Восстановление Root пароля на ClearOS 7

Восстановить пароль ROOT на ClearOS можно 2-мя способами, но только если вы имеете к нему физический доступ с подключенной клавиатурой и монитором.

  1. метод восстановления системы
  2. загрузка с флешки или диска и снова переход в режим восстановления

Эта процедура описывает метод восстановления для ClearOS 7. Для ClearOS 6, смотрите здесь. Для ClearOS 5, перейдите сюда.

Методы восстановления

Существует 3 метода восстановления ‘root’ пароля:

  • – Изменить пароль под другим административным аккаунтом (самый легкий вариант, но при наличии другого административного аккаунта)
  • – Сброс через ‘rd.break’ (легко, требуется прямой доступ к компьютеру и выполнение нескольких команд при начальной загрузке)
  • – Установочный носитель для установки системы в режиме восстановления (легко, требует точных команд и установочного носителя для ClearOS 7)

Сброс с помощью другого системного аккаунта

Если  вы включили пользователя в группу ‘wheel’ , вы можете легко поменять пароль из командной строки (ctrl-alt-f1 например – зайти под своим пользователем и паролем) на консоли или через ssh-логин. Затем выполните команду ниже и поменяйте пароль:

sudo passwd root

Если такой пользователь у вас не настроен, то можно использовать метод сброс рут пароля методом rd.break.

Changing the Root Password Using rd.break

To change the root password using the rd.break method, you will need to be physically in front of the server with a monitor and a keyboard. You will also need to be able to take the server down with a couple of reboots.

With a monitor and keyboard attached, reboot the server. At the GRUB screen, interrupt the count down by pressing any key on the keyboard such as the spacebar.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=912202&media=content:en_us:7_grub_countdown.png

With the countdown interrupted, select the kernel line corresponding to the environment you are running. Typically this is the default line. If it is not, use the arrow keys to navigate and press Enter.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=bfb35e&media=content:en_us:7_grub_countdown_interrupted.png

Next, press the e key to edit the selected item.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=f26839&media=content:en_us:7_grub_edit.png

The boot parameters for your server will appear. You can use the arrow keys to navigate down in this file. Locate the line that starts with ‘linux16’ (for most x86_64 system), ‘linux’ (for IBM Power Series), or ‘linuxefi’ (for systems which utilize UEFI.)

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=028ffe&media=content:en_us:7_grub_edit_kernel_line.png

In this file, you need to remove some parameters and add some others (you can hop to the start of the line with Ctrl+a and the end of the line with Ctrl+e). Remove the parameters name ‘rhgb‘ and ‘quiet‘ by navigating to the end of the word and hitting backspace on your keyboard.

Next, add the following to the very end of the line by navigating to the end and adding a space. Add the parameters ‘rd.break enforcing=0

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=8b1364&media=content:en_us:7_grub_edit_kernel_line_edits.png

When the changes are made, you will need hold the control key and press x, then release (‘Ctrl+x‘. As indicated in the text at the bottom of your screen.)

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=52602f&media=content:en_us:7_boot_single.png

The system will boot to a command prompt. If you have encrypted partitions, the system will need the password key to decrypt the file-system. You may not see the prompt for this unless you hit the backspace key to get back to the prompt.

switch-root:/#

At this prompt, you will need to enter several commands. The first changes your file system from the default read-only mode to read/write mode.

mount -o remount,rw /sysroot

Next, you will need to set this root as your running root partition:

chroot /sysroot

Your prompt will change to:

sh-4.2#

Change the root password by issuing the following command:

passwd
Changing password for user root
New password:
Make sure that you set a strong password – i.e. it should not be based solely on a dictionary word and should contain numbers or other valid non-alpha characters. Also, the system will not stop you from using a bad password. In addition we suggest passwords that do not have a percent sign ‘%‘ which is then followed by a hexidecimal capable set of numbers. This can be interpreted by some web forms (including Webconfig) as a special character.

