n the field, it may become necessary to reset the root password on a Linux system. There are many ways to reset an unknown root password, to include LiveCDs and booting into single user mode. This document assumes the following
* The root password is unknown
* An account with sufficient permissions to reset the root password is unknown or unavailable.
* The sysadmin has access to edit the GRUB bootloader options.
* A normal boot into single user mode doesn’t work
Perform the following steps to boot Linux to a very minimal working shell:
* At the GRUB menu, where it says “Press Any key to enter the menu”, press ESCAPE
* Next, press ‘e‘ to edit the first kernel option.
* On the following screen, highlight the ‘kernel’ line using the arrow keys and press ‘e‘
* On the next screen, which should have a line that says ‘grub edit>’ append ‘init=/bin/sh‘ and press ENTER
* Finally, press ‘b‘ to boot the system.
This process passes the init=/bin/sh option to the kernel and tells it to run /bin/sh as init instead of the normal /sbin/init. By doing this, the normal init process is completely bypassed. Normal filesystem mounting via /etc/fstab is bypassed as well as any options in /etc/inittab such as the stanza that secures single-user mode (~:S:wait:/sbin/sulogin). Only the root filesystem is mounted, and even that is mounted read-only
Now, to reset the root password:
* mount the /proc filesystem (mount /proc)
* remount the root filesystem in read/write mode (mount -n -o remount,rw /)
* Reset the root password by doing any one of the following:
o edit /etc/shadow and replace the second field of root’s entry with a known password hash
o edit /etc/shadow and remove the second field of root’s entry. This will set root’s password to a blank value.
o mount the /usr partition (if it is a separate partition) and run /usr/bin/passwd to reset root’s password.
* issue the sync command to flush all uncommitted writes to disk.
* Power down the system manually (/sbin/shutdown, /sbin/init 0 , and /sbin/reboot) will not work
This process is known to work on both Linux!!!
Saturday, May 15, 2010
Monday, May 10, 2010
Creating Custom Ubuntu Live-CD With Remastersys
Install Remastersys in Ubuntu (http://sourceforge.net/projects/remastersys/files/ download lates version for Ubuntu 10.04)
The Remastersys repository needs to be added to your /etc/apt/sources.list
sudo vi /etc/apt/sources.list
Paste the following into the sources.list:
# Remastersys
deb http://www.remastersys.klikit-linux.com/repository remastersys/
Save and exit the file.
Update the source list using the following command
sudo apt-get update
Install remastersys using the following command
sudo apt-get install remastersys
This will complete the installation
Using Remastersys
In order to learn how you can use remastersys, run
sudo remastersys
remastersys Syntax
sudo remastersys backup|clean|dist [cdfs|iso] [filename.iso]
remastersys Examples
1) to make a livecd/dvd backup of your system
sudo remastersys backup
2) to make a livecd/dvd backup and call the iso custom.iso
sudo remastersys backup custom.iso
3) to clean up temporary files of remastersys
sudo remastersys clean
4) to make a distributable livecd/dvd of your system
sudo remastersys dist
5) to make a distributable livecd/dvd filesystem only
sudo remastersys dist cdfs
6) to make a distributable iso named custom.iso but only if the cdfs is already present
sudo remastersys dist iso custom.iso
cdfs and iso options should only be used if you wish to modify something on the cd before the iso is created. An example of this would be to modify the isolinux portion of the livecd/dvd
Creating An ISO Image
To create an iso image of your installation, simply run
sudo remastersys dist
This will create an iso image called customdist.iso in the /home/remastersys directory. The dist option makes that your personal folder (e.g. /home/rajat) will not be included in the iso image. You might have to insert your Ubuntu installation CD during the process.
This is how the end of the process looks:
[...]
