On Thursday, 21 January 2010 at 18:21, Bill Nottingham wrote:
We have an existing bug where if you're in single-user mode, and
SELinux is active, various commands don't print to the console.
The root of this is the single-user shell isn't running in the
right SELinux context, as there's nothing to distinguish this from
the 'normal' shells run during bootup.
By far, the simplest fix is to run something that starts a shell
via a 'normal' login-ish mechanism. Hence, the attached patch
that switches to sulogin for single user mode.
However, this changes behavior that has existed since the dawn
of time in Red Hat/Fedora systems; with this change, single-user
mode would now require the root password. This is both when
booting with 'linux single/linux S', or going to runlevel 1
with 'telinit 1'.
Comments?
Well, I understand the problem that this patch is addressing.
However, the ability to get root shell on runlevel 1 without
root password has always been a time saver when you forgot it
or couldn't contact the previous admin. It saved me from:
* booting from a livecd (assuming it had a cd drive)
* booting from PXE (assuming it had a PXE-capable eth)
* taking out the root drive and mounting it in a different
machine
So yeah, I'm slightly opposed to this change.
Regards,
R.
--
Fedora
http://fedoraproject.org/wiki/User:Rathann
RPMFusion
http://rpmfusion.org | MPlayer
http://mplayerhq.hu
"Faith manages."
-- Delenn to Lennier in Babylon 5:"Confessions and Lamentations"