Pinging to the LAN-segment that we created in order to verify the internet connectivity. Now we are connected to the private network that we created using centos earlier. Note that in this scenario centos is act as a router. So we are going to convert this centos virtual machine to router, in order to do that we nee...

HAProxy

HAProxy implementation Case Study This tutorial covers HAProxy Deployment on Firewall and SELinux enabled Centos7 systems. First of all lets get an overall idea about my situation.  I've bought a domain call mycompany.com so all of my  hosted sites should be followed by this main domain. As an example, if someone look for london.mycompany.com he should reach to London server, if someone look for chicago.mycompany.com he should reach to Chicago server So, I've created a Cloudflare account and point mycompany.com to our public IP address and created two                 CNAME entries from Cloudflare by adding London and Chicago. From the Cloudflare all the request to mycompany.com will forward to our public address and HAProxy may read those requests and Process them and forward them accordingly between two IIS servers. Note that al...

Asterisk Gateway Interface - Perl

Asterisk Gateway Interface 1. What is Asterisk Gateway Interface?  In simple word AGI is Language Independent API to programmers to control the call flow on their Asterisk PBXs. Asterisk provides more than its own dial-plan, to control to the call flow or lets say call logics. So which means you may use either one of Dialplan Asterisk Manager Interface (AMI) Asterisk Gateway Interface (AGI) to manipulate your call logics. Before we move on to AGI lets briefly discuss about each one of above, Dialplan Dial plan is Asterisk native call logics performer, it's fast, easy to learn and efficient. But this configuration script is more closer to assembly program (If you have any previous experience on assembly), the main drawback of the Asterisk Dialplan in it's lack of support on standard procedural  language as an example when you want create a loop.  Any way in the following tutorials we will only discuss about the AGI, But we can't av...

FreePBX-Installation

FreePBX-Installation 1. Pre-installation In order to setup call center server first we have to confirm that our system is full filled the minimum requirements. This asterisk deployment is based on RedHat distribution aka CentOS.  To full-fill the above requirement we are going to setup asterisk 11 on CentOS 6.5 (x64). 1.2 CentOS 6.5x64 installation  It is recommended to install CentOS 6.5x64 minimum version and manually install all the other package as our requirement.  At the beginning it recommended to configure the logical disk drives aka Raid.  Note that some of the server-rigs will not compatible to centos 6.5x64, most of the time it’s because the particular server’s Raid drivers might not be found in centos 6.5x64 disk. In such scenario please follow the below instruction. First we have to download the Raid driver from relevant vendor. (If it’s HP you will find somewhat like this hpvsa-X.X.X-X.rhel6u.5x86_64.dd). ...

Discussion : SIP vs BRI/PRI

SIP SIP standards for Session Initiation Protocol and It's Purely IP based.  BRI/PRI PRI stands for Primary Rate Interface and It contains One 64Kbps T1 or E1 Chanel for Signaling AKA Channel D and 23 T1 or 30 E1 Channels as Bearing Chanel aka Channel B.\ BRI standards for Basic Rate Interface and Contain Two Barer channel and One Signaling Chnnel AKA 2B+D. Further Both Both PRI and BRI are ISDN services and also data rate of PRI is 2.048Mbps while 128-144Kbps. ISDN : Integrated Service Digital Network / It's Some Dumb Network SIP vs BRI/PRI SIP does Best effort Delivery as same as IP traffic do, while BRI/PRI Provide QoS. If someone requires to attain QoS through SIP something like MPLS will do with a considerable amount cost. SIP is more flexible than BRI/PRI because it can be accommodated by company existing data network while BRI/PRI reuires to have a dedicated link for it self.

Perl - Database Transactions

Database Transactions with Perl To understand what is a database transaction lets look at a simple bank withdrawal and deposit scenario. Assume that you have two bank accounts call A and B, and you need withdraw some amount from account A and Deposit it on account B. In this scenario what happen if you couldn't withdraw money from your account A, the deposit part won't carry out. Again if you couldn't deposit the money to your account B you have to deposit them back on account A (Which means a roll back). So in the  context of Database, Transaction is refer to  a sequence of jobs which is supposed to run as a whole. So in other words, it should happen as whole or not. So as in our following example, we have 3 Database queries which should perform as a whole. Further assume that our first Database query is supposed to perform a insert if successful, second query  should update a table if successful, third query  should delete an entry from a ...

Share-A-Directory-between-two-server-NFS

Share-A-Directory-between-two-server-NFS Please grant the relevant permission on the shell scripts ./client_Export.sh Takes three argument as follows 1. server ip address to be exported 2. client directory which should be exported to the particular server 3. options aka permission for the expoted folder rw: This option allows the client server to both read and write within the shared directory sync: Sync confirms requests to the shared directory only once the changes have been committed. no_subtree_check: This option prevents the subtree checking. When a shared directory is the subdirectory of a larger filesystem, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security. no_root_squash: This phrase allows root to connect to the designated directory E...