Hello util-linux Maintainers,
Although this bug has been closed for a few months, I just encountered
the issue on one of my systems and would like to discuss the solution
a bit. Although sulogin supports the --force option to allow
passwordless root login (so the util-linux part of this issue may be
fixed) the issue still appears to be present for users.
If a user chooses to disable the root account when prompted during
installation, it appears that they are still unable to use sulogin for
emergency/rescue boot (from the kernel command-line) or when fsck
fails, since --force is not passed to sulogin by
/lib/systemd/system/{console-shell,emergency,rescue}.service (from
systemd) and /etc/init.d/checkroot.sh (from initscripts) and
presumably others. This can be particularly problematic since it may
be difficult for users to add a root password when they are first
presented with this problem by whatever issue necessitated a recovery
shell.
Is there a way that we can avoid booby-trapping systems in this way?
This could be done by prompting users about enabling passwordless root
login once they have opted to disable the root account (although this
would require coordination across packages calling sulogin).
Alternatively, although less conveniently for users, by documenting
the files which need to be edited to add "--force" and/or adding a
warning to the installer prompt for disabling the root account so
users know that their systems will be broken in this way.
Thanks for considering!
--
Cheers, | ke...@kevinlocke.name | XMPP: ke...@kevinlocke.name
Kevin | https://kevinlocke.name | IRC: kevinoid on freenode
