Password reset via u-boot (init=/bin/sh) possible?

[macmartin]

Hello everyone,

first I want to phrase the question:
Is it possible to somehow reset the userpassword via setting a boot parameter in uboot to drop into a root shell (without disk encryption this should (?!) be possible in linux via the init=/bin/sh "trick"). I connected via UART and to my pinenote and tried some combinations, setting the bootcmd and others (see https://isc.sans.edu/forums/diary/Resett...ers/28564/).

now the why:

What was bugging me, since I have the pinenote for 2-3 weeks now, is that it crash-reboots at least once in a using session (no heavy actions done (?!): a bit browsing and configuring koreader, xournaling some pdfs, and stuff). I thought, this is because the system is not meant to be stable by now (as far as I understood what I read)  and wasn't yet able to investigate further

Now 2 days ago I apt-upgraded via terminal and the update seemed relatively big (but it was NOT my first time running the os update). The screen froze at 55% - no reaction. I was already fearful because it happened after the downloading/unpacking part and still I powercycled it after 1-2 hours. It didn't boot anymore (it showed a dark version of the image with the squares and it said "booting ...").

I connected UART (thanks so much for delivering the dongle with it!!) and was presented a login.
Ok, what was my root password again? I've set it up a week ago and used it some times. But although I'm 98% sure that I got it right, I was not able to log in.
Ok, I created another user with sudo permissions and because of the many reboots of the pinenote I had to put it in very frequently, so I'm 99,999% sure that I have it right (still there was a slight uncertainty, because the password is somehow bound to the layout of the on-screen-keyboard) - NO, not able to login.
Ok, what was the password of ther originals "user" ... yeah, I'm able to log in ... BUT ... as I created another user I removed sudo group from "user" -.-
Now I'm confused even more - I can see that the user I created really exists in /etc/passwd ... so once again my reality is questioned - why wasn't I able to login?
Did I tried to much and some new PAM restriction is active by default in Trixie? Seems not so. But I remembered the workaround of dropping to a root shell in grub, maybe/hopefully this also works here? But I'm not very proficient with uboot and UART yet.
Alternatively: can I copy the bootmenu file from the pine, change it and put it back?
Maybe there is an even easier option I didn't think of yet, before I have to flash it(?!)

[wdt]

Since you seem to so much problem remembering, maybe you should WRITE IT DOWN
and then hide the paper, if you can remember where you hid the paper
(user:password is the normal syntax)
----
In Linux the password is stored in /etc/shadow,the fields separator is ":" (colon)
the 2nd field is the hashed password, aprox 60+ chars
if you make
userName:60chars:and_more into
userName::and_more
then userName has no password, just hit enter
---
you do have to be root/sudo to edit shadow

[macmartin]

exactly. that's what I was thinking, too. But nevertheless I'm now in this position and still try to get some useful help

You mean copying the shadow file via UART, edit it and move it back? good idea. Do you have a practical pointer on the how, because I'd also have to mount the file system first, right?

I also tried this approach https://matrix.to/#/!QtTzSRYMuozjbOQkzJ:matrix.org/$rMsLcLt9uVEumAMsU1fQh6F7v29ZAs2aWk5fp_mUaU8?via=matrix.org&via=tchncs.de&via=kde.org - it says: boot into OS2 (second boot menu entry) then mount the filesystem of OS1, but trying to boot the second entry unfortunately errors out with
```
Retrieving file: /boot/extlinux/extlinux.conf
Failed to mount ext2 filesystem...
** Unrecognized filesystem type **
Error reading config file
```

[macmartin]

ah, `ext4size mmc 0:5 /etc` (typed in the uboot console) lists all the files. there seems to be `ckermit` to transfer files. I'm trying that and keep you posted

[macmartin]

the last one didn't cut it.
I was not successfull transfering files via UART/serial from u-boot using minicom. There are some things I don't understand yet (how to load a file into memory and where to find/how to get the "loadaddress" and find the destination to send it via kermit/ymodem *shrug*

I went the rdeveloptool route and used that also as a chance to backup all the partitions (see https://github.com/PNDeb/pinenote-debian...ion_tables) (except the data partition, thats a bit much).
So after I transferred the os1 partition from the PN to my notebook (linux/debian-based), I mounted it via `sudo mount -o loop part_os1.img /tmp/some_dir_you_have_to_create_first` - then I was able to put "user" back into the "sudo" group (via editing `/etc/group`) and optionally removing the passwords from `/etc/shadow`).
After un-mounting (`sudo umount /tmp/some_dir...`) I put that partition back to the device and I was able to login.

So now I can fix the crapped update and have a better idea how to investigate those regular unsatisfying reboots in the future
(and yes, I did note the password down directly after setting it to not get some phonecall or whatever in the way. but just to be sure, it's: *********** )
cheers