Enabling SVM in Failsafe and password recovery in Solaris.

In one of our previous post “Solaris Troubleshooting (Magic of Solaris 10) – Root Password Recovery for any Solaris 10 (without CD/DVD)”. We tried to show how to recover system’s root password in Failsafe mode without any media for OS having single disk (i.e native device, c#t#d#s#). But if your system is mirrored then you wont be able to recover the same without loading SVM module in failsafe (also with any other media) mode. As your box wont allow you to mount the metadevice. In this post I will try to present the procedure to load SVM module in such cases.

 

http://gurkulindia.com/main/2011/08/solaris-troubleshooting-magic-of-solaris-10-root-password-recovery-for-any-solaris-10-without-cddvd/

If we will boot Solaris OS in failsafe/CD/DVD/network mode, In that case, no Solaris Volume Manager (SVM) module will be loaded, and its impossible to work on mirrored OS on the installed OS without de-synchronizing the mirrors. If you will try to boot the box it will crash / panic and may corrupt your data too.

Below is the process to load the SVM driver and configuration files in the alternate media boot environment:

1.) Bring the server at OK prompt. Whatever possible.

2.) Boot your box in failsafe mode.

# OK boot -F failsafe

3.) Once your server will boot up in Failsafe, mount your rootdisk at /a. Here my rootdisk is c1t1d0s0.

# mount /dev/dsk/c1t1d0s0 /a

4.) Copy the configuration to enable SVM module in failsafe mode.

# cp /a/kernel/drv/md.conf /kernel/drv

5.) umount the root fs slice.

# umount /a

6.) Now we have to load the SVM module to enable it in failsafe mode:

# update_drv -f md
devfsadm: mkdir failed for /dev 0x1ed: Read-only file system <- You will see this messages

7.) Now you will be able to mount the md metadevices and will be able to make any changes.

# mount /dev/md/dsk/d0 /a

8.) Take a copy of /a/etc/passwd & /a/etc/shadow file.

# cp -p /a/etc/passwd /a/etc/passwd-orig
# cp -p /a/etc/shadow /a/etc/shadow-orig

9.) Now stick to basic and remove the encrypted password entry for root from /a/etc/shadow file.

#grep root /a/etc/shadow
root:WP7grKsEFAgt.:15182::::::

#grep root /a/etc/shadow
root::15182::::::

10.) Update the boot archive as below before proceeding with the reboot.

# bootadm update-archive -R /a
Creating boot_archive for /a
updating /a/platform/sun4u/boot_archive

11.) Umount the metadevice and Reboot your system, this time you are allowed to login into the server without password. Now first recommended thing would be to set you password for root.

# umount /a
# init 6

Note: After step seven we can sync the mirrors if necessary using metasync -r. I was able to recover the box many times without using it.

Yogesh Raheja

Yogesh working as a Consultant in Unix Engineering by profession. And he has multiple years experience in Solaris, Linux , AIX and Veritas Administration. He has been certified for SCSA9, SCSA10, SCNA10, VXVM, VCS, ITILv3. He is very much passionate about sharing his knowledge with others. Specialties: Expertize in Unix/Solaris Server, Linux (RHEL), AIX, Veritas Volume Manager, ZFS, Liveupgrades, Storage Migrations, Cluster deployment (VCS and HACMP) and administration and upgrade on Banking, Telecom, IT Infrastructure, and Hosting Services.

3 Responses

  1. Laszlo says:

    How can you send “init 0” (step 1) without being root already?
    And if you are, then you can change the password without any hocus pocus :)
    Apart from that the procedure is OK

  2. Ramdev Ramdev says:

    Lasizo,  that is a silly mistake from our side :) thanks for correcting us.

  3. - - says:

    Thanks, you just saved me lots of pain and tears. Well done.

What is in your mind, about this post ? Leave a Reply

Close
  Our next learning article is ready, subscribe it in your email

What is your Learning Goal for Next Six Months ? Talk to us