Reset Root Password - RHCSA v9 Review 

Great job!

I also didnt knew this was using rd.break and couldn't enter in

Wishing you the best for your rhcsa!

Congrats! I'm also finishing watching the series. I've also used Sander van Vugt's materials along the journey. Could you share any additional marathon resources you practiced with to get specifically prepared for the exam?

@@samuelalbershtein3122 Hmm it wasn't anything special. I simply watched a lot of RHCSA practice playlist like this one (which you can simply do a youtube search on) and read the relevant man-pages a lot (so that I'd know what to search when I forgot the command syntax). That, and also putting together a logbook that summarizes what I've learned daily (mostly just relevant command syntax, screenshots from practice videos, and some personal comment) Good luck on your preparation! Hope you can pass like I did!

@@airev8158 Thanks!

Thank you for sharing your experience, I really value it! When I get back to making more content I will try to present backup methods for cases when certain shortcuts like the one shown don’t work as planned. Looking back now, compared to when the video was published, I didn’t expect such a wide spectrum between the method succeeding and failing for others since it worked in my testing. However, it was a valuable learning for me to be more careful when demonstrating things that even slightly deviate from product documentation. Again, your kind words were appreciated! Have a great day

Awesome! Thank you!

what materials did you use to study?

Hey@@nlvon I mostly used the RHCSA course on KodeKloud. I set up a RHEL VM to practice and read through --help & man pages a lot. I also did a short course on Bash scripting as I was not familiar with that all that much (LearnLinuxTV, it's free) and a lot of regex/grep/egrep/sed practice. Beanology's videos provided a nice summary and deep-dive on some of the topics. Good luck! It's a cool cert to get :)

Contratulations Marek! Can you share some tips for the exam?

Are u unable to crack root password on ur 1st attempt? I'm curious to know what happens when we fail

Hi, I think it’s best to understand both methods so you are always prepared no matter what release of RHEL 9 they give you on the exam. Understanding how rdbreak and pivoting with chroot from the initramfs teaches valuable information about how the system boots so it’s always nice to be aware of it. On very early versions of RHEL 9.0, the rd.break way is likely to ask for the root password in order to proceed and you might have to try your hand at the rescue kernel to see if it allows you through if you want to use rdbreak on those early versions. The method I demo in the vid will work on all early and recent versions of RHEL 9 which is why I decided to focus on that one in particular. Thanks for asking

Thank you ☺️

RHEL 9.4 is already around the corner to be released in May and 9.0 is going to be 2 years old. It’s certainly possible they have moved on to a newer minor release.

@@beanologi I took the exam yesterday. They are still using RHEL 9.0 and I can confirm rd.break does not work.

Hi. First off, in my experience, sh and bash should work very similar as the sh binary is often just a symbolic link to bash. I’ve seen an occasional issue from my testing where the early boot doesn’t load very consistently and I get a different behavior than usual but that’s just the consequence of interrupting the boot process and the fact that the boot process parallelizes its jobs. In the second case you described, I’m not sure what you meant by it “didn’t work”. I guess it could be a sudo related issue since you said ‘su root’ still works. You can isolate the problem further by doing ‘su - root’ without sudo to confirm that the root login shell works correctly as the dash uses login shell. I’m glad you enjoyed the video, thank you for your kind comment.

Thanks! At this time the RHCSA playlist does not cover every objective. Most of the big ones are there but it is still missing topics such as LVM, tuned, NTP, and Sudo configuration. They are just future video ideas for right now. Again, your feedback is greatly welcomed! 😊👍

​@@beanologi Well I won't be too greedy now, your videos have been a good source of study material, I plan to take my RHCSA, do you know of any other good sources that I could use?

@@danielngo9516 For each objective you find on Red Hat's website, look for the corresponding Red Hat documentation pages for those specific things. That is how I reviewed before I took my RHCSA and is also a good way to get Red Hat's perspective on product expertise. I also gathered background knowledge using books about the RHCSA from various publishers. What helped the most though was to experiment and try to break things or find tricky pain points when using the software hands-on. I try to simulate that trial-and-error process in my videos but nothing beats practicing individually. Best of luck with your planned RHCSA!

