Resetting the Root Password on a Solaris System

I needed make some changes to a Solaris 2.7 server on which I must have changed the root password without updating it in my password list. I know I need to update the list immediately when I change a password, since I have so many passwords on many different systems, but I didn't do it in this case. The procedure I used to recover from the forgotten password is as follows:

  1. I hit the Stop and A keys on the system to access the Open Boot Prompt (OBP).
  2. I then inserted the Solaris operating system CD and typed boot cdrom -s at the ok prompt, which booted from the CD.
    
    Rebooting with command: boot cdrom -s
    Boot device: /pci@1f,0/pci@1,1/ide@3/cdrom@2,0;f  File and args: -s
    SunOS Release 5.7 Version Generic [UNIX(R) System V Releaase 4.0]
    Copyright (c) 1983-1998 Sun Microsystems, Inc.
    Configuring devices...
    |
    INIT: SINGLE USER MODE
    #
    
    
  3. I then made a mount point within the /tmp file system by typing mkdir /tmp/mnt.
  4. I then needed to mount the root partition of the boot disk in /tmp/mnt, which I attempted with mount /dev/dsk/c0t0d0s0 /tmp/mnt. You can obtain disk information with ls /dev/dsk, if needed. Since I had been unable to shut down the system normally, as I did not know the current root password, I was notified that I had to repair the file system with fsck and that the disk could not be mounted until that had been done.

    # mount /dev/dsk/c0t0d0s0 /tmp/mnt
    mount: the state of /dev/dsk/c0t0d0s0 is not okay
                and it was attempted to be mounted read/write
    mount: Please run fsck and try again.
    
  5. So I then issued the command fsck /dev/dsk/c0t0d0s0. There were quite a few problems found on the disk. In each case I answered "Y" to correct the problems. Note: You can avoid having to respond to perhaps dozens of prompts asking whether you wish to make adjustments to the filesystem by using a -y or -Y option with fsck, e.g. fsck -Y /dev/dsk/c0t0d0s0. Using that option will cause fsck to assume a "yes" response to all questions asked by fsck.
  6. I was then able to mount the disk with mount /dev/dsk/c0t0d0s0 /tmp/mnt .
  7. I then needed to edit the shadow file to remove the password for the root account.

    # vi /tmp/mnt/etc/shadow
    I don't know what kind of terminal you are on - all I have is 'unknown'.
    [Using open mode]
    "/tmp/mnt/etc/shadow" [Read only] 23 lines, 61 characters
    root:5A7WhrRvfu15A:13368::84::::
    
  8. The cursor keys didn't work, so I used the "l" key to move to the field where the encrypted password is stored, which lies between the first and second colons. I then used the "x" key to delete each of the characters in that field, i.e. from the "5" to the "A". Since the file was opened "read only", I used wq! to save the change and exit from vi.
  9. The next step was to unmount the disk with umount /tmp/mnt.
  10. One can then reboot with the reboot command.
  11. After the system rebooted, I was prompted to choose a new password when I attempted to log into the root account with "You need to choose an initial password for your account or your current password has expired." Once I chose a new password, I was able to log into the root account.

References:

  1. Resetting forgotten root password
    By Brandon Hutchinson
    May 30, 2003