Dominik 'Rathann' Mierzejewski wrote:
On Thursday, 21 January 2010 at 18:21, Bill Nottingham wrote:
> We have an existing bug where if you're in single-user mode, and
> SELinux is active, various commands don't print to the console.
> The root of this is the single-user shell isn't running in the
> right SELinux context, as there's nothing to distinguish this from
> the 'normal' shells run during bootup.
>
> By far, the simplest fix is to run something that starts a shell
> via a 'normal' login-ish mechanism. Hence, the attached patch
> that switches to sulogin for single user mode.
>
> However, this changes behavior that has existed since the dawn
> of time in Red Hat/Fedora systems; with this change, single-user
> mode would now require the root password. This is both when
> booting with 'linux single/linux S', or going to runlevel 1
> with 'telinit 1'.
>
> Comments?
>
Well, I understand the problem that this patch is addressing.
However, the ability to get root shell on runlevel 1 without
root password has always been a time saver when you forgot it
or couldn't contact the previous admin. It saved me from:
* booting from a livecd (assuming it had a cd drive)
* booting from PXE (assuming it had a PXE-capable eth)
* taking out the root drive and mounting it in a different
machine
So yeah, I'm slightly opposed to this change.
Regards,
R.
My thoughts exactly. What are the less simple fixes that don't change
this behaviour?
-J
--
in your fear, seek only peace
in your fear, seek only love
-d. bowie