{"id":8,"date":"2026-05-20T21:51:47","date_gmt":"2026-05-20T18:51:47","guid":{"rendered":"https:\/\/blog.dynet.net\/?p=8"},"modified":"2026-05-20T21:51:47","modified_gmt":"2026-05-20T18:51:47","slug":"almalinux-9-sifre-sifirlama-adim-adim-root-parolasi-kurtarma","status":"publish","type":"post","link":"https:\/\/blog.dynet.net\/?p=8","title":{"rendered":"AlmaLinux 9 \u015eifre S\u0131f\u0131rlama: Ad\u0131m Ad\u0131m Root Parolas\u0131 Kurtarma"},"content":{"rendered":"

Sunucu y\u00f6netiminde en s\u0131k kar\u015f\u0131la\u015f\u0131lan senaryolardan biri, uzun s\u00fcre kullan\u0131lmayan veya g\u00fcvenli bir \u015fekilde kaydedilmeyen root (y\u00f6netici) \u015fifresinin unutulmas\u0131d\u0131r. Kurumsal d\u00fczeyde kararl\u0131l\u0131\u011f\u0131 ve g\u00fcvenli\u011fi ile bilinen RHEL tabanl\u0131 AlmaLinux 9<\/strong> i\u015fletim sisteminde de bu durumla kar\u015f\u0131la\u015fabilirsiniz. \u015eifrenizi kaybetmi\u015f olman\u0131z, sisteminizi yeniden kurman\u0131z gerekti\u011fi anlam\u0131na gelmez.<\/p>\n

Bu makalemizde, fiziksel veya sanal sunucunuza (VNC\/Konsol eri\u015fimi arac\u0131l\u0131\u011f\u0131yla) do\u011frudan eri\u015fiminiz oldu\u011fu varsay\u0131larak, AlmaLinux 9 \u015fifre s\u0131f\u0131rlama<\/strong> i\u015flemini ad\u0131m ad\u0131m, g\u00fcvenli ve en profesyonel y\u00f6ntemle nas\u0131l ger\u00e7ekle\u015ftirece\u011finizi anlataca\u011f\u0131z.<\/p>\n

AlmaLinux 9 Root \u015eifresini S\u0131f\u0131rlama Ad\u0131mlar\u0131<\/h2>\n

AlmaLinux 9 \u00fczerinde \u015fifre s\u0131f\u0131rlama i\u015flemi, sistemin \u00f6ny\u00fckleme (boot) parametrelerine m\u00fcdahale ederek acil durum moduna (emergency mode) ge\u00e7i\u015f yapmay\u0131 gerektirir. \u0130\u015flemi ba\u015far\u0131yla tamamlamak i\u00e7in a\u015fa\u011f\u0131daki ad\u0131mlar\u0131 s\u0131ras\u0131yla uygulayabilirsiniz:<\/p>\n

Ad\u0131m 1: Sunucuyu Yeniden Ba\u015flat\u0131n ve GRUB Men\u00fcs\u00fcne Eri\u015fin<\/h3>\n

\u015eifresini s\u0131f\u0131rlamak istedi\u011finiz AlmaLinux 9 sunucusunu yeniden ba\u015flat\u0131n. Sunucu a\u00e7\u0131l\u0131rken kar\u015f\u0131n\u0131za gelen GRUB \u00f6ny\u00fckleme men\u00fcs\u00fcnde (i\u015fletim sistemi se\u00e7me ekran\u0131) s\u00fcrenin dolmas\u0131n\u0131 engellemek i\u00e7in y\u00f6n tu\u015flar\u0131ndan (yukar\u0131\/a\u015fa\u011f\u0131) birine bas\u0131n. D\u00fczenlemek istedi\u011finiz \u00e7ekirdek (kernel) s\u00fcr\u00fcm\u00fcn\u00fcn \u00fczerinde gelin ve d\u00fczenleme moduna ge\u00e7mek i\u00e7in klavyenizden “e”<\/strong> tu\u015funa bas\u0131n.<\/p>\n

Ad\u0131m 2: \u00c7ekirdek (Kernel) Parametrelerini D\u00fczenleyin<\/h3>\n

Kar\u015f\u0131n\u0131za gelen metin d\u00fczenleme ekran\u0131nda, sistemin nas\u0131l \u00f6ny\u00fcklenece\u011fini belirleyen parametreler yer al\u0131r. Bu ekranda a\u015fa\u011f\u0131daki ad\u0131mlar\u0131 takip edin:<\/p>\n

