Thursday, January 12, 2012

Reset root password for Xen Virtual Machine.


If we want to reset password for the vm named "problem.vm"


1.Check whether the vm is running or not.


root@main#xm list
Name                                      ID Mem(MiB) VCPUs State   Time(s)
Domain-0                                   0     1024     8 r----- 689689.3
problem                                    0     1024     8 r----- 425100.8


2. Locate the configuration file for the vm. Mostly the config paths will be /etc/xen/

root@main#vi /etc/xen/problem.cfg


you can find the path of the disk image of the particular xen vm.


for ex:
disk = ['phy:/dev/VolGroup01/xenvpsa_rootimg,sda1,w',
'phy:/dev/VolGroup01/xenvps_vmswap,sda2,w']


The above lines meant that the disk image path is "/dev/VolGroup01/xenvpsa_rootimg".


3. Mount that disk image in anothe place. Just create a folder named test and mount the image.


root@main#mkdir /test
root@main#mount /dev/VolGroup01/xenvpsa_rootimg /test


4.Change the root environment to the mounted image using chroot command.


root@main#chroot /test


5.Chnage the password as ususual using passwd command


root@problem#passwd root


passwd: Authentication token lock busy
passwd: password unchanged


If you receive this error while changing the password. follow below steps.


mount -o remount,rw / 
then try changing the root password.


If you still not able to reset.


pwconv /etc/passwd 


surely you will be able to change root password.


6. exit the chrooted environment.


The above steps are necessary only if you are not able to boot the VM in single user mode. Xen vm can boot in to single user mode.


root@main#xm create -c /etc/xen/problem.cfg


you will be showed the grub menu to select Kernels to start boot, here you can use the linux single method to boot in to the single user mode.


If you have file system errors, you cannot enter in to the vm instead you will enter in to automatic fsck. If that automatic fsck is completed successfully then you
will enter in to the single user mode otherwise you will be displayed by the error message below.(just major part of the errors)




/dev/hda2: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY.
        (i.e., without -a or -p options)
fsck died with exit status 4
failed (code 4).
An automatic file system check (fsck) of the root filesystem failed. A manual fsck must be performed, then the system restarted. The fsck should be performed in maintenance mode with the root filesystem mounted in read-only mode. failed!
The root filesystem is currently mounted in read-only mode. A maintenance shell will now be started. After performing system maintenance, press CONTROL-D to terminate the maintenance shell and restart the system. (warning).
Give root password for maintenance
(or type Control-D to continue):


Our current task is to reset the root password, but we are now in the situation like old root password is necessary. We have fix for this also.


like explained above mount the problem vm disk image in anothe mount point.


for ex:
mount -o loop /dev/VolGroup01/xenvpsa_rootimg /test


then edit the shadow file,


vi /test/etc/shadow
root:$6$GkB2ABuH$cjZCeh3JaT2ZnfIO7yz.743luzCpRx/dTgwccWZ/wUeLZu.PYHuG8/qzMezcaj9r37pOud1xheM2TLSq1WkVB0:15289:0:99999:7:::
bin:$1$RPTybk9p$k7lUO/hkluqGUfEZlcFhk/:14884:0:99999:7:::
daemon:*:15042:0:99999:7:::
sys:*:15042:0:99999:7:::
sync:*:15042:0:99999:7:::
games:*:15042:0:99999:7:


Change the root like below and save the file.
root::15289:0:99999:7:::


Now root has no password.


Give root password for maintenance
(or type Control-D to continue):


when you are showed by this just type enter you can enter in to the server. Run fsck manually and reset the root password without fail.


That's it we have done