chroot - change root

[viking60]

Don't abuse this and only use it on your own systems!
When using the ultimate rescue tools we sometimes need to perform commands on the system we are rescuing.

Our liveCD will access the rescue system but you cannot run native commands on the computer you are rescuing - not out of the box.

So from our rescue system I fire up SystemrescueCD and mount the system I try to rescue - let us say it is a Mageia computer:

Code: Select all

mkdir /mnt/mageia

and then

Code: Select all

mount /dev/sda1 /mnt/mageia

I found that my Mageia partition was on /dev/sda1 with

Code: Select all

fdisk -l

You will get an even better overview if you use:

Code: Select all

 fsarchiver probe simple

That is it; you can now do a CD to /mnt/mageia and browse the content of your Mageia system. But you will notice that the Mageia local commands do not work.

You may also want to mount these to make the environment work better:

Code: Select all

mount -t proc proc proc/
mount --rbind /sys sys/
mount --rbind /dev dev/
mount --rbind /run run/

So I have this need to change the lost password on Mageia because I cannot log into it anymore
to achieve this I need to change root or chroot:

Code: Select all

chroot /mnt/mageia /bin/bash

This switches you to the root system of Mageia and runs the Bash shell as root.
(You need to be root for this but you always are with SystemrescueCD so that is no problem)
Now you can try urpmi etc and it will work (sort of) but I want to change my password....

so I simply do a

Code: Select all

passwd viking

..and get nicely prompted for a new password to enter -twice.
So far so good and then .. an error message.

Code: Select all

passwd: Authentication token manipulation error

There seem to be some built in security mechanisms so I will have to drop the changing part and simply delete the password I have forgotten then:

Code: Select all

passwd -d viking

again confirm etc and...success
...
Time to clean up then
CTRL+D to jump out of the chroot environment and then a CD to ~/ before:

Code: Select all

umount /mnt/mageia

...
I rebooted and logged right in without a password.

..And set a new password that I remember in the Mandriva Control Center.

Our rescue system works!

The challenge I had to face here was that Mageia did not accept the password change - on the fly. Mageia does accept the deletion of a password though so that you can set a new one from within Mageia.

Other distros will let you change the password on the fly.
Other tools in the Viking toolbox like Rescatux will simply fail when trying to change the password with a "something went wrong" message - so Mageia is stubborn.

But in the end it could not resist the feroucious berserk attack
Other distros like Debian do behave better.
I can chroot into it and update with apt-get and change the password on the fly - no problem. If you simply want to change your password; Rescatux will probably be easier to use and it works just fine (with all except Mageia Fedora and Centos).

[viking60]

To make this work in Centos we need a different approach.
Centos 7 comes with one small boot partition (/dev/sda1) and one partition that has a LVM2_member "file system" (/dev/sda2). This is not recognized by the rescue disk so we have to work some magic before we can mount it (in SystemrescueCD).
I made two directories as mount points:

Code: Select all

mkdir /mnt/sda1

and

Code: Select all

mkdir /mnt/sda2

I mounted the first one

Code: Select all

mount /dev/sda1 /mnt/sda1

but it was impossible to mount the second one with:

Code: Select all

mount /dev/sda2 /mnt/sda2

because of LVM2.
So here is the magic:

Code: Select all

modprobe dm-mod

then

Code: Select all

vgchange -ay

next we do a

Code: Select all

lvscan

This will come up with partitions like:
ACTIVE '/dev/centos/root' [26.06 GB] inherit
And now we can mount this;

Code: Select all

mount /dev/centos/root /mnt/sda2

also mount proc

Code: Select all

mount -t proc proc /proc

This might come up with a message that proc was already mounted but just ignore it; it is a lie

And from there it is the same:

Code: Select all

chroot /mnt/sda2 /bin/bash

While you are in there go to (edit) /etc/sysconfig/selinux and disable SElinux; as in set it to disabled You will have trouble booting if it is on and even get a kernel panic.
(You can start enforcing SElinux from within Centos again later)

And oh wonder; we are in the Centos 7 system and can change the password or update with yum update - it works!
This procedure also works perfectly on Fedora 22.

[viking60]

This is the RescueCD way.
To simply recover the password you can add init=/bin/sh to the kernel line during boot and do the passwd routine.

(in Mageia you hit F3 on the boot menu; on others you hit e and edit the kernel line) .
This works on some distros like Arch and Debian but not on Fedora and Centos.

But you may have to disable SELinux, install a program, update in the same session and that can only be done with a Live rescueCD/DVD/Dongle.

To prevent the init=/bin/sh routine you can set a password on the boot process. If that is done then you need the RescueCD method anyway and chroot.

And even so; the boot password can be "fixed" by our Viking /DVD too - I may get back to that....

[dedanna1029]

Wow... I've always wondered about chroot.