    \n
  • Y\u00f6n tu\u015flar\u0131n\u0131 kullanarak linux<\/strong> ile ba\u015flayan sat\u0131r\u0131 bulun (genellikle ekran\u0131n alt k\u0131s\u0131mlar\u0131na do\u011frudur).<\/li>\n
  • Bu sat\u0131r\u0131n en sonuna gidin (sat\u0131r sonuna ula\u015fmak i\u00e7in klavyenizdeki End<\/em> tu\u015funu kullanabilirsiniz).<\/li>\n
  • Sat\u0131r\u0131n sonuna bir bo\u015fluk b\u0131rakarak rd.break<\/code><\/strong> komutunu ekleyin.<\/li>\n
  • De\u011fi\u015fiklikleri kaydedip sistemi bu parametrelerle ba\u015flatmak i\u00e7in Ctrl + X<\/strong> tu\u015f kombinasyonuna bas\u0131n.<\/li>\n<\/ul>\n

    Not:<\/strong> rd.break<\/code> parametresi, sistemin ger\u00e7ek k\u00f6k dosya sistemini ba\u011flamadan hemen \u00f6nce RAM disk a\u015famas\u0131nda (initramfs) durmas\u0131n\u0131 sa\u011flar. Bu sayede parola s\u0131f\u0131rlama i\u015flemlerini g\u00fcvenli bir b\u00f6lgede ger\u00e7ekle\u015ftirebiliriz.<\/p><\/blockquote>\n

    Ad\u0131m 3: Dosya Sistemini Yaz\u0131labilir Olarak Yeniden Ba\u011flay\u0131n (Remount)<\/h3>\n

    Sistem acil durum modunda a\u00e7\u0131ld\u0131\u011f\u0131nda, mevcut dosya sisteminiz varsay\u0131lan olarak salt okunur (read-only) modda \/sysroot<\/code> dizinine ba\u011flan\u0131r. \u015eifreyi de\u011fi\u015ftirebilmek i\u00e7in bu dizini yaz\u0131labilir (read-write) olarak yeniden ba\u011flamam\u0131z gerekir. Terminal ekran\u0131na \u015fu komutu yaz\u0131n ve Enter tu\u015funa bas\u0131n:<\/p>\n

