Changing the password on the RHEL 7 kvm qcow2 download (links updated 3/15/2016)
(Links updated / last reviewed March 15, 2016)
Environment
- Freshly downloaded RHEL7 qcow2 KVM image to be a guest virtual system under KVM virtualization.
- Red Hat Enterprise Linux 6 as the host system running KVM virtualization.
- This is in review for Fedora Linux as a host system running KVM virtualization (this review is not completed)
Introduction
You will find you need to change the password if you download a RHEL 7 kvm qcow2 image. This discussion goes into two different methods to do this. Make a note in the discussion area if you happen to have any suggestions etc...
Red Hat Enterprise Linux 7.x is now Generally Available (GA) (getting started guide) and available including in a qcow2 KVM image at the Red Hat Enterprise Linux product page (NOTE: a subscription is required, and this link is subject to change). The image is approximately 5 GB). You have to "root the system" after attaching it to a KVM session.
Download 7.2 KVM image at:
- Use this link to download 7.2 RHEL qcow2 image (link last checked 3/15/2016)
Method 1, Red Hat Documentation, Recovering Root Password (with grub 2)
See Red Hat Enterprise Linux 7 System Administrator's Guide: Changing and Resetting the Root Password.
Method 2 - Using "guestfish" to change the Password for the root account
You can use guestfish to edit a running system under KVM virtualization:
- You can use "guestfish" to edit the /etc/shadow file and change the root password.
- Guestfish is an interactive shell that you can use from the command line or from shell scripts to access guest virtual machine file systems. (See example below):
- If needed, first install the guestfish rpm.
- Red Hat Enterprise Linux 7.x (This command will not work on Fedora, If you are using Fedora Linux, see next block)
yum -y install guestfish
Thanks Ben Woodard from Red Hat FEDORA LINUX 20
# yum -y install libguestfs-tools
- Import the qcow2 image into KVM. The image will be named something along the lines of: "rhel-guest-image-7.1-20150224.0.x86_64.qcow2", (as of July 2nd, 2015, the version will of course change over time)
- Change the password on the newly imported KVM to get on the pre-built system.
Example steps to change the root password using guestfish:
- This set of instructions is for use on the host system that has the kvm RHEL 7 guest. The following is from Red Hat solution ID 641193
- The syntax is: guestfish --rw -a <image-name>
- (Note, your system may be /dev/vda1, mine was /dev/sda1. Use the 'list-filesystems' command)
root@box1 # guestfish --rw -a ./rhel-guest-image-7.1-20150224.0.x86_64.qcow2
><fs> run
><fs> list-filesystems
><fs> mount /dev/sda1 /
><fs> vi /etc/shadow
NOTE: after you perform the following steps you use "quit" to exit.
DO NOT EXIT NOW, proceed with the following steps
- Replace the encrypted password (add it while you are still in vi).
This will set the password for the image permanently. - An encrypted password can be created using the openssl command (see an example below).
NOTE: Open a separate terminal window to create an encrypted password with the openssl command (see example just below)
Separate window, different terminal window
[root@someothersystem ~]# openssl passwd -1 changeme
$1$QiSwNHrs$uID6S6qOifSNZKzfXsmQG1
- There is a vi session open from the guestfish session mentioned above.
- Copy the output of the openssl command above and appropriately place it into the /etc/shadow file you have opened with vi.
When done type "quit"
><fs> quit
Responses
Successfully changed the pass ..
i tried to install gnome desktop but failed :p
Guru
6827 points
Glad it worked...
Regarding Gnome desktop... try Red Hat Solution ID 5238 at this link... If it fails, then open a new discussion in the discussion area and let us know how it goes.
Guru
6827 points
Will check this in about a week or so for rhel 7 host.
- However the instructions for the rhel 7 guest should still work. will check.