92.16% done, estimate finish Tue MAY 11 13:31:20 2010
93.39% done, estimate finish Tue MAY 11 13:31:21 2010
94.62% done, estimate finish Tue MAY 11 13:31:22 2010
95.85% done, estimate finish Tue MAY 11 13:31:23 2010
97.08% done, estimate finish Tue MAY 11 13:31:24 2010
98.31% done, estimate finish Tue MAY 11 13:31:25 2010
99.54% done, estimate finish Tue MAY 11 13:31:26 2010
Total translation table size: 2048
Total rockridge attributes bytes: 3950
Total directory bytes: 9094
Path table size(bytes): 54
Max brk space used 0
406890 extents written (794 MB)
/home/remastersys/customdist.iso is ready to be burned or tested in a virtual machine.
Check the size and if it is larger than 700MB you will need to burn it to a dvd
796M /home/remastersys/customdist.iso
Clean Up
After you’ve burnt the iso image onto a CD/DVD, you can run
sudo remastersys clean
to remove all temporary file created during the iso generation as well as the /home/remastersys directory.
The Remastersys repository needs to be added to your /etc/apt/sources.list
sudo vi /etc/apt/sources.list
Paste the following into the sources.list:
# Remastersys
deb http://www.remastersys.klikit-linux.com/repository remastersys/
Save and exit the file.
Update the source list using the following command
sudo apt-get update
Install remastersys using the following command
sudo apt-get install remastersys
This will complete the installation
Using Remastersys
In order to learn how you can use remastersys, run
sudo remastersys
remastersys Syntax
sudo remastersys backup|clean|dist [cdfs|iso] [filename.iso]
remastersys Examples
1) to make a livecd/dvd backup of your system
sudo remastersys backup
2) to make a livecd/dvd backup and call the iso custom.iso
sudo remastersys backup custom.iso
3) to clean up temporary files of remastersys
sudo remastersys clean
4) to make a distributable livecd/dvd of your system
sudo remastersys dist
5) to make a distributable livecd/dvd filesystem only
sudo remastersys dist cdfs
6) to make a distributable iso named custom.iso but only if the cdfs is already present
sudo remastersys dist iso custom.iso
cdfs and iso options should only be used if you wish to modify something on the cd before the iso is created. An example of this would be to modify the isolinux portion of the livecd/dvd
Creating An ISO Image
To create an iso image of your installation, simply run
sudo remastersys dist
This will create an iso image called customdist.iso in the /home/remastersys directory. The dist option makes that your personal folder (e.g. /home/rajat) will not be included in the iso image. You might have to insert your Ubuntu installation CD during the process.
This is how the end of the process looks:
[...]
92.16% done, estimate finish Tue MAY 11 13:31:20 2010
93.39% done, estimate finish Tue MAY 11 13:31:21 2010
94.62% done, estimate finish Tue MAY 11 13:31:22 2010
95.85% done, estimate finish Tue MAY 11 13:31:23 2010
97.08% done, estimate finish Tue MAY 11 13:31:24 2010
98.31% done, estimate finish Tue MAY 11 13:31:25 2010
99.54% done, estimate finish Tue MAY 11 13:31:26 2010
Total translation table size: 2048
Total rockridge attributes bytes: 3950
Total directory bytes: 9094
Path table size(bytes): 54
Max brk space used 0
406890 extents written (794 MB)
/home/remastersys/customdist.iso is ready to be burned or tested in a virtual machine.
Check the size and if it is larger than 700MB you will need to burn it to a dvd
796M /home/remastersys/customdist.iso
Clean Up
After you’ve burnt the iso image onto a CD/DVD, you can run
sudo remastersys clean
to remove all temporary file created during the iso generation as well as the /home/remastersys directory.
Wednesday, May 5, 2010
Fedora NFS Server Configuration
1. Download and install NFS rpm package using yum
# yum -y install nfs-utils rpcbind
If you have an earlier Fedora versions
# yum -y intall nfs-utils portmap
2. Prepare and modify /etc/exports for sharing files, that would similar to as shown below
/home/NFS-files 192.168.100.0/24(ro,sync)
/home/NFS-share */26(rw,sync)
/ISO 192.168.100.0/24(ro,sync)
Save and exit.
