F21 System Wide Change: The securetty file is empty by default
Michel Alexandre Salim
salimma at fedoraproject.org
Tue Apr 15 01:49:19 UTC 2014
On 04/14/2014 09:21 PM, Andrew Lutomirski wrote:
> On Mon, Apr 14, 2014 at 6:50 AM, Michel Alexandre Salim
> <salimma at fedoraproject.org> wrote:
>> Apologies for being late to the discussion as well - just wanted to note
>> that I've been running root-password-less configurations for some time
>> (by using passwd -l to lock out the root account post-install), and
>> later encountered this scenario whereby one of the disks failed fsck and
>> I was dropped into a single-user mode login for maintenance, where I was
>> prompted for... you get it, the root password.
>>
>> Resorted to rebooting and disabling fsck from grub, but how to handle
>> fsck errors should probably be considered as part of this proposed change.
>
> You're not the only one:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1045574
> https://bugzilla.redhat.com/show_bug.cgi?id=1087528
>
Well, the "fastboot" flag in Grub works as a workaround, my problem is
different from those that lost their root password -- I intentionally
didn't set one, and expected tasks that in the past required the use of
the root password to be doable by the user account nominated to be
administrators, whether through %wheel membership or pkcon or other means.
> but I don't think that this is really related to securetty.
>
If the use of root account is to be further discouraged, I'm pointing
out that workflows that currently require it have to be revised as well.
Best regards,
--
Michel Alexandre Salim
Fedora Project Contributor: http://fedoraproject.org/
Email: salimma at fedoraproject.org | GPG key ID: A36A937A
Jabber: hircus at jabber.ccc.de | IRC: michel-slm at irc.freenode.net
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
More information about the devel
mailing list