Guru
6827 points
I tested this for RHEL 7 today, works fine as written. The only difference is the name of the iso file [./rhel-guest-image-7.0-20140930.0.x86_64.qcow2]
The RHEL 7 yum command is still wrong "yum install libguestfs-tools"
Guru
6827 points
It will be a while before i can update this, did you by chance have the proper RPM for rhel7? I won't be able to look at this for a while, thanks
The only thing I'd add is to insert the openssl generated password into field 2 of /etc/shadow for the root user, or suggest man shadow to understand the file. Other than that, perfect.
Guru
6827 points
Thank you everyone for the input, apologies I have not had time to update this, I'm rather busy at the moment with priorities.
Red Hat
Pro
677 points
To help people find this, is it possible to add a link to this article to the description of the KVM Guest Image in the downloads section?
As indicated in the KCS: to make a note in case of suggestions:
- The Environment should be
- RHEL 7 - RHEL 6
It would be nice to have a clear method for each RHEL. I do not know about RHEL6 but on RHEL7 the easiest way to change the password is this: virt-customize -a undercloud.qcow2 --root-password password: IMO this should be the first method recommended since we are modifying a qcow2 image vs break into a server etc.
If another section to specify how to do the same thing on RHEL6 it would make this article even more clear.
Red Hat
Expert
935 points
I agree with Ruchika, there is an easier way to do this. I also remove "cloud-init" when I'm using Virtual Machine Manager / Boxes / VMware Workstation / etc...
Example for RHEL7
$ virt-customize -a rhel-guest-image-7.2-20160302.0.x86_64.qcow2 --root-password password:PASSW0RD --uninstall cloud-init
[ 0.0] Examining the guest ...
[ 12.1] Setting a random seed
[ 12.1] Uninstalling packages: cloud-init
[ 14.5] Setting passwords
[ 15.9] Finishing off
It also works for RHEL6
$ virt-customize -a rhel-guest-image-6.8-20160425.0.x86_64.qcow2 --root-password password:PASSW0RD --uninstall cloud-init
[ 0.0] Examining the guest ...
[ 14.5] Setting a random seed
[ 14.5] Uninstalling packages: cloud-init
[ 17.0] Setting passwords
[ 18.1] Finishing off
Ruchika Kharwar, John Call, thanks for the input, I'll look to add your bits to this,
Kind Regards
Also works in rhel 8.1
sudo virt-customize -a rhel-8.1-x86_64-kvm.qcow2 --root-password password:changeme --uninstall cloud-init
[ 0.0] Examining the guest ...
[ 2.3] Setting a random seed
[ 2.3] Uninstalling packages: cloud-init
[ 9.6] Setting passwords
[ 12.7] Finishing off
Red Hat
Expert
987 points
Here is a simple wrapper script with this kbase and a few others
!/bin/bash -x
# made by andrew puch
# https://access.redhat.com/discussions/664843
# Note:
# should there may be issues on rhel7 hyper-visor messing with rhel8
# see https://access.redhat.com/solutions/4073061
# also see other option to add more value to your script
#virt-customize --help
# sample run
# ./rh-rm-cloud-init.sh idm-rhel-8.4-x86_64-kvm.qcow2 changeme newhostname.example.com
#virt-customize -a idm-rhel-8.4-x86_64-kvm.qcow2 --root-password password:redhat --uninstall cloud-init
virt-customize -a $1 --root-password password:$2 --uninstall cloud-init --hostname $3
Sample run
./rh-rm-cloud-init.sh idm-rhel-8.4-x86_64-kvm.qcow2 changeme newhost.example.com
+ virt-customize -a idm-rhel-8.4-x86_64-kvm.qcow2 --root-password password:changeme --uninstall cloud-init
[ 0.0] Examining the guest ...
[ 9.0] Setting a random seed
[ 9.1] Setting the machine ID in /etc/machine-id
[ 9.1] Uninstalling packages: cloud-init
[ 21.2] Setting the hostname: idm-hub.lan
[ 21.3] Setting passwords
[ 33.5] Finishing off