Legend:
rw = for read/write access
ro = for read only access
* = allow any source request
/24 , /26 = IP network subnet
Create NFS folder and populate your NFS files you wish to share
# mkdir /home/NFS-files /home/NFS-share /ISO
# cp your-files /home/NFS-files
3. Start your NFS service
# service nfs start
# service rpcbind start
For earlier Fedora versions
# service portmap start
# service nfs start
If you wish to modify any other non-default NFS diretives, modify /etc/sysconfig/nfs .
To restart NFS service
# service nfs restart
# service rpcbind restart
For earlier Fedora versions, instead of rpcbind,
# service portmap restart
To monitor NFS stats
The nfsstat command displays statistical information about RPC calls.
# nfsstats
# nfsstats -o net
Further NFSman page
# man exports
# yum -y install nfs-utils rpcbind
If you have an earlier Fedora versions
# yum -y intall nfs-utils portmap
2. Prepare and modify /etc/exports for sharing files, that would similar to as shown below
/home/NFS-files 192.168.100.0/24(ro,sync)
/home/NFS-share */26(rw,sync)
/ISO 192.168.100.0/24(ro,sync)
Save and exit.
Legend:
rw = for read/write access
ro = for read only access
* = allow any source request
/24 , /26 = IP network subnet
Create NFS folder and populate your NFS files you wish to share
# mkdir /home/NFS-files /home/NFS-share /ISO
# cp your-files /home/NFS-files
3. Start your NFS service
# service nfs start
# service rpcbind start
For earlier Fedora versions
# service portmap start
# service nfs start
If you wish to modify any other non-default NFS diretives, modify /etc/sysconfig/nfs .
To restart NFS service
# service nfs restart
# service rpcbind restart
For earlier Fedora versions, instead of rpcbind,
# service portmap restart
To monitor NFS stats
The nfsstat command displays statistical information about RPC calls.
# nfsstats
# nfsstats -o net
Further NFSman page
# man exports
Thursday, April 29, 2010
Mysql with RHEL/Centos/Fedora
1. Identify the Group name of MySQL Packages
yum grouplist displays all package groups that are available in the repository. As shown below, mysql package group is called “MySQL Database”.
# yum grouplist | grep -i mysql
MySQL Database
2. What is bundled in the “MySQL Database” group?
yum groupinfo displays all the packages that are bundled in a group. This displays the mandatory, default and optional packages that are available in that particular group.
As shown below, “MySQL Database” group contains 1 mandatory package, 6 default packages, and 5 optional packages.
# yum groupinfo "MySQL Database"
Group: MySQL Database
Description: This package group contains packages useful for use with MySQL.
Mandatory Packages:
mysql
Default Packages:
MySQL-python
libdbi-dbd-mysql
mysql-connector-odbc
mysql-server
perl-DBD-MySQL
unixODBC
Optional Packages:
mod_auth_mysql
mysql-bench
mysql-devel
php-mysql
qt-MySQL
3. Install the “MySQL Database” group using yum groupinstall
yum groupinstall will install the “MySQL Database” group of packages as shown below.
# yum groupinstall "MySQL Database"
Resolving Dependencies
Dependencies Resolved
Transaction Summary
=========================
Install 12 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Installed:
MySQL-python.i386 0:1.2.1-1 libdbi-dbd-mysql.i386 0:0.8.1a-1.2.2
mysql.i386 0:5.0.77-4.el5_4.2 mysql-connector-odbc.i386 0:3.51.26r1127-1.el5
mysql-server.i386 0:5.0.77-4.el5_4.2 perl-DBD-MySQL.i386 0:3.0007-2.el5
unixODBC.i386 0:2.2.11-7.1
Dependency Installed:
libdbi.i386 0:0.8.1-2.1 libdbi-drivers.i386 0:0.8.1a-1.2.2
libtool-ltdl.i386 0:1.5.22-7.el5_4
mx.i386 0:2.0.6-2.2.2 perl-DBI.i386 0:1.52-2.el5
Complete!
Note: If you are having some issues during the installation, verify the full mysql install log to see what you are missing.
4. Verify MySQL Installation
Execute rpm -qa, to confirm that the mysql related packages are installed.
