Resetting a Password Using Chroot

chroot has quite a unique history. The chroot system call was the first major step towards process-level virtualization, i.e. providing an isolated environment for a process (though only at the file system level). Virtualization is an enabler for cloud computing. You can read more about chroot here. Let's look at a real-life scenario where chroot helped my team.

Problem

During my post-graduate development, my team faced a situation where we had to reset a password for a system as the old password was not known. This system was being used for virtualization-related research cluster. This system was installed with a particular virtualization-patched kernel and many other utilities and their configs. To recreate the same environment freshly was hard and error-prone.

How I approached

The first thing we tried was single user mode. Soon we realized that it is password protected.

Next, we asked ourselves if we should copy everything using the OS that was currently installed on the system. With this approach, we would have had to backup of all the data. Later, we could have recreated the same environment. But the problems with this approach are that it is time-consuming and it's easy to miss a step.

Just a few days before I came across this problem, I solved a problem usingchroot where I need to run an Ubuntu-12 installed application in Ubuntu-14.

Solution:

In Linux, the passwd command updates the hash value inside /etc/passwd. The idea was to update the /etc/passwd file. We logged in using Live-OS installed on USB. Now, somehow we have to ensure that executing passwd command should update disk's  /etc/passwd file but not Live-OS  /etc/passwd file.

The steps we followed are listed below:

1. Bootup your machine using your Live-OS.

2. Mount the volume of the installed OS.

   1. Let's assume that we have mounted it to @location /mnt/OS. 

3. Perform chroot after binding a set of directories:

   • sudo mount --bind /dev /mnt/OS/dev 

   • sudo mount --bind /dev/pts /mnt/OS/dev/pts 

   • sudo mount --bind /proc /mnt/OS/proc 

   • sudo mount --bind /sys /mnt/OS/sys 

   • sudo chroot /mnt/OS 

4. Run the passwd command and set a new password.

5. Perform the operations enumerated in Step 3, but in reverse order:

   • sudo umount /mnt/OS/sys 

   • sudo umount /mnt/OS/proc 

   • sudo umount /mnt/OS/dev/pts 

   • sudo umount /mnt/OS/dev 

6. Reboot the system and try the updated password.

Other Use Cases for chroot 

• Using applications that are compatible with either an OS version that is older or newer than your current OS.

  • For example, running Eclipse installed for Ubuntu-12 inside Ubuntu-14 without installing any new packages.