How can I reset the root password in Silverblue?

Is there a way to change the root password in silverblue? I have physical access to my pc.

Do you have a user account? Is it an account with sudo privileges? If so, please see Unsure of password for root; never prompted to set it during install. If not, please clarify. Thanks!

1 Like

yes i have a user account. After booting up i can select the user but the password that i usually use doesn’t work. I tried to change the password following the guide below but it doesn’t work for silverblue. After reboot the new password does not work.

How do i change the password for a user if i cant remember the correct password but have physical access to my pc?

during boot menu where i can choose the ostree i press e and add rw init=/bin/bash at the end of the correct line and press ctr + x. Bash will open and i enter ID, result i get is: uid=0(root) gid=0(root) groups=0(root)

when i enter: sudo passwd username i enter the pw twice and reboot with /sbin/reboot -f without running touch /.autorelabel since that won’t work.

Is there a special way for silverblue to change/reset a password once you lost it?

1 Like

after running sudo passwd username you should type sync to force write edited /etc/passwd to disk, and after that you can reboot and it should work.

Sadly it does not work.

Is it diffrent in Silverblue? I typed sync and rebooted and it still won’t work.

1 Like

Indeed, none of these instructions has effect on OSTree-based systems. I use IoT, and I have the same problem.

I realize this may not be helpful, but I was previously able to successfully reset a root password with rd.break on Silverblue 33 on Feb 10th 2021
(Rpm-ostree permissions lost after adding kerberos packages · Issue #126 · fedora-silverblue/issue-tracker · GitHub).

I do recall that autorelabel didn’t work, but I was able to get into my system.

I just remembered how i did it, and i just tested and it worked again.

NOTE: I do not recommend these steps, but you can try your luck. No warranties here :woozy_face:

As the previous guide dictated, proceed to edit the kernel boot parameters, however, I used the following at the end of the kernel line. The idea here is that we are interrupting the boot process, and disabling selinux. (Note, I’m pretty sure its unnecessary to set enforcing=0, cuz I don’t think selinux is active on Emergency, but just to be safe?)

rd.break enforcing=0

Press ENTER/RETURN when the emergency mode screen appears.

Remount sysroot
# mount -o remount rw /sysroot

Then, change root to sysroot
# chroot /sysroot

Set password
# passwd

Disabled selinux:
# vi /etc/selinux/config
And then change enforcing to permissive

Finally: exit, exit and reboot normally to get into your system.

Most likely, after you login you will find SELinux errors in the logs. You can fix it with this guide before setting it back to enforcing: Troubleshooting :: Fedora Docs

Again, no promises here. This may backfire. But worked for me.