<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
On 09/29/2011 07:21 PM, <a class="moz-txt-link-abbreviated" href="mailto:richardkimber@btinternet.com">richardkimber@btinternet.com</a> wrote:<span
class="Apple-style-span" style="border-collapse: separate; color:
rgb(0, 0, 0); font-family: 'Times New Roman'; font-style: normal;
font-variant: normal; font-weight: normal; letter-spacing: normal;
line-height: normal; orphans: 2; text-indent: 0px; text-transform:
none; white-space: normal; widows: 2; word-spacing: 0px;
font-size: medium;"><span class="Apple-style-span" style="color:
rgb(51, 51, 51); font-family: UbuntuBeta,Ubuntu,'Bitstream Vera
Sans','DejaVu Sans',Tahoma,sans-serif; font-size: 12px;
line-height: 18px;">
<h2 style="margin: 0px 0px 8px; padding: 8px 0px 0px; font-size:
24px; font-weight: normal; line-height: 28px;">Resetting the
root password when all privileged access is lost</h2>
<div class="column-content" style="margin: 0px 0px 16px;
padding: 0px;">
<div id="article-metadata" style="margin: 0px 0px 2em 2em;
padding: 0.5em; float: right; border: 1px solid rgb(203,
193, 183); background-color: rgb(245, 242, 241); width:
22em;">
<div id="metadata-content" style="margin: 0px; padding:
0.5em;">
<dl style="margin: 0px 1em 0px 2em; padding: 0px;">
<dt class="label" style="margin: 0px; padding: 0px;
font-weight: bold;">Created at:</dt>
<dd style="margin: 0px 0px 0px 1em; padding: 0px;">Wed
12 Aug 2009, 16:36</dd>
<dt class="label" style="margin: 0px; padding: 0px;
font-weight: bold;">Last updated at:</dt>
<dd style="margin: 0px 0px 0px 1em; padding: 0px;">Tue 5
Jul, 21:27</dd>
</dl>
<dl style="margin: 0px 1em 0px 2em; padding: 0px;">
<dt class="label" style="margin: 0px; padding: 0px;
font-weight: bold;">Categories:</dt>
<dd style="margin: 0px 0px 0px 1em; padding: 0px;">
<ul style="margin: 0px 1em 1em 2em; padding: 0px;">
<li style="margin: 0px; padding: 0px;
list-style-type: none;"><a
href="https://landscape.canonical.com/account/pophorea/kb/category/53"
style="color: rgb(221, 72, 20); text-decoration:
none;">10.04 LTS (Lucid Lynx)</a></li>
<li style="margin: 0px; padding: 0px;
list-style-type: none;"><a
href="https://landscape.canonical.com/account/pophorea/kb/category/54"
style="color: rgb(221, 72, 20); text-decoration:
none;">10.10 (Maverick Meerkat)</a></li>
<li style="margin: 0px; padding: 0px;
list-style-type: none;"><a
href="https://landscape.canonical.com/account/pophorea/kb/category/63"
style="color: rgb(221, 72, 20); text-decoration:
none;">11.04 (Natty Narwhal)</a></li>
<li style="margin: 0px; padding: 0px;
list-style-type: none;"><a
href="https://landscape.canonical.com/account/pophorea/kb/category/6"
style="color: rgb(221, 72, 20); text-decoration:
none;">6.06 LTS (Dapper Drake)</a></li>
<li style="margin: 0px; padding: 0px;
list-style-type: none;"><a
href="https://landscape.canonical.com/account/pophorea/kb/category/14"
style="color: rgb(221, 72, 20); text-decoration:
none;">8.04 LTS (Hardy Heron)</a></li>
<li style="margin: 0px; padding: 0px;
list-style-type: none;"><a
href="https://landscape.canonical.com/account/pophorea/kb/category/40"
style="color: rgb(221, 72, 20); text-decoration:
none;">CLI</a></li>
<li style="margin: 0px; padding: 0px;
list-style-type: none;"><a
href="https://landscape.canonical.com/account/pophorea/kb/category/47"
style="color: rgb(221, 72, 20); text-decoration:
none;">Security</a></li>
</ul>
</dd>
</dl>
</div>
<div class="no-print" style="margin: 0px; padding: 1em 0px
0px; text-align: center;">
<form class="no-print"
action="https://landscape.canonical.com/account/pophorea/kb/article/2434/vote"
method="post" name="vote-form" id="vote-form"
style="margin: 0px; padding: 0px;">Was this article
helpful to you?
