Resetting the Root Password of RHEL-7 / systemd

[cah]

Issue

• How to reset the root password of a RHEL-7 / systemd ?
• RHEL-7 ask for a root password even after booting in Single user mode.
• Not able to change the root password in single user mode

Resolution

1. Boot your system and wait until the GRUB2 menu appears.
2. In the boot loader menu, highlight any entry and press e.
3. Find the line beginning with linux. At the end of this line, append the following:

   Code: Select all

   init=/bin/sh
   

   Or if you face a panic, instead of "ro"change to "rw" to sysroot as example bellow:

   Code: Select all

   rw init=/sysroot/bin/sh
   

4. Press F10 or Ctrl+X to boot the system using the options you just edited.
   Once the system boots, you will be presented with a shell prompt without having to enter any user name or password:

   Code: Select all

   sh-4.2#
   

5. Load the installed SELinux policy:

   Code: Select all

   sh-4.2# /usr/sbin/load_policy -i
   

6. Execute the following command to remount your root partition:

   Code: Select all

   sh4.2# mount -o remount,rw /
   

7. Reset the root password:

   Code: Select all

   sh4.2# passwd root
   

   When prompted to, enter your new root password and confirm by pressing the Enter key. Enter the password for the second time to make sure you typed it correctly and confirm with Enter again. If both passwords match, a message informing you of a successful root password change will appear.
8. Remount the root partition again, this time as read-only:

   Code: Select all

   sh4.2# mount -o remount,ro /
   

9. Reboot the system using following command. From now on, you will be able to log in as the root user using the new password set up during this procedure.

   Code: Select all

   # exec /sbin/init
   

   NOTICE: If typing "exit", the root password will not be changed. Type "exec /sbin/init" is needed.

Please note that in case you are using a USB keyboard or if the system is a virtual guest, the following instructions need to be followed


Note that the above mentioned steps may drop you to a prompt without access to a USB keyboard and do not work in a VM like KVM or VirtualBox. To reset the root password in these environments:

1. add rd.break instead of init=/bin/sh to the end of the line that starts with linux in Grub2:
2. when the system boots, run the following command to remount the root filesystem in read-write mode:

   Code: Select all

   mount -o remount,rw /sysroot
   

3. then run:

   Code: Select all

   chroot /sysroot
   

4. eun:

   Code: Select all

   passwd
   

5. instruct SELinux to relabel all files upon reboot (because the /etc/shadow file was changed outside of its regular SELinux context) -- run:

   Code: Select all

   touch /.autorelabel
   

   Note that this may take some time during the next boot.
6. type exit to leave the chroot environment.
7. type exit to log out.
   The system will reboot, re-apply all SELinux labels, and present you with a regular login prompt.
   
   Note: If the system is encrypted, the above method will not work. Please refer to the following article: Resetting the Root Password of RHEL-7 for encrypted devices