Resetting the Root Password on a Solaris System
I needed make some changes to a Solaris 2.7 server on which I must have changed
the root password without updating it in my password list. I know I need to
update the list immediately when I change a password, since I have so many
passwords on many different systems, but I didn't do it in this case. The
procedure I used to recover from the forgotten password is as follows:
- I hit the Stop and A keys on the system to access the
Open Boot Prompt (OBP).
- I then inserted the Solaris operating system CD and typed boot
cdrom -s at the ok prompt, which booted from the CD.
Rebooting with command: boot cdrom -s
Boot device: /pci@1f,0/pci@1,1/ide@3/cdrom@2,0;f File and args: -s
SunOS Release 5.7 Version Generic [UNIX(R) System V Releaase 4.0]
Copyright (c) 1983-1998 Sun Microsystems, Inc.
INIT: SINGLE USER MODE
- I then made a mount point within the /tmp file system by typing
- I then needed to mount the root partition of the boot disk in
/tmp/mnt, which I attempted with mount /dev/dsk/c0t0d0s0
You can obtain disk information with ls /dev/dsk, if needed.
Since I had been unable to shut down the system normally, as I did not know
the current root password, I was notified that I had to repair the file
fsck and that the disk could not be mounted until
that had been done.
# mount /dev/dsk/c0t0d0s0 /tmp/mnt
mount: the state of /dev/dsk/c0t0d0s0 is not okay
and it was attempted to be mounted read/write
mount: Please run fsck and try again.
- So I then issued the command fsck /dev/dsk/c0t0d0s0. There
were quite a few problems found on the disk. In each case I answered "Y" to
correct the problems. Note: You can avoid having to respond to perhaps
dozens of prompts asking whether you wish to make adjustments to the
filesystem by using a
-Y option with
fsck, e.g. fsck -Y /dev/dsk/c0t0d0s0. Using
that option will cause
fsck to assume a "yes" response
to all questions asked by
- I was then able to mount the disk with mount /dev/dsk/c0t0d0s0 /tmp/mnt
- I then needed to edit the shadow file to remove the password for the root
# vi /tmp/mnt/etc/shadow
I don't know what kind of terminal you are on - all I have is 'unknown'.
[Using open mode]
"/tmp/mnt/etc/shadow" [Read only] 23 lines, 61 characters
- The cursor keys didn't work, so I used the "l" key to move to the field
where the encrypted password is stored, which lies between the first and
second colons. I then used the "x" key to delete each of the characters
in that field, i.e. from the "5" to the "A". Since the file was opened "read
only", I used wq! to save the change and exit from vi.
- The next step was to unmount the disk with umount /tmp/mnt.
- One can then reboot with the reboot command.
- After the system rebooted, I was prompted to choose a new password when
I attempted to log into the root account with "You need to choose an
initial password for your account or your current password has expired."
Once I chose a new password, I was able to log into the root account.
Resetting forgotten root password
By Brandon Hutchinson
May 30, 2003