blob: 80a04effa0354f2e8b87d7e2bbb5f5dba7504230 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] Handling single user/rescue/failsafe mode
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Handling%20single%20user/rescue/failsafe%20mode&In-Reply-To=%3CCA%2Bh4nj5s4ygFtKT5YBdp2kjqHpg%2BTje5mNomzF-%3DxRFN%2BfZh6w%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="014871.html">
<LINK REL="Next" HREF="014877.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] Handling single user/rescue/failsafe mode</H1>
<B>Wolfgang Bornath</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Handling%20single%20user/rescue/failsafe%20mode&In-Reply-To=%3CCA%2Bh4nj5s4ygFtKT5YBdp