RedHat 7 – Get Access to System During the Boot Process

RedHat 7 – Get Access to System During the Boot Process

RHEL7: Interrupt the boot process in order to gain access to a system.

Note: This is a critical RHCSA 7 exam objective (if you can’t take control of a VM through a reboot at the beginning of the exam, you will fail it entirely).

Presentation

In RHEL 7, the procedure to get access to a system during the boot process and modify the root password has changed because of the adoption of Systemd.

There were several procedures floating around to recover the root password. Some were working with physical servers but not with virtual machines, some the other way around.

The following procedure works all the time.

Procedure

At the beginning of the boot process, at the GRUB 2 menu, type the e key to edit.

Then, go to the kernel line (the line starting with linux16) and add the following statements at the end:

rd.break enforcing=0

Caution: The keys to press are those of a US keyboard (querty).
Note: rd.break asks for a break at an early stage of the boot process. enforcing=0 puts the system into SELinux Permissive mode. Don’t confuse with selinux=0 that completely disables SELinux.

Press Ctrl x to resume the boot process.

Then, mount the /sysroot partition as read/write:

switch_root:/# mount –o remount,rw /sysroot

Execute the chroot command on the /sysroot partition:

switch_root:/# chroot /sysroot

Change the root password:

sh-4.2# passwd root
Changing password for user root.
New passwd: mypassword
Retype new password: mypassword
passwd: all authentication token updated successfully.
sh-4.2# exit
exit
switch_root:/# exit
logout

Connect to your server at the console (don’t reboot now!) with the root user and the new password:

...
[  OK  ] Started Network Manager Script Dispatcher Service.
[  OK  ] Started Crash recovery kernel arming.
[  OK  ] Reached target Multi-User System.

CentOS Linux 7 (Core)
Kernel 3.10.0-229.14.1.el7.x86_64 on an x86_64

vm login: root
Password: mypassword

Then type:

# restorecon /etc/shadow
# reboot

If you strictly follow this procedure, you don’t need to force a SELinux relabel (# touch /.autorelabel) or load the SELinux policy (# /usr/sbin/load_policy -i).

You don’t even need to reboot at the end! In this case, type # setenforce enforcing

For the RHCSA exam, you need to intensely practice this procedure.

Thanks to salvador and hunter86_bg for their precious comments.

Additional Resources

Ralph Nyberg‘s video about recovering root access (15min/2015) explains the procedure very well.
Fedora Documentation‘s got a page about Resetting the root password.
There is also a documentation available for the Anaconda Boot Options.
As there is more than one way to do it, a page describes several ways to reset the root password.

Comments are closed.