Consider the following scenario, you just got hired to replace an incompetent sysadmin who left no documentation and nobody knows any privileged passwords to an important server, say, the company's file server.
That would really suck. Fortunately, you have access to the console, and with the knowledge I'm about to share with you, you'll be able to reset the root password.
This is also an important objective for passing the EX200 exam and earning your Red Hat Certified Systems Administrator certificate.
- Reboot the machine
- At the GRUB boot loader screen, press e to edit the default entry.
- Use your arrow keys, and scroll down to the line that begins with linux16.
- Near the end of the line, replace rhgb quiet with init=/bin/bash and press Ctrl+X to boot.
- Remount the root file system in read-write mode: mount / -o remount,rw
- Load the SELinux policy: /sbin/load_policy -i
- Change the root password: passwd
- Remount the root file system in read-only mode: mount / -o remount,ro
- Reboot the machine again: /sbin/reboot -f
That's it! You should now be able to login with your newly set root password.
You'll note other tutorials instruct you to relabel your filesystem by executing touch /.autorelabel. That is entirely unnecessary and time consuming. By loading the SELinux policy before we change the password, the SELinux file contexts are left in place and no relabeling required.