Hello all, Marco d'Itri [2014-10-20 19:07 +0200]: > On Oct 20, Richard Hartmann <richih.mailingl...@gmail.com> wrote: > > > similar to zack's #766039, I would like to ask if it's possible to > > always enable a read-only version of debug-shell.service. > debug-shell.service pretty much just starts a shell.
Right, so a read-only version of that makes little sense. > To enable it by default we would need to use a wrapper which asks the > root password with minimal interactions with the rest of the system, > ideally by just checking it against /etc/shadow (hence no PAM, no NSS, > etc). There might not even be a root password. Many systems disable it for good reason (makes the attack surface smaller wrt. brute-forcing). TBH, this will quickly start getting complicated enough that you might just as well log into a normal getty. Perhaps a better thing would be to always log systemd events/changes to tty9? There is no scrollback buffer while its logging in the background (i. e. you are looking at a different tty), but usually the last 20-something lines should give you an idea what it's hanging on. Thanks, Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
signature.asc
Description: Digital signature
