LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Lost root password on Fedora 19 (http://www.linuxquestions.org/questions/linux-security-4/lost-root-password-on-fedora-19-a-4175477050/)

dazdaz 09-13-2013 05:29 PM

Lost root password on Fedora 19
 
I recently lost the root password on a Fedora 19 system.

I tried to boot into single user mode, by adding a 1 to the linux entry in grub, and was still prompted for the password.

Then I tried to add "selinux=0 single", and I was still prompted for the root users password.

I think that SELinux is being enforiced, which requires to prompt to ask the root user for a password, even if I want to boot into single user mode.

In the end, I booted off the DVDROM and into rescue mode, and was able to change the root password that way.

So my followup question... is there any method to boot F19 into single usermode, like has been possible from the very first Linux distributions... I find it quite annoying that RedHat have changed this.

netnix99 09-13-2013 10:57 PM

If SELINUX is the cause, you can disable it, but that would be decreasing your security posture. I am sure that is the main reason for the change, security.... if a user is setting at the terminal, they could reboot to single-user mode if it wasn't password protected, and have their way with the system. Of course, if they are at the terminal and have a Linux Install disk to perform a rescue with, same difference....

After all that...my conclusion/answer to your question is SECURITY is the reason that Red Hat and probably all other distros have made that change...

druuna 09-14-2013 01:50 AM

Not 100% sure if Fedora 19 uses the same implementation as RHEL 6, but have a look here: Red Hat Enterprise Linux 6 - Deployment Guide (D.1.8. /etc/sysconfig/init -> SINGLE=value).

- /sbin/sulogin => a user will be prompted for a password to log in,
- /sbin/sushell => the user will be logged in directly.

dazdaz 09-14-2013 05:52 PM

In GRUB, when I remove "rhgb quiet" and add "init=/bin/bash" or "init=/sbin/sushell", I do receive a shell, however there are error messages on the console regarding a broken shell script statements, and when I ctrl-d, the system kernel panic's. Also the console is not correctly setup, to edit files.

Obviously if you could use the console, then you'd remount the file-system rw.

Something is'nt quite right with this approach, but I don't know what it is.

I also found this bugzilla which mentions this issue.

https://bugzilla.redhat.com/show_bug.cgi?id=982288

Habitual 09-14-2013 09:30 PM

try passing "init=/bin/bash rw"

dazdaz 09-15-2013 01:55 AM

The question is not about putting the root fs into rw mode, but I appreciate the feedback.

The system is not stable and properly configured, when using this tried and tested method on F19 to place the OS into single user mode / configuring init to execute a shell.

911InsideJob 09-15-2013 04:06 AM

Your system is now so secure, not even you can hack it. In the name of fatherland, er, uh, homeland security lets bury it in concrete so al-Qaeda can't use it to wage jihad. That would make me feel safe. :rolleyes:

Yeah, SELinux is a problem, not a solution to any real danger. I thought single user mode would work with it disabled though. :confused:


All times are GMT -5. The time now is 08:17 PM.