Quick Tip: Reset a Locked User on Photon OS 4

One of my most visited posts in the past was this however the process for Photon OS 4 has changed slightly. pam_tally2 is no longer available. Now you need to use “failback”. The command to use now is as follows

faillock --user username --reset

Install HashiCorp Terraform on a PhotonOS Appliance

HashiCorp Terraform is not currently available on the Photon OS repository. If you would like to install Terraform on a PhotonOS appliance you can use the script below. Note: The versions for Go and Terraform that I have included are current at the time of writing. Thanks to my colleague Ryan Johnson who shared this method with me some time ago for another project.

#!/usr/bin/env bash

# Versions
GO_VERSION="1.21.4"
TERRAFORM_VERSION="1.6.3"

# Arch
if [[ $(uname -m) == "x86_64" ]]; then
  LINUX_ARCH="amd64"
elif [[ $(uname -m) == "aarch64" ]]; then
  LINUX_ARCH="arm64"
fi

# Directory
if ! [[ -d ~/code ]]; then
  mkdir ~/code
fi

# Go
wget -q -O go${GO_VERSION}.linux-${LINUX_ARCH}.tar.gz https://golang.org/dl/go${GO_VERSION}.linux-${LINUX_ARCH}.tar.gz
tar -C /usr/local -xzf go${GO_VERSION}.linux-${LINUX_ARCH}.tar.gz
PATH=$PATH:/usr/local/go/bin
go version
rm go${GO_VERSION}.linux-${LINUX_ARCH}.tar.gz
export GOPATH=${HOME}/code/go

# HashiCorp
wget -q https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_${LINUX_ARCH}.zip
unzip -o -d /usr/local/bin/ terraform_${TERRAFORM_VERSION}_linux_${LINUX_ARCH}.zip
rm ./*.zip

Reset/Unlock Photon OS root account

From time to time your root account can get locked from either entering the incorrect password or using some automation that uses the wrong password. Here are some quick steps.

Reboot the Photon Appliance

At the Photon OS logo screen press e to edit the grub menu

At the grub menu append the following to the end of the boot loader line to boot into single user mode

rw init=/bin/bash

Press F10 or CTRL+X to continue the boot process

At the prompt type the following to mount the root partition

mount -o remount,rw /

To reset the root password type passwd and enter the new password

If the root account was locked due to x number of failed logon attempts type to following to unlock it

/sbin/pam_tally2 -r -u root

Unmount the partition again

umount /

And reboot

reboot -f

Hopefully you should now be able to log in with your root account!