If you have used a weak password (one based on a dictionary word) it may state:

BAD PASSWORD: it is based on a dictionary word

In this mode, it will take weak passwords in spite of the fact that they are weak.

  • You will then be asked to re-enter the password to confirm it and will subsequently receive a confirmation that the root password has been reset.
Retype new password:

passwd: all authentication tokens updated successfully.

Next, we need to touch a file to indicate to a potentially enable SELinux that our changes are valid. Skipping this step is not advised.

touch /.autorelabel

Next, remount the existing filesystem back to the default rd.break mode of read-only:

mount -o remount,ro /

Next, type ‘exit‘ and ‘Enter‘ the change root environment:

exit

This will change your prompt back to:

switch-root:/#

Type ‘exit‘ and ‘Enter‘ again to reboot.

exit

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=bc1006&media=content:en_us:7_boot_single_reset_rootpw.png

Changing the Root Password from Install Media

Boot the server from the installation media. You will need to use the same mechanisms that you used to install the system. In most cases this is straight forward. With systems that required disk drivers in order to see partitions, you will need to use those same methods to mount the disks to modify the ‘root’ password.

Install media start screen

At the start screen, navigate with the arrows to select ‘Troubleshooting’

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=fbe560&media=content:en_us:7_install_media_first_screen_beta3_troubleshooting_selected.png

Press <ENTER>.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=84889a&media=content:en_us:7_install_media_first_screen_beta3_rescue_selected.png

At the troubleshooting screen, select ‘Rescue a ClearOS System’ and press <ENTER>.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=56f21a&media=content:en_us:7_rescue_mode_first_screen.png

After a while a blue screen will come up.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=d72e73&media=content:en_us:7_rescue_mode_first_screen_continue_selected.png

Use the arrow or tab keys to select ‘Continue‘. Press <ENTER>.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=e7dbaf&media=content:en_us:7_rescue_mode_mounted_sysimage_notification.png

The system will attempt to find your ClearOS partition. If this step was not successful, you may need to load special drivers or contact support for assistance. If it finds your partition, it will notify you that the partition was found and mounted under ‘/mnt/sysimage’. Press <ENTER>.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=b232d3&media=content:en_us:7_rescue_mode_mounted_sysimage_notification2.png

For extra measure, we will notify you that your partition is mounted under ‘/mnt/sysimage’. Press <ENTER>.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=663714&media=content:en_us:7_rescue_mode_mounted_sysimage_shell_default.png

You will be dropped to a command prompt. Your prompt will look similar to the following:

sh-4.2#
  • Type the command

    chroot /mnt/sysimage

    and press Enter. You will see the following:

bash-4.2#
  • Type the command

    passwd

    and press Enter. You will see the following:

bash-4.2# passwd

Changing password for user root
New UNIX password:
Make sure that you set a strong password – i.e. it should not be based solely on a dictionary word and should contain numbers or other valid non-alpha/numeric characters. Also, the system will not give any signal that it is typing but it is. This is done to prevent someone from seeing how many characters are in your password through the screen. As a side note, avoid using the ‘%’ sign if you have 2 or more hexi-decimal numbers/characters after the percent sign.

If you have used a weak password (one based on a dictionary word) it may state:

BAD PASSWORD: it is based on a dictionary word

In this mode, it will take weak passwords in spite of the fact that they are weak.

  • You will then be asked to re-enter the password to confirm it and will subsequently receive a confirmation that the root password has been reset.
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
  • Type the command

    exit

    and press Enter. You will see the following:

sh-4.2#
  • Type the command

    exit

    and press Enter. The system will be rebooted.

https://clearos.com/dokuwiki2/lib/exe/fetch.php?w=550&tok=0e9ecb&media=content:en_us:7_rescue_mode_mounted_sysimage_shell_default_reset_root.png

Don’t forget to remove your installation media when the POST screen appears during reboot.

Добавить комментарий