I am going to show you how to reset the root password on CentOS 7 but this procedure is exactly the same on RHEL 7. This process was trivial in RHEL 6 systems but since RHEL 7 the process is now more complex. This guide assumes that you have been locked out of the root account and you are trying to regain access.
Steps Involved to reset the root password on CentOS 7 and RHEL 7:
Step 1. Boot to the Grub Menu.
Once at the boot menu you will have the latest kernel highlighted at the top for the first boot option. Press the E key to edit the boot options.
After you have pressed E you will want to look for the line that starts with linux16. You will likely have to scroll down close to the bottom of the page to see it.
Step 2. Boot OS into minimal environment
You will need to type init=/bin/bash at the end of the line as shown in the picture below. Afterward press Ctrl +X to boot with the added parameters.
Step 3. Remount root partition as read/write and change password
At this point you have booted into the minimal environment but the / root file system is in read only mode. Before you can change the password you must remount the root partition with read/write access.
mount -o remount rw /
After the file system has been remounted the passwd command is used to reset the root password on CentOS 7.
Step 4. Relabel root partition for SELinux
SELinux uses file labels for the context in which the files will be used. If SELinux is enabled and running, it will not allow access to files which are unlabeled. By changing root’s password we have created a file which is unlabeled and the password would not work on the next boot if nothing else is done. This step can be skipped if SELinux is disabled, but SELinux is on by default. To fix this we have to tell SELinux to relabel all the files on the file system. The command to do this is touch /.autorelabel. On the boot process if SELinux see’s that this file exists, then it will automatically relabeled before booting into the OS. This file is automatically removed after the relabel process so it will not continue to relabel on each boot.
Step 5. Reboot
The final step is to reboot but being in this minimal environment commands like reboot do not work. The command exec /sbin/init 6 will reboot the system. You might consider it the long way to write init 6.
After you have sent the init 6 command (reboot) you will see what looks like a normal boot procedure but at the bottom you will see a percentage counter. This is the SELinux relabeling process. You want to verify that you are seeing that if SELinux is enabled.
That completes the reset the root password on CentOS 7 and RHEL 7 procedure. The last command in Step 5 is to reboot and you would then be back at the login dialog to login with the password you just changed. Please leave a comment if you found this guide to be helpful.
No comments:
Post a Comment