I'm going to keep this handy.

[viking60]

Yes it is all tested and it works. chroot was rocket science for me too for a long time; then I got confused on a higher level.
Combined with our Live CD/DVD/Dongle it is a powerful thing. Remember to make your dongles and DVD's work before everything breaks down this time

The only thing I did not test was OpenSuse. But why use it? Mageia is much better if you are a RPM control center person.
This tip should work even by the "monkey see monkey do" method.

It is a good idea to play around with this in virtual machines. I have lots of different distros installed on them and I have the viking.iso in the "CD-player" because the first option there is "boot from harddisk" so it does not matter that the system boots from CD.

From there I test these things ..and learn a lot. I Fubar things and get kernel panics and when I have got it straight I report about it here
My Centos was really broken and could not boot so I had to get it up again with the viking.iso.

[dedanna1029]

Wooooooooooowww...

[viking60]

Naturally you can change the password of a Windows system too with this but there are other tools on our Rescue system that will achieve that easier.
This is not directly chroot relevant but goes to the task I chose to demonstrate.
Anyway; here is how you do it:

FInd the Windows partition with

Code: Select all

fdisk -l

You will find something like
/dev/sda3 (NTFS)
Make the mount point:

Code: Select all

mkdir /mnt/windows

Then we use the ntfs command:

Code: Select all

ntfs -3g /dev/sda3 /mnt/windows -o force

This will mount your Windows to /mnt/windows.
Next you need to go to this location:

Code: Select all

cd /mnt/windows/Windows/System32/config

List the Windows accounts in the SAM database with the chntpw command:

Code: Select all

chntpw -l SAM

This will produce a list of user account names.

So let us say that we found "viking" and want to change that account:

Code: Select all

chntpw -u "viking"

This will present a menu with various options. Here you pick 1 and hit ENTER this will reset your password.
confirm etc.
Reboot and you will now log in to Windows without a password.

Mission accomplished

Edit: on Windows 8 and 10 you need to turn off fastboot before you can do this (Windows 8/10 do not really boot - they hibernate):
Open a cmd window as administrator and type:

Code: Select all

powercfg /h off

To do it "nicely" you can also do it via the control panel

[dedanna1029]

Thank you so so much. Although I've not had to do it, I would have at one point this time around of using Windows and Linux both, but since chroot and these other commands I wasn't familiar with due to not using them, I ended up reinstalling. It's what I always did before too. It would probably be a lot easier with chroot to fix things. I'm adding these notes to leafpad so it's a matter of "nano chroot.txt" to remind me what to do when I need it.

[viking60]

I tried to chroot into a Manjaro install that was Luks encrypted with our LiveCD using SystemRescueCD:

Code: Select all

root@sysresccd /root % fsarchiver probe simple
[======DISK======] [=============NAME==============] [====SIZE====] [MAJ] [MIN]
[sda             ] [VBOX HARDDISK                  ] [    40.84 GB] [  8] [  0]
[sr0             ] [CD-ROM                         ] [     2.24 GB] [ 11] [  0]

[=====DEVICE=====] [==FILESYS==] [======LABEL======] [====SIZE====] [MAJ] [MIN]
[loop0           ] [squashfs   ] [<unknown>        ] [   335.78 MB] [  7] [  0]
[sda1            ] [ext2       ] [ManjaroBoot      ] [   255.00 MB] [  8] [  1]
[sda2            ] [crypto_LUKS] [<unknown>        ] [    37.45 GB] [  8] [  2]
[sda5            ] [swap       ] [ManjaroSwap      ] [     3.14 GB] [  8] [  5]
root@sysresccd /root % cryptsetup open /dev/sda2 root
Enter passphrase for /dev/sda2:

root@sysresccd /root % mount /dev/mapper/root /mnt

root@sysresccd /root % cd /mnt

root@sysresccd /mnt % ls
bin   home                lost+found  proc                 sbin  usr
boot  kde-image-pkgs.txt  media       root                 srv   var
dev   lib                 mnt         root-image-pkgs.txt  sys
etc   lib64               opt         run                  tmp
root@sysresccd /mnt % systemd-nspawn
zsh: command not found: systemd-nspawn
root@sysresccd /mnt % mount -t proc proc proc/
root@sysresccd /mnt %  mount --rbind /sys sys/
root@sysresccd /mnt %  mount --rbind /dev dev/
root@sysresccd /mnt %  mount --rbind /run run/
root@sysresccd /mnt % chroot /mnt /bin/bash


This enabled me to run Pacman on a Luks encrypted partition.

Just needed to write this down because I will probably not remember it

[dedanna1029]

It's just that post right there of yours among others that I'm thinking about for this. I noticed there's quite a few that go unanswered. I don't think that's right, but also can't react right now (no computer again).
BUT I like it!