Chroot and root user password recovery in Linux

Have you ever faced a situation where you forgot the root user password, and are unable to login to your system? I faced it multiple times, in fact on the very first occasion I started working on Linux I changed the root user password while going to sleep and forgot it when I woke up :P.

Fortunately on the first occasion I didn’t set password for my boot loader grub, so recovering the root password was pretty straight forward. I re-verified this procedure before writing this post, on my Centos 6 and it still works :). In case you want to recover your password please follow the below steps.

  • Start the Linux and at grub screen
  • Press ‘e’ to edit, this will take us to screen showing Centos, again press ‘e’ here now you should be seeing three lines, the second line is the kernel line.
  • Select the Kernel line, Add ‘single’ at the end of the kernel line. This will pass single as argument to kernel, press enter to go back to previous screen of three lines.
  • Press ‘b’ to boot, and you should be able to see root prompt.
  • Type ‘passwd’ command to change the root password.

On other occasions I was not this lucky, I forgot both passwords. Without  boot loader password I can’t have the boot screen where I can change kernel parameters, and it is then I came across a very useful program ‘chroot’. In this blog we shall see how useful chroot is,  for some of the important tasks and in the next post I will explain the internals of this program.

Using ‘chroot’ for password recovery

For this to work you need to have a Live CD or a recovery disk, try to boot the machine using this by changing the boot order in EEPROM.

  • Once the operating system is loaded from Live CD, open a gnome/KDE terminal.
  • Try to list out all the partitions on disk, this is needed to identify where Linux is loaded. Type ‘fdisk -l’, In the output look for Linux partition. Assume that it is installed in /dev/sda1.
  • Now we need to mount this partition from the current operating system. Mounting is required because our target operating system lies in this disk, and we want our changes in this Linux partition. Create a empty directory to act as mount point, type ‘mkdir /media/linux‘.
  • Mount the linux partition using the command ‘mount /dev/sda1 /media/linux’.
  • Change Root to the mount directory using the command ‘chroot /media/linux‘. This should show a root prompt for the user, check the current working directory by typing ‘cwd‘, it should be ‘/‘.
  • Now type passwd and then enter the new password to change the password.
  • Remove the Live CD and reboot the system using ‘shutdown -r now‘.

What happened?

The whole trick lies with the chroot program, this program will modify the root directory of the current program. So in the above use case current shell’s (shell in the Live CD mounted OS)  root directory got changed to the newly mounted partition.

When we typed passwd command, The shell actually loaded the passwd command in the mounted partition, which is in the original operating system. This passwd command modified the /etc/passwd, /etc/shadow and other entries of the mounted partition. This is how the password entries of the original OS got changed.

See how useful chroot program is; It helped us in executing original operating system commands while we booted through Live CD.

Other uses

I use this chroot almost daily in my work, while debugging many of the issues. Our debug target is a modified flavor of Linux, and Our development machines are normal RedHat servers. Hence for debugging we should use the tools like gdb, etc..,  from our target OS.

So I normally do the following

  • Login to my RedHat server
  • Move to the directory where the target Linux is mounted
  • Do a ‘chroot . bash‘, in doing this I get a new shell and all the commands I type in this shell will be executed from the target platform.

In the next post we shall see the internal of chroot and pitfalls of the same.

This entry was posted in Linux and tagged , . Bookmark the permalink.

1 Response to Chroot and root user password recovery in Linux

  1. dmkj says:

    Thanks for this! it took me a long time to find but it is, absolutely, the clearest & “Easiest-to-Follow” account of “How to Enter a Root passwd from a Rescue Disk” The obvious thing you didn’t mention – & I didn’t spot immediately, although it is explicit in your text – is that once you’ve sorted out ‘Root’, anything else can be handled from the Home terminal.

    I am indebted to you.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s