# rpm -qa | grep -i mysql
MySQL-python-1.2.1-1
mysql-5.0.77-4.el5_4.2
mysql-connector-odbc-3.51.26r1127-1.el5
mysql-server-5.0.77-4.el5_4.2
libdbi-dbd-mysql-0.8.1a-1.2.2
perl-DBD-MySQL-3.0007-2.el5
Check the /etc/passwd and /etc/group to make sure it has created a mysql username and group.
# grep mysql /etc/passwd
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
# grep mysql /etc/group
mysql:x:27:
5. MySQL Post installation – Execute mysql_install_db
mysql_install_db program will setup the necessary grant tables. The mysql_install_db program gets executed as part of the rpm installation. But, it doesn’t hurt to execute the mysql_install_db program again to make sure the grant tables are setup properly.
# /usr/bin/mysql_install_db --user=mysql
Installing MySQL system tables...OK
Filling help tables...OK
.....
The latest information about MySQL is available on the web at http://www.mysql.com
6. Start MySQL Server
# service mysqld status
mysqld is stopped
# service mysqld start
Starting MySQL: [ OK ]
7. Verify that the MySQL server is up and running.
# /usr/bin/mysqladmin version
/usr/bin/mysqladmin Ver 8.41 Distrib 5.0.77, for redhat-linux-gnu on i686
Copyright (C) 2000-2006 MySQL AB
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL license
Server version 5.0.77
Protocol version 10
Connection Localhost via UNIX socket
UNIX socket /var/lib/mysql/mysql.sock
Uptime: 39 sec
Threads: 1 Questions: 2 Slow queries: 0 Opens: 12 Flush tables: 1
Open tables: 6 Queries per second avg: 0.051
# /usr/bin/mysqlshow
+--------------------+
| Databases |
+--------------------+
| information_schema |
| mysql |
| test |
+--------------------+
# /usr/bin/mysqlshow mysql
Database: mysql
+---------------------------+
| Tables |
+---------------------------+
| columns_priv |
| db |
| func |
| help_category |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
Stop and start the mysql server again to make sure they are no issues.
# service mysqld stop
Stopping MySQL: [ OK ]
# service mysqld start
Starting MySQL: [ OK ]
8. Change the MySQL root account password
Change the MySQL root account password to something secure.
# mysql -u root
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.0.77 Source distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> select host, user from mysql.user;
+-----------+------+
| host | user |
+-----------+------+
| 127.0.0.1 | root |
| localhost | |
| localhost | root |
+-----------+------+
5 rows in set (0.00 sec)
mysql> set password for 'root'@'localhost' = PASSWORD('DoNotTell$AnyBody');
Query OK, 0 rows affected (0.00 sec)
mysql> set password for 'root'@'127.0.0.1' = PASSWORD('DoNotTell$AnyBody');
Query OK, 0 rows affected (0.00 sec)
Make sure you are able to login to MySQL using the new password as shown below.
# mysql -u root
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.0.77 Source distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>
yum grouplist displays all package groups that are available in the repository. As shown below, mysql package group is called “MySQL Database”.
# yum grouplist | grep -i mysql
MySQL Database
2. What is bundled in the “MySQL Database” group?
yum groupinfo displays all the packages that are bundled in a group. This displays the mandatory, default and optional packages that are available in that particular group.
As shown below, “MySQL Database” group contains 1 mandatory package, 6 default packages, and 5 optional packages.
# yum groupinfo "MySQL Database"
Group: MySQL Database
Description: This package group contains packages useful for use with MySQL.
Mandatory Packages:
mysql
Default Packages:
MySQL-python
libdbi-dbd-mysql
mysql-connector-odbc
mysql-server
perl-DBD-MySQL
unixODBC
Optional Packages:
mod_auth_mysql
mysql-bench
mysql-devel
php-mysql
qt-MySQL
3. Install the “MySQL Database” group using yum groupinstall
yum groupinstall will install the “MySQL Database” group of packages as shown below.
