On 14-01-02 13:12:31, Chris Murphy wrote:
On Jan 2, 2014, at 9:32 AM, Steve Searle steve@stevesearle.com wrote:
Around 12:43am on Tuesday, December 31, 2013 (UK time), Patrick O'Callaghan wrote:
Conclusion: better look for some other way to cover your tracks, and note that a forensic investigation can be carried out without having you log in at all.
Just to emphasise what Patrick says, if you boot Linux into singe user mode, you can get root access without needing a password, which would bypass any setup you had done this way.
Not on Fedora 20 at least, and I think since even Fedora 19, if you use "single" boot param you startup to rescue.target. It asks for a root password or to press Control-D to continue. If I control-D to continue, startup proceeds to default.target. That's typically multi-user.target (runlevel 3), or graphical.target (runlevel 5).
I could boot from alternate media, and presumably mount and chroot this installation, and compel a change to the root password. But apparently not from the installation itself.
There are also initrd break targets, documented in `man dracut.cmdline`:
"rd.break={cmdline|pre-udev|pre-trigger|initqueue|pre-mount|mount |pre-pivot|cleanup} drop to a shell on defined breakpoint"
See `man dracut.bootup` to find out when they happen.