Gaining Root Access on RHEL 9.3

This interactive guide demonstrates the critical system administration skill of resetting the root user's password on Red Hat Enterprise Linux. Following these steps allows you to regain administrative control of a system when the password is lost, without needing to reinstall the entire OS. This walkthrough simplifies the process, providing clear instructions and one-click commands.

The Procedure: An Overview

The process involves interrupting the normal boot sequence to access an emergency shell. From there, we'll gain write access to the system files, switch into the system's environment, and securely set a new password before rebooting.

🔑

1. Interrupt Boot

Edit GRUB boot parameters.

🔧

2. Gain Access

Remount filesystem as writable.

🔄

3. Change Password

Use `passwd` in a chroot environment.

🏷️

4. Relabel & Reboot

Update SELinux context and restart.

Step 1 & 2: Reboot and Modify Kernel Parameters

First, reboot the machine and interrupt the GRUB bootloader by pressing the `e` key. In the editor, find the line starting with `linux` and append the following parameter to the end of it. This tells the system to break the boot process and launch an emergency shell.

Parameter to add:

rd.break
What is rd.break?
This kernel command line argument interrupts the boot process at the `initramfs` stage, before the system root filesystem is mounted. This is crucial for maintenance tasks like password resets.

After adding the parameter, press `Ctrl+x` to continue booting.

Step 3: Access the Emergency Shell

The system will boot into an emergency shell. The root filesystem is mounted under `/sysroot` but in read-only mode. You'll see a prompt like `switch_root:/#`.

Step 4: Remount Filesystem with Read-Write Permissions

To make any changes, you must remount the filesystem in read-write mode. Use the following command.

# mount -o remount,rw /sysroot

Step 5: Enter the `chroot` Environment

Now, switch into the system's environment. This makes `/sysroot` the new root (`/`) of your shell, allowing you to run commands as if you were on the fully booted system.

# chroot /sysroot
What is chroot?
`chroot` (change root) is a command that changes the apparent root directory for the current running process and its children. It's like being 'jailed' in a new environment, essential for system recovery.

Step 6: Change the Root Password

With access to the system, you can now change the root password using the `passwd` command. The system will prompt you to enter and confirm the new password.

# passwd root

Step 7: Update SELinux Context (Crucial)

Because the `/etc/shadow` file (which stores passwords) was modified outside of a normal system session, you must tell SELinux to relabel all files on the next boot. This prevents login problems. Skipping this step will likely lock you out of the system again.

# touch /.autorelabel
Why is this crucial?
SELinux uses labels on files to enforce security policies. Modifying a file in this recovery mode doesn't update its label. The `.autorelabel` file forces a system-wide relabel on boot, correcting any inconsistencies and ensuring the security policy allows you to log in.

Step 8: Exit and Reboot

Finally, exit the `chroot` environment and then the emergency shell. This will cause the system to reboot.

# exit
# exit

The SELinux relabeling process will run on the next boot, which might take a few minutes. After it completes, the system will reboot once more, and you can log in with your new root password.

Conclusion & Key Takeaway

This guide successfully demonstrated the standard procedure for resetting a lost root password. By interrupting the bootloader and using a `chroot` environment, administrative access can be restored securely and efficiently.

A Note on Security: This entire process highlights the critical importance of physical machine security. Anyone with direct console access to a server can perform these actions. Securing access to the physical hardware and bootloader is a fundamental layer of system security.

Command copied to clipboard!