How to Reset root Password in Linux

This tutorial explains how to reset the root password in Linux step by step with examples. Forget or lost root password in Linux, there is no need to buy any expensive tool or software to reset the root password. We can easily reset the root password in Linux through the inbuilt recovery options.

Recovery options are the part of boot package in Linux. These options are available at the first screen of boot process. These options allow us to access the Linux file system in emergency situation. In this tutorial we will learn how to use these tools to reset the lost or forgotten root password.

Resetting root password from recovery options

Restart the system and on boot screen select the second line and press e key

edit boot screen

Recovery options include several tools and features which if used incorrectly, can crash the entire system. For this reason, usually administrators keep these options protected with password.

If these options are protected with username and password, in next screen we have to authenticate the access with assigned user name and password.

If you have also lost the username and password which are required to access the recovery options or simply want to learn process of setting and removing recovery options password, see this tutorial

How to Reset GRUB Password

It explains how to set, unset, configure, recover or remove GRUB password in Linux step by step.

Authenticate the access with username and password (if configured)

authenticate recovery option access

If authentication is successful (or if authentication is not configured), we will get recovery options in next screen.

Now find the line which starts with linux16 /vmlinuz……….

recovery option

In this line, change configuration value ro to rw init=/sysroot/bin/sh and press Ctrl+x keys combination to start the system with updated configuration

change configuration to boot in single mode

This change forces Linux to start in emergency mode. Emergency mode mounts installed Linux in /sysroot directory and provides a recovery prompt for troubleshooting.

recovery prompt

Now run following commands

#chroot /sysroot
#passwd
New password:
Retype new password:
#touch /.autorelabel
#reboot –f

First command changes recovery prompt in fully functional shell prompt. After this command, whatever command we will execute, will be executed as it is executed from installed Linux.

Second command without any argument changes root user’s password. Type the new password when it prompts for password and re-type the same password again to verify the new password.

Third command re-labels all SELinux security contexts.

Fourth command restarts the system.

Following figure illustrates above process steps by steps

change root password

Since SELinux re-labels all security contexts, booting process will take a little bit extra time. Once relabeling is finished, system will restart again.

selinux relabeling

After restart, use the password which we set in above steps to login from root

login with new password

A successful login confirms that root password has been changed.

login sucess

This way we can easily reset the forgotten or lost root password through recovery options without any third party tool or software.

Troubleshooting

You may face two issues in this process

  1. Linux does not start in emergency mode
  2. Linux does not boot after this process

Linux does not start in emergency mode

If configuration value is changed incorrectly, Linux will ignore the incorrect value and will start normally. For example following figure shows an incorrect change in configuration value

worng configuration

To solve this issue, restart the system and change configuration value properly.

Change made in configuration values affect only running session. Once system is restarted, all configuration values are set to their default values.

Linux does not boot after this process

If necessary command for SELinux context relabeling is skipped, system will not boot after this process. For example, following figure shows skipped command for SELinux

selinux skipped

SELinux actively monitors and protects Linux file system from any unauthorized access and modification. SELinux checks entire file system at boot time to verify that file system is exactly in same state as it was when last time system was shut down. If SELinux detects any change in file system, it will halt the booting process and block the affected process.

To learn how SELinux works in Linux, see this tutorial

SELinux Explained with examples

It explains basic concepts of SELinux and how to configure and manage SELinux effectively in Linux with practical examples.

In this example, we updated the root password. Linux stores password in /etc/passwd. When we updated root password, this file changed from its previous state. Since we made this change without notifying SELinux about this change, SELinux halts the boot process at next time and blocks the login process.

If system is booting in GUI, it will display only black screen without any error or warning.

black screen

If system is booting in CLI, it may display login prompt. But login process will not work. Since SELinux block process is based on file and the same file (/etc/passwd) which was changed while we updated the root password is used to store the passwords of all users, login process will not work for all users.

login error

Tips

If you see blank screen after the restart, press CTRL+ALT+F2 and login with any regular user. If system lets you login, black screen issue is not related with SELinux. But if, system does not let you login even with correct username and password, this issue is definitely related with SELinux.

To solve this issue, access recovery prompt by following the same process again and run following commands to fix the issue.

selinux fix

Once SELinux issue is fixed, GUI login screen will be available again with working login process and functionality.

If you still face any issue or unable to reset the root password, just drop me a mail. I will help you in resetting the root password. If you are able to reset the root password with this method, let the other know by sharing it through your favorite social network.

ComputerNetworkingNotes RHCE 7 Study Guide How to Reset root Password in Linux