<div style="margin: 0px; padding: 1em 0px 0px;"><input
class="button" name="helpful" value="Yes"
style="margin: 10px 8px 10px 0px; padding: 3px 8px;
font-family: inherit; font-size: inherit;
font-weight: normal; background-color: rgb(170, 163,
143); color: rgb(255, 255, 255); border: 1px ridge
rgba(255, 255, 255, 0.2); cursor: pointer;"
type="submit"><span class="Apple-converted-space"> </span><input
class="button" name="unhelpful" value="No"
style="margin: 10px 8px 10px 0px; padding: 3px 8px;
font-family: inherit; font-size: inherit;
font-weight: normal; background-color: rgb(170, 163,
143); color: rgb(255, 255, 255); border: 1px ridge
rgba(255, 255, 255, 0.2); cursor: pointer;"
type="submit"></div>
</form>
</div>
</div>
<div id="article-content" style="margin: 0px; padding: 0px;">
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">Imagine the following scenario:</p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">a) A colleague has set a password
for the root user<br>
b) This colleague was the sole member of the admin group<br>
c) This colleague has left the company</p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">How do you regain administrator
privileges? You do not have direct access to the root user
because a password has been set. You also do not have
indirect access (via sudo) because you are not a member of
the admin group.</p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">This article will present two
ways to rectify these two issues.</p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;"><strong style="font-style:
normal; font-weight: bold;">Solution #1</strong></p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">1. Boot up with a Ubuntu live CD
(normal Desktop install CD) and enter a live graphical
session.<br>
2. Mount the partitions containing both the / and /usr
directories of your Ubuntu installation. 99.99% of the
time they are on the same partition (say it's /dev/sda1 in
this example):</p>
<pre style="margin: 0px 0px 1em; padding: 5px; font-family: 'Ubuntu Mono',Monaco,Consolas,Inconsolata,'Courier New',monospace; font-size: 14px; background-color: rgb(240, 238, 230); border: 1pt solid rgb(193, 180, 150); overflow: auto;">$ sudo mount /dev/sda1 /mnt
</pre>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">The above can also be
accomplished in GNOME by clicking on the partition (drive
icon) under Places in the top menu (Panel).</p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">3. Change the root password:</p>
<pre style="margin: 0px 0px 1em; padding: 5px; font-family: 'Ubuntu Mono',Monaco,Consolas,Inconsolata,'Courier New',monospace; font-size: 14px; background-color: rgb(240, 238, 230); border: 1pt solid rgb(193, 180, 150); overflow: auto;">$ sudo chroot /mnt passwd root
</pre>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">Alternatively you can restore the
Ubuntu default of not giving root a password at all:</p>
<pre style="margin: 0px 0px 1em; padding: 5px; font-family: 'Ubuntu Mono',Monaco,Consolas,Inconsolata,'Courier New',monospace; font-size: 14px; background-color: rgb(240, 238, 230); border: 1pt solid rgb(193, 180, 150); overflow: auto;">$ sudo chroot /mnt usermod -p '!' root
</pre>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">And now put a user (peter in this
example) in the admin group:</p>
<pre style="margin: 0px 0px 1em; padding: 5px; font-family: 'Ubuntu Mono',Monaco,Consolas,Inconsolata,'Courier New',monospace; font-size: 14px; background-color: rgb(240, 238, 230); border: 1pt solid rgb(193, 180, 150); overflow: auto;">$ sudo chroot /mnt adduser peter admin
</pre>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">4. Boot normally (from the hard
disk) and ensure that the user peter can gain root
privileges via the sudo command.</p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">As user peter:</p>
<pre style="margin: 0px 0px 1em; padding: 5px; font-family: 'Ubuntu Mono',Monaco,Consolas,Inconsolata,'Courier New',monospace; font-size: 14px; background-color: rgb(240, 238, 230); border: 1pt solid rgb(193, 180, 150); overflow: auto;">$ sudo ls
</pre>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">And that your root password has
been properly set:</p>
<pre style="margin: 0px 0px 1em; padding: 5px; font-family: 'Ubuntu Mono',Monaco,Consolas,Inconsolata,'Courier New',monospace; font-size: 14px; background-color: rgb(240, 238, 230); border: 1pt solid rgb(193, 180, 150); overflow: auto;">$ su - root
# exit
</pre>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;"><strong style="font-style:
normal; font-weight: bold;">Solution #2</strong></p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">Instead of booting with external
media you can try booting into recovery mode with the
following kernel boot option:</p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;"><strong style="font-style:
normal; font-weight: bold;">init=/bin/bash</strong></p>
<p style="margin: 0px 0px 8px; padding: 0px; font-size:
12px; max-width: 544px;">This should give you a root
shell. You would then continue with the commands:</p>
<pre style="margin: 0px 0px 1em; padding: 5px; font-family: 'Ubuntu Mono',Monaco,Consolas,Inconsolata,'Courier New',monospace; font-size: 14px; background-color: rgb(240, 238, 230); border: 1pt solid rgb(193, 180, 150); overflow: auto;"># mount -o remount,rw /
# passwd root (or usermod -p '!' root)
# adduser peter admin
</pre>
<br class="Apple-interchange-newline">
</div>
</div>
</span></span>
</body>
</html>