# yum groupinstall "MySQL Database"
Resolving Dependencies
Dependencies Resolved
Transaction Summary
=========================
Install 12 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Installed:
MySQL-python.i386 0:1.2.1-1 libdbi-dbd-mysql.i386 0:0.8.1a-1.2.2
mysql.i386 0:5.0.77-4.el5_4.2 mysql-connector-odbc.i386 0:3.51.26r1127-1.el5
mysql-server.i386 0:5.0.77-4.el5_4.2 perl-DBD-MySQL.i386 0:3.0007-2.el5
unixODBC.i386 0:2.2.11-7.1
Dependency Installed:
libdbi.i386 0:0.8.1-2.1 libdbi-drivers.i386 0:0.8.1a-1.2.2
libtool-ltdl.i386 0:1.5.22-7.el5_4
mx.i386 0:2.0.6-2.2.2 perl-DBI.i386 0:1.52-2.el5
Complete!
Note: If you are having some issues during the installation, verify the full mysql install log to see what you are missing.
4. Verify MySQL Installation
Execute rpm -qa, to confirm that the mysql related packages are installed.
# rpm -qa | grep -i mysql
MySQL-python-1.2.1-1
mysql-5.0.77-4.el5_4.2
mysql-connector-odbc-3.51.26r1127-1.el5
mysql-server-5.0.77-4.el5_4.2
libdbi-dbd-mysql-0.8.1a-1.2.2
perl-DBD-MySQL-3.0007-2.el5
Check the /etc/passwd and /etc/group to make sure it has created a mysql username and group.
# grep mysql /etc/passwd
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
# grep mysql /etc/group
mysql:x:27:
5. MySQL Post installation – Execute mysql_install_db
mysql_install_db program will setup the necessary grant tables. The mysql_install_db program gets executed as part of the rpm installation. But, it doesn’t hurt to execute the mysql_install_db program again to make sure the grant tables are setup properly.
# /usr/bin/mysql_install_db --user=mysql
Installing MySQL system tables...OK
Filling help tables...OK
.....
The latest information about MySQL is available on the web at http://www.mysql.com
6. Start MySQL Server
# service mysqld status
mysqld is stopped
# service mysqld start
Starting MySQL: [ OK ]
7. Verify that the MySQL server is up and running.
# /usr/bin/mysqladmin version
/usr/bin/mysqladmin Ver 8.41 Distrib 5.0.77, for redhat-linux-gnu on i686
Copyright (C) 2000-2006 MySQL AB
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL license
Server version 5.0.77
Protocol version 10
Connection Localhost via UNIX socket
UNIX socket /var/lib/mysql/mysql.sock
Uptime: 39 sec
Threads: 1 Questions: 2 Slow queries: 0 Opens: 12 Flush tables: 1
Open tables: 6 Queries per second avg: 0.051
# /usr/bin/mysqlshow
+--------------------+
| Databases |
+--------------------+
| information_schema |
| mysql |
| test |
+--------------------+
# /usr/bin/mysqlshow mysql
Database: mysql
+---------------------------+
| Tables |
+---------------------------+
| columns_priv |
| db |
| func |
| help_category |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
Stop and start the mysql server again to make sure they are no issues.
# service mysqld stop
Stopping MySQL: [ OK ]
# service mysqld start
Starting MySQL: [ OK ]
8. Change the MySQL root account password
Change the MySQL root account password to something secure.
# mysql -u root
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.0.77 Source distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> select host, user from mysql.user;
+-----------+------+
| host | user |
+-----------+------+
| 127.0.0.1 | root |
| localhost | |
| localhost | root |
+-----------+------+
5 rows in set (0.00 sec)
mysql> set password for 'root'@'localhost' = PASSWORD('DoNotTell$AnyBody');
Query OK, 0 rows affected (0.00 sec)
mysql> set password for 'root'@'127.0.0.1' = PASSWORD('DoNotTell$AnyBody');
Query OK, 0 rows affected (0.00 sec)
Make sure you are able to login to MySQL using the new password as shown below.
# mysql -u root
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.0.77 Source distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>
Subscribe to:
Posts (Atom)