Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

How to change root password at startup using bash
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How to change root password at startup using bash

aliletalilet Member
in Help

So I wrote the following bash script debian_startup.sh to change root password when system boots but it doesn't work.

#!/bin/bash
echo "SomePassword" | passwd --stdin root

I have placed this script in /etc/init.d/debian_startup.sh and also made it executable by running following command:

chmod 755 /etc/init.d/debian_startup.sh

But when I boot the system, password isn't changed and I can still login using old password. How do I check that the script is actually running on boot or may be there is syntax problem in the script?

Comments

  • SpeedBusSpeedBus Member, Host Rep

    Maybe add it into crontab -e ? under @reboot

    https://www.cyberciti.biz/faq/linux-execute-cron-job-after-system-reboot/

  • aliletalilet Member

    Yeah I have seen that I can also use crontab but I want to use init.d first.

  • aliletalilet Member

    It seems I have a syntax error in my script because when I run it directly ./debian_startup.sh then I get error that stdin is unrecognized.

  • uptimeuptime Member

    @alilet said:
    How do I check that the script is actually running on boot or may be there is syntax problem in the script?

    To check if script is running, change it to something simple such as touch /var/my_script_ran

    as for syntax problems - I assume you tested the command from an interactive shell?

    any number of potential issues whether or not running at boot time, for example:

    • permission
    • special characters in new password such as '&' or ';' (not escaped correctly - hint: use single quotes not double quotes)
    • read-only file system at that point in the boot sequence

    I understand that you want to use a script in init.d ...

    I'd be interested to know your reason for this preference.

    Otherwise might suggest writing a systemd unit as an alternate method

    Thanked by 1skorous
  • aliletalilet Member
    edited October 2019

    Using -e successfully updates password BUT it also expires user account so he has to set password again when logs in. Without specifying -e it doesn't work I wonder why.

    Following works

    PASSWORD="somepassword"
    USER_NAME="root"
    echo -e "$PASSWORD\n$PASSWORD" | passwd "$USER_NAME"

    Following doesn't work

        PASSWORD="somepassword"  
    USER_NAME="root"  
    echo "$PASSWORD\n$PASSWORD" | passwd "$USER_NAME"
  • williewillie Member

    I use "passwd -l root" to disable the password completely. After installing ssh pubkey of course.

    Thanked by 1uptime
  • skorousskorous Member

    uptime said: read-only file system at that point in the boot sequence

    Only said they tossed it in init.d not that they enabled it as a service or anything. It's never running would be my bet.

    Thanked by 1uptime
  • uptimeuptime Member
    edited October 2019

    @alilet - this sort of multi-faceted mystery in general is always a great opportunity to apply some methodological "scientific method" approach to rule out possible explanations

    (which you seem to be doing :))

    alternatively - from a more "hackerly" point of view - it may be the case that ultimately you are just changing a string in a file

    (the name of which seems to make cloudflare nervous)

    that is, the 'shadow' file, in the '/etc' directory

    so that may be another way to do what you need without going through the passwd command in your script.

    it may not be the cleanest method but something to keep in your back pocket if push comes to shove and you just want to get the job done ... :smiley:

    Thanked by 1alilet
  • loveqianoolloveqianool Member 
    sudo sh -c cat << EOF  > /etc/rc.local
#!/bin/sh -ex
su root -c 'echo 'root:passwd' | chpasswd'
exit 0
EOF

    sudo chmod +x /etc/rc.local

    sudo systemctl start rc-local

    Thanked by 1alilet
  • raindog308raindog308 Administrator, Veteran

    willie said: I use "passwd -l root" to disable the password completely. After installing ssh pubkey of course.

    what happens when you try to login on the console?

  • williewillie Member

    raindog308 said: what happens when you try to login on the console?

    Not sure, there may be a way to disable the password for a console login. It hasn't come up. On Hetzner I use the rescue system instead of a KVM, some others like DO have a way to reset the password from the client area, hmm. Can also log into a user account (except I lock out the passwords for those too) and "su". In principle I should even lock out ssh except from a jump host, but I don't bother doing that.

  • defaultdefault Veteran

    Thanked by 1uptime
  • raindog308raindog308 Administrator, Veteran

    @willie said:

    raindog308 said: what happens when you try to login on the console?

    Not sure, there may be a way to disable the password for a console login.

    Changing root’s shell to /bin/false may give you the same effect, though I haven’t tried it.

Sign In or Register to comment.