Last updated on August 11, 2020 by Dan Nanni
Linux provides so-called "single user mode" or "rescue mode" in which a multi-user Linux system boots into a single user environment with superuser privilege. The single user mode is useful when you need exclusive access to shared system resources, e.g., when conducting maintenance or security audit of root file system, and updating critical system settings such as resetting root passwords.
If you are using GRUB bootloader, you can boot into single user mode by interrupting the bootloader and dropping in additional special parameter (e.g., single
). The single user mode will be booting Linux under runlevel 1, in which you will directly get a bash command prompt without entering root password.
If you would like to force a login password prompt even in single user mode, you can add the following to /etc/inittab
.
~~:S:wait:/sbin/sulogin
In this setup, you will be prompted to enter root password when entering single user mode. Without entering a correct root password, you will not get a bash
command prompt.
Note that the above setup is still not a proper protection mechanism against unauthorized users gaining access to the root file system of your Linux system. Unauthorized user could still boot into a live CD, mount the root file system from the live CD, and then modify /etc/inittab
. To prevent this kind of attack, you may want to consider full disk encryption.
This website is made possible by minimal ads and your gracious donation via PayPal or credit card
Please note that this article is published by Xmodulo.com under a Creative Commons Attribution-ShareAlike 3.0 Unported License. If you would like to use the whole or any part of this article, you need to cite this web page at Xmodulo.com as the original source.
Xmodulo © 2021 ‒ About ‒ Write for Us ‒ Feed ‒ Powered by DigitalOcean