Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000037931 - Boot RSA NetWitness Platform 11.x appliance into Single User Mode

Document created by RSA Customer Support

on Oct 11, 2019

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000037931
Applies To	RSA Product Set: NetWitness Logs & Network RSA Product/Service Type: NetWitness appliance RSA Version/Condition: 11.x O/S Version: CentOS 7
Issue	Some reasons to boot into Single-User mode Reset a forgotten root password. Repair OS file system. Fix an /etc/fstab entry. Disable a service. Note: This article shows how to get into Single User mode, and not how to do any of the above. Single user mode is also referred to as maintenance or emergency mode.
Resolution	Access the NetWitness appliance via the Console that is attached to the appliance, or over the configured iDRAC interface. Reboot or power on the appliance. After the BIOS and RAID controller checks, when the CentOS kernel boot starts to display the Grub Menu screen. Press the down arrow to pause on the Grub Menu screen. There should be one of more CentOS Linux kernel versions that can be selected. Select by highlighting a CentOS Linux kernel version and enter "e" to edit the kernel boot parameters for that kernel version. Enter the root login and password. Edit the kernel boot parameters using either of the 2 below methods (where Method 1 seems easier). Method 1: Use the down arrow key to scroll through the lines of the kernel boot parameters. Look for the line that starts with "linux16", and with the cursor on this line press [End] to go to the end of the line. Change the parameter "rd.shell=0" at the end of the line to "rd.break". Press [Ctrl]-x to boot the kernel with this change, and it should boot to the switch_root prompt. Remount the /sysroot in "rw" mode, and set the mount /sysroot as the root (/) directory. mount -o remount,rw /sysroot chroot /sysroot Or Method 2: Use the down arrow key to scroll through the lines of the kernel boot parameter. Look for the line that starts with "linux16", and with the cursor on this line, use the arrow keys to move on the line. Change the parameter "ro" in the middle of the line to "rw init=/sysroot/bin/bash". Press [End] to go to the end of the line and remove the parameter "rd.shell=0" at the end of the line. Press [Ctrl]-x to boot the kernel with this change, and it should boot to the bash prompt. Set the mount /sysroot as the root (/) directory. chroot /sysroot The NetWitness appliance is now in Single user/maintenance/emergency mode.
Notes	For more verbose output during the kernel boot also remove the parameters "rhgb quiet", rhgb (redhat graphical boot) = This is a GUI mode booting screen with most of the information hidden whilst displaying a rotating activity icon spinning and shows only brief information as to what the computer is doing. quiet = Hides the majority of the boot messages before rhgb starts. For additional reference see Red Hat article, 26.10. Terminal Menu Editing During Boot

Attachments

Outcomes

0 Comments

Recommended Content