Hi Richard, On Mon, 23 Dec 2024 at 16:03, Richard Lewis <richard.lewis.deb...@googlemail.com> wrote: > > On Sat, 03 Jun 2023 13:10:09 +0100 > > > Although this was documented for bullseye, the underlying cause > > remains, and I think that it could be valuable for users to continue > > to have this documentation available. > > > I've tested that the previously-added guidance from the bullseye > > release notes remains valid and works on a bookworm system, and have > > pushed a branch[1] to Salsa to restore the documentation. > > > > Bugreport #952450 tracks a longer-term fix, and once that is resolved > > I think it'd be fine to drop this note from the release-notes. > > The original bug referred to > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802211 - fixed in > bookworm
Yep, as mentioned in Andrei's report, the SYSTEMD_SULOGIN_FORCE config option, allowing successful emergency/rescue login when the root account is locked, became available in systemd v240 and was included in bookworm. > The above refers to > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952450 is open as of > 23 Dec 2024 Indeed - it is yet-to-be-decided whether SYSTEMD_SULOGIN_FORCE will be automatically enabled by the Debian installer when a locked root account is requested. Currently, the setting is not configured. > I think this bug is about using system and rescue mode, which we > currently have section 4.1.4.2 > trixie: > https://www.debian.org/releases/trixie/release-notes/upgrading.en.html#debug-shell-during-boot-using-systemd > source: > https://salsa.debian.org/ddp-team/release-notes/-/blame/master/source/upgrading.rst#L161 > > bookworm: > https://www.debian.org/releases/bookworm/amd64/release-notes/ch-upgrading.en.html#recovery > source: > https://salsa.debian.org/ddp-team/release-notes/-/blame/bookworm/en/upgrading.dbk?ref_type=heads#L188 > > Is there still something to document for a) bookworm and b) trixie, > and if so, what should it say? The intention of that documentation appears to be to explain how to users/sysadmins how to reach a root shell in case of unexpected boot-time system failures (I say that based on the sentence, "If the boot fails under systemd, it is possible to obtain a debug root shell by changing the kernel command line."). In my experience, if the root password on a Debian installation is locked, then rebooting into the systemd rescue.target and/or emergency.target targets will _not_ provide a root shell (repeating myself in an attempt to communicate my understanding: this is due to the absence of the SYSTEMD_SULOGIN_FORCE setting). As a result, I think there does indeed continue to be a gap in the documentation, and that either Andrei's suggested issue-note[1] - and/or mentioning the relevant systemd config setting may be required to boot into rescue/emergency mode, would be worthwhile. (I have confirmed locally that it is still necessary to add the config option to get to a root shell when rebooting into those targets) Regards, James [1] - https://salsa.debian.org/ddp-team/release-notes/-/commit/ad648eb9abc159d60319eccb81756e3825eae374
