How To Reset Root Password In CentOS 7 – grub 2

The first step to reset the root password is boot the CentOS machine in emergency mode, and for this process, we’ll use rd.break.

Start the system and, on the GRUB 2 boot screen, press the ‘e’ key for edit:


Remove the rhgb and quiet parameters from the end, or near the end, of the linux16 line, or linuxefi on UEFI systems.


Add the following parameters at the end of the linux16 line on x86-64 BIOS-based systems, or the linuxefi line on UEFI systems: rd.break enforcing=0


When you finish, press ctrl + x to load the system. Finally you’ll boot in emergency mode.


After emergency mode booting, you must remount the filesystem as writable because it’s mounted read-only, so you just have to type the following command:

mount -o remount,rw /sysroot

Now change the file system’s root as follows: chroot /sysroot

Finally, you’ll get a chroot environment ready to reset the password. Probably you know the command to set a user password, but if don’t, let me explain it.

The way to set a password is easy just type passwd user_name

user_name isn’t necessary if you’re logged in the session, so for this tutorial, you must type only “passwd


If the system is not writable, the passwd tool fails with the following error:

Authentication token manipulation error

Updating the password file results in a file with the incorrect SELinux security context, because SELinux is a Linux kernel security module that provides a mechanism for supporting access control security policies, to relabel all files on next system boot, enter the following command:

touch /.autorelabel

But I have to tell you something, relabel a large disk takes a long time, so you can omit this step provided you included the enforcing=0 option.

Now you must remount the filesystem as read only using the following command:

mount -o remount,ro /

Now exit from chroot environment and exit to finish the system boot (just type exit two times).


If you omitted to relabel files enter the following command to restore the /etc/shadow file’s SELinux security context:

restorecon /etc/shadow

Enter the following commands to turn SELinux policy enforcement back on and verify that it is on:

setenforce 1


That’s all friends. The process to reset the root password isn’t hard and this isn’t the only way to do it. Also, you can use an installation disk or maybe a live Linux cd of another distro.