Jamie Fargen's Weblog

Today I took the RHCSA exam, here in Tampa, FL. Mostly barred from commenting on the exam, but it wasn’t to straining. Though I definitely made some mistakes.

Here is a link to verify my results.

The post is from the stand point of RHEL hypervisor with a KVM CentOS Linux guest using a raw image file as a backing store and the openssl package, but it could easily be applied to different distros, backing stores, or even booting a Linux livecd as long as you can get the necessary packages. Some steps may vary depending on what kind of backing store you are using for the image and the partitions your OS is installed. This process could also be used to do many other things like increasing the time for password expirations.

 

First mount the image as a loopback device:

$ sudo losetup /dev/loop0 /var/lib/libvirt/images/virtcort011ccxra.img       # note that is a zero at the end of /dev/loop

Next add the partition mappings:

$ sudo kpartx -av /dev/loop0

In my CentOS installation I was using LVM and the next few steps are LVM specific:

Use vgscan to find the LVM volume

$ sudo vgscan

This located the new LVM volume group VolGroup00   # again note that is zero zer at the end of VolGroup. You will use this group in the next step.

Activate LVM Volume Group:

$ sudo vgchange -ay VolGroup00

You can use lvs to find the Volume where your / (root) file system is mounted:

$ sudo lvs

Next mount the volume:

$ sudo mount /dev/VolGroup00/LogVol00 /mnt/linuxrescue

You should be able to see directories in the volume:

$ ls /mnt/linuxrescue

Now generate the new password for the guest:

$ openssl passwd -1 -salt ranNum    # for the salt substitute random numbers and letters for ranNum.

Password:

$1$ranNum$N6s5hhYltlYQPnMDdxYy1   # you can see your salt + hash

Now copy this string into /etc/shadow:

$ sudo vi /mnt/linuxrescue/etc/shadow

In editing your shadow file you will see something like below your salt+hash should be  substituted as below for the user password you would like to reset.

root:$1$ranNum$N6s5hhYltlYQPnMDdxYy1:15492:1:90:7:::

If you want to change the length of time for password expirations the next step will show you how.

$ sudo vi /etc/login.defs     # find the value PASS_MAX_DAYS and edit it to your needs

Now unmount the file system:

$ sudo umount /mnt/linuxrescue

Unactivate the LVM vol group:

$ sudo vgchange -an VolGroup00

Delete the partition mappings:

$ sudo kpartx -dv /dev/loop0

Unmount the loopback device:

$ sudo kpartx -dv /dev/loop0

 

Hopefully one day you won’t come upon a server running ESX / Linux that has become unresponsive to regular management tools and view something like this completely filling your console:

sd 7:0:2:0 still retrying after 360s

I knew instantly 7:0:2:0 was a SCSI mapping for host, bus, scsi id, etc, etc. These hosts are using SATA drives and I needed to be able to us hdparm to determine the serial number of the drive for local support to replace.  After digging I came up the command sg_map matched with -x option prints after each active sg device name is displayed there are five digits: <host_number> <bus> <scsi_id> <lun> <scsi_type>.

When I ran sg_map -x this provided me with exactly what I need: /dev/sg2  7 0 2 0  0  /dev/sdc.  You can see that sdc is mapped to SCSI address 7:0:2:0. With this information I was able to use hdparm -i /dev/sdc to extract the serial number of the drive and provide it to local hands and feet support in Germany to swap out the failing hard drive.