Chapter 21. Changing and resetting the root password

If the existing root password is no longer satisfactory or is forgotten, you can change or reset it both as the root user and a non-root user.

21.1. Changing the root password as the root user

You can use the passwd command to change the root password as the root user.

Prerequisites

  • Root access

Procedure

  • To change the root password, use: 

    # passwd

    You are prompted to enter your current password before you can change it.

21.2. Changing or resetting the forgotten root password as a non-root user

You can use the passwd command to change or reset the forgotten root password as a non-root user.

Prerequisites

  • You are able to log in as a non-root user.
  • You are a member of the administrative wheel group.

Procedure

  • To change or reset the root password as a non-root user that belongs to the wheel group, use: 

    $ sudo passwd root

    You are prompted to enter your current non-root password before you can change the root password.

21.3. Resetting the root password on boot

If you are unable to log in as a non-root user or do not belong to the administrative wheel group, you can reset the root password on boot by switching into a specialized chroot jail environment.

Procedure

  1. Reboot the system and, on the GRUB 2 boot screen, press the e key to interrupt the boot process.

    The kernel boot parameters appear. 

    load_video
set gfx_payload=keep
insmod gzio
linux ($root)/vmlinuz-5.14.0-70.22.1.e19_0.x86_64 root=/dev/mapper/rhel-root ro crash\
kernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv/swap rhgb quiet
initrd ($root)/initramfs-5.14.0-70.22.1.e19_0.x86_64.img $tuned_initrd

  2. Go to the end of the line that starts with linux. 

    linux ($root)/vmlinuz-5.14.0-70.22.1.e19_0.x86_64 root=/dev/mapper/rhel-root ro crash\
kernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv/swap rhgb quiet

    Press Ctrl+e to jump to the end of the line.

  3. Add rd.break to the end of the line that starts with linux. 

    linux ($root)/vmlinuz-5.14.0-70.22.1.e19_0.x86_64 root=/dev/mapper/rhel-root ro crash\
kernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv/swap rhgb quiet rd.break

  4. Press Ctrl+x to start the system with the changed parameters.

    The switch_root prompt appears.

  5. Remount the file system as writable: 

    mount -o remount,rw /sysroot

    The file system is mounted as read-only in the /sysroot directory. Remounting the file system as writable allows you to change the password.

  6. Enter the chroot environment: 

    chroot /sysroot

    The sh-4.4# prompt appears.

  7. Reset the root password: 

    passwd

    Follow the instructions displayed by the command line to finalize the change of the root password.

  8. Enable the SELinux relabeling process on the next system boot: 

    touch /.autorelabel

  9. Exit the chroot environment: 

    exit

  10. Exit the switch_root prompt: 

    exit
  11. Wait until the SELinux relabeling process is finished. Note that relabeling a large disk might take a long time. The system reboots automatically when the process is complete.

Verification steps

  1. To verify that the root password is successfully changed, log in as a normal user and open the Terminal.

  2. Run the interactive shell as root: 

    $ su
  3. Enter your new root password.

  4. Print the user name associated with the current effective user ID: 

    whoami

    The output returns: 

    root