Hi there, what you brought up is an excellent point. Usually restorecon is the preferred method to make labels on files align with the SELinux policy and ensures that you are properly maintaining the SELinux policy settings. However, I want to clarify that in this case, we are using the chcon command to change the file context of shadow to the exact context label that it is supposed to be and what the SELinux policy already recognizes it should be. It will persist just fine and survive a file system relabeling because it matches what the relabeling would apply anyways. What chcon does to files is not inherently transient, it just sets file system metadata and that metadata won’t go anywhere until it is explicitly changed with another file system relabeling or something similar (and that label change will only occur if there is a real discrepancy between the policy and the context label). Relabeling the file system is a common maintenance task to catch mislabeled files that do not align with the policy specs. What was done on the shadow file in Thai video does align with the policy so it’s all good 👍 . It is true that chcon makes it easier to set inappropriate labels on files when used improperly though. I appreciate your comment and hope this clarifies things. Take care!

Hi, it is unfortunate you got that result. To your question, if the node that didn’t start was the one you needed to reset the password on, then the two could be correlated, but it isn’t the most likely thing given that the shown method either works fine or fails in a very apparent way (like not being able to login to root). Since we are talking about a no boot situation, it is possible there could be a part of the early startup (like the mounting remote file systems objective) that may have stalled the machine from bringing itself up as well. In general, during Red Hat exams, it is highly recommended to restart your machines every now and then to validate your work. I hope that helps. Wishing you the best!

@@beanologi Thanks for all the videos and you responds ofcourse.

That part was referring to the ctrl+alt+delete key sequence which typically triggers a restart on many Linux text-console environments when performed on the physical keyboard. There are also ACPI hardware events that can also tell the OS to reboot and those are often easily exposed in virtual machine tooling to send a power state message to VM to politely power off or reboot it. You would use these means of initiating reboots when you can’t log in and run a command like `reboot` in cases where you don’t know the user password. Hope that helps answer your question.

@@beanologi Thanks!

Hi. Depending on how grub is configured, continuously pressing the F8 key or shift key as the bootloader loads itself could be one way to interrupt it. However, in situations where the bootloader has any interactive features disabled, your next option would likely be to boot the machine with an external recovery media to gain access to the system files and reset the root password. The RHCSA is looking to see if you can work with a standard RHEL environment which doesn’t have any extreme measures taken to prevent you from interrupting the bootloader.

@@beanologiOk. So, in RHCSA we will have access to boot-menu right? GRUB_TIMEOUT will not be 0? At least in the RH134 Labs machines, GRUB_TIMEOUT is changed when you start the lab to practise root password reset.

What you are taught in the Red Hat courses is going to be sufficient to function on the Red Hat exam. The RH134 lab script is just trying to give you a fair shot to reset the password by increasing the timeout for your practice and the exam itself is also a fair testing environment so I think you are good 👍.

press up and down arrows

If you are using RHEL 9.1 or 9.2, rd.break works as expected (same behavior as RHEL 8). Early versions of RHEL 9.0 differ slightly and it is beneficial to use another method to interrupt the boot process.

Hi, that is unfortunate but thanks for bringing this up. I tried to recreate the issue you described and I was only able to make the "enter root password" message appear when adding "rd.break" somewhere in the boot parameters. The "init=/bin/bash" parameter alone is all that is required to match the process in the video. It has been tested on RHEL 9.0 to the current version 9.2 and AlmaLinux. If you are still facing trouble, try the rescue kernel with the same steps. Here is some Fedora documentation which shows a similar method to the video and might provide additional clarity: docs.fedoraproject.org/en-US/quick-docs/reset-root-password/ Wishing the best to resolving that problem!

Oh one more tip, if the path to the "init" command is invalid, the dracut initramfs scripts will also take over and show the emergency mode/maintenance mode prompt as well!

*UPDATE:* I just retook it today, and Thank you @beanologi I passed!