In this guided, 45-minute virtual lab, you will interrupt a CentOS7 Linux system as it starts, make the root filesystem accessible by mounting it and reset the root password. You will check success with the lab exercises by confirming the old root password fails, and the new root password works.
Beginners with experience in a Linux OS or who have used a command-line interface are ready to take this lab to successful completion. The entire challenge needs to be completed in one 45-minute sitting as a learner cannot return to finish up work in progress. The lab comes with the server and GUI packages pre-installed and the access as a non-privileged user.
System Administrators that have a background in getting hands-on Linux experience interrupting a boot process, mounting a file system, and resetting the root password, are more effective at their jobs. Some Linux applications and services require entering the “GRand Unified Bootloader” (GRUB) to boot from an older operating system. To make a filesystem available to Linux, even if it is a hard disk partition or storage device, a system administrator needs to know how to mount it.
Finally, knowing how to reset the root password helps to access a server with an unknown password. Also, this lab teaches the Cyber Operator and Cyber Defense Forensics Analysis a testing strategy to better secure Linux access.
Understanding the Scenario:
You are a system administrator responsible for Linux servers. You have inherited a server for which you do not know the root user password. You need to reset the unknown root password.
Reset the Root Password:
In this lab module, you enter the GRUB2 boot menu and edit its configurations to interrupt the default filesystem loading during the boot process. Then, you tell the computer to mount the system root filesystem, allowing read/write access.
You reset the root password and enable the Linux kernel security module to set up file labels to match the correct SELinux context. SELinux protects the server allowing users particular file access and updates only as designated by the system’s security policy.
If the server stores a large amount of data, then SELinux can take a long time to boot into the default. For this exercise, rebooting the machine takes a few minutes. You can restart the computer easily by choosing the lightning bolt icon on the upper left and then select “Reset.” The lightning bolt icon sits at the very top left of your screen, above the CentOS 7 contents.
Confirm the New Password:
You check your work in this lab exercise, by signing in as a non-privileged user and running the “su - root” command. The “su - root” changes the context so that a typical user can log into the root directory. First, you enter the old password and verify it fails to access the root directory. Then you put into the command-line the new password, the one to which you changed in the previous exercise. You confirm that the new password works. Then you exit root back to the non-privileged user account with its specified access.
Congratulations, you have completed the challenge mastering resetting the root password in a Linux server. You have also mastered:
- Interrupting the boot process to get to the Grub2 boot menu.
- Mounting a filesystem.
- Setting the SELinux relabeling to secure files.
- Changing the root password.
- Using Linux Terminal application to verify the root password changed as expected.
You have learned an essential troubleshooting technique to apply when software and services do not boot correctly. This fix can also access a filesystem if needed and reset the root password to use server functions.