Sunday, September 13, 2009

[Level 2] How to solve the problem if you forget user password in OpenSolaris?

If you have a user with root role, and forget the user password. How to solve this problem?
Steps as the following:

1. Use CD-ROM to boot.
  You can use CD-ROM to boot server first. If you don't have, please download the iso file and burn a new one for yourself.

2. Import pool and mount Boot Environment.
  Then you can import the "root disk" pool with the command "zpool import". At the same time, you should import the pool ( use option "-R" ) with alternative root. Ex.
# zpool import -R /tmp/rpool rpooliso

  When you try to change directory to the sub folder "etc" of "/tmp/rpool", and you will find out that the folder doesnot exist ( int this case, /tmp/rpool/etc ). Why? because when you import the pool, the Boot Environment will not be mounted, and you have to mount it manually. So you can use command "beadm" with "mount" sub-command then assign the "boot environment" and the "mount point". If you forget the BE, you can use "beadm list" to find it.
# beadm mount opensolaris /opensolaris


3. Modify User password.
  And you can clear the password field in shadow file.
# cd /tmp/rpool/opensolaris/etc
# vi shadow

  After you modify the shadow file, remember to umount the pool and modify the mountpoint by command zfs set.
# beadm umount opensolaris
# zfs set mountpoint=/ rpool/ROOT/opensolaris



4. Reboot and get into Single-User-Mode.
  When you clear the password field, you still cannot login from gnome-desktop. Because the empty password is not allowed. So you have to let your server boot into single-user-mode. But how? When the server show grub menu, press "e" and add "-s" at the last position of command "kernel" and press "b" to boot. In single-user-mode, you can press enter to login the system without password. Ex.
grub> kernel$ /platform/i86pc/kernel/$ISADIR/unix -B $ZFS-BOOTFS -s
 
5. Change password with command "passwd".
  Last, you can change the password with command "passwd".
# passwd stanley

Wish this helps.

regards,
Stanley Huang