    mount -o remount,rw \/sysroot<\/code><\/pre>\n
    Ad\u0131m 4: K\u00f6k Dizini De\u011fi\u015ftirin (Chroot)<\/h3>\n
    \u015eimdi, ge\u00e7ici olarak bulundu\u011fumuz ortamdan s\u0131f\u0131rlama yapaca\u011f\u0131m\u0131z ana sistemin k\u00f6k dizinine ge\u00e7i\u015f yapmal\u0131y\u0131z. Bunun i\u00e7in chroot<\/code> komutunu kullanaca\u011f\u0131z:<\/p>\n
    chroot \/sysroot<\/code><\/pre>\n
    Bu komuttan sonra komut sat\u0131r\u0131 isteminizin de\u011fi\u015fti\u011fini g\u00f6receksiniz. Art\u0131k do\u011frudan AlmaLinux 9 i\u015fletim sisteminizin i\u00e7erisindesiniz.<\/p>\n
    Ad\u0131m 5: Yeni Root \u015eifresini Belirleyin<\/h3>\n
    Art\u0131k root \u015fifresini s\u0131f\u0131rlamaya haz\u0131r\u0131z. A\u015fa\u011f\u0131daki komutu \u00e7al\u0131\u015ft\u0131rarak yeni ve g\u00fcvenli bir \u015fifre belirleyin:<\/p>\n
    passwd root<\/code><\/pre>\n
    Komutu yazd\u0131ktan sonra sistem sizden yeni \u015fifreyi girmenizi ve ard\u0131ndan onaylaman\u0131z\u0131 isteyecektir. G\u00fcvenli\u011finiz i\u00e7in \u015fifre yazarken ekranda herhangi bir karakter (y\u0131ld\u0131z vs.) g\u00f6r\u00fcnmeyecektir. \u015eifrenizi yaz\u0131p Enter tu\u015funa bas\u0131n.<\/p>\n
    Ad\u0131m 6: SELinux Etiketlerini G\u00fcncelleyin (Kritik Ad\u0131m!)<\/h3>\n
    AlmaLinux 9, varsay\u0131lan olarak olduk\u00e7a s\u0131k\u0131 bir g\u00fcvenlik protokol\u00fc olan SELinux<\/strong> (Security-Enhanced Linux) kullan\u0131r. \u015eifre dosyas\u0131nda yapt\u0131\u011f\u0131m\u0131z bu manuel de\u011fi\u015fikli\u011fin sistem taraf\u0131ndan kabul edilmesi ve a\u00e7\u0131l\u0131\u015fta bir g\u00fcvenlik engeline tak\u0131lmamas\u0131 i\u00e7in SELinux etiketlerinin yeniden taranmas\u0131n\u0131 sa\u011flamal\u0131y\u0131z. Aksi takdirde sistem a\u00e7\u0131lmayabilir veya yeni \u015fifrenizle giri\u015f yapamazs\u0131n\u0131z.<\/p>\n
    Bu i\u015flemi otomatikle\u015ftirmek i\u00e7in a\u015fa\u011f\u0131daki komutla k\u00f6k dizinde gizli bir dosya olu\u015fturun:<\/p>\n
    touch \/.autorelabel<\/code><\/pre>\n
    Ad\u0131m 7: \u00c7\u0131k\u0131\u015f Yap\u0131n ve Sistemi Yeniden Ba\u015flat\u0131n<\/h3>\n
    T\u00fcm i\u015flemler ba\u015far\u0131yla tamamland\u0131. \u015eimdi chroot ortam\u0131ndan ve acil durum modundan \u00e7\u0131k\u0131\u015f yaparak sistemi normal \u015fekilde ba\u015flatabiliriz. S\u0131ras\u0131yla \u015fu komutlar\u0131 uygulay\u0131n:<\/p>\n
    exit<\/code><\/pre>\n
    exit<\/code><\/pre>\n
    \u0130kinci exit<\/code> komutundan sonra sistem otomatik olarak yeniden ba\u015flat\u0131lacakt\u0131r. SELinux etiketleme i\u015flemi (autorelabel), disk boyutunuza ve dosya say\u0131n\u0131za ba\u011fl\u0131 olarak ilk a\u00e7\u0131l\u0131\u015fta birka\u00e7 dakika s\u00fcrebilir. Bu i\u015flem tamamland\u0131ktan sonra sunucunuz normal giri\u015f ekran\u0131na y\u00f6nlendirilecektir.<\/p>\n
    \u00d6zet ve Sonu\u00e7<\/h2>\n
    AlmaLinux 9 \u015fifre s\u0131f\u0131rlama i\u015flemi, do\u011fru ad\u0131mlar takip edildi\u011finde olduk\u00e7a basit ve g\u00fcvenli bir s\u00fcre\u00e7tir. \u00d6zetlemek gerekirse; GRUB men\u00fcs\u00fcnden rd.break<\/code> ile sisteme m\u00fcdahale ettik, dosya sistemini yaz\u0131labilir hale getirdik, chroot<\/code> ile k\u00f6k dizine ula\u015f\u0131p \u015fifremizi g\u00fcncelledik ve son olarak SELinux etiketlemesini tetikleyerek sistemimizi g\u00fcvenle yeniden ba\u015flatt\u0131k.<\/p>\n
    Sunucu y\u00f6netiminde bu t\u00fcr teknik detaylarla vakit kaybetmek istemiyor, her zaman yedekli, g\u00fcvenli ve y\u00fcksek performansl\u0131 bir altyap\u0131ya sahip olmak istiyorsan\u0131z, profesyonel sunucu \u00e7\u00f6z\u00fcmlerimizi inceleyebilirsiniz. Kurumsal d\u00fczeyde destek ve kesintisiz hizmet i\u00e7in bizimle her zaman ileti\u015fime ge\u00e7ebilirsiniz.<\/p>\n","protected":false},"excerpt":{"rendered":"
    AlmaLinux 9 sunucunuzun root \u015fifresini mi unuttunuz? Endi\u015felenmeyin! Bu ad\u0131m ad\u0131m rehberle GRUB men\u00fcs\u00fcn\u00fc kullanarak \u015fifrenizi h\u0131zl\u0131ca s\u0131f\u0131rlayabilirsiniz.<\/p>\n","protected":false},"author":1,"featured_media":7,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[3,4,5,6,7],"class_list":["post-8","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-genel","tag-almalinux","tag-linux","tag-sifre-sifirlama","tag-sunucu-yonetimi","tag-sysadmin"],"_links":{"self":[{"href":"https:\/\/blog.dynet.net\/index.php?rest_route=\/wp\/v2\/posts\/8","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.dynet.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.dynet.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.dynet.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.dynet.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8"}],"version-history":[{"count":0,"href":"https:\/\/blog.dynet.net\/index.php?rest_route=\/wp\/v2\/posts\/8\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.dynet.net\/index.php?rest_route=\/wp\/v2\/media\/7"}],"wp:attachment":[{"href":"https:\/\/blog.dynet.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.dynet.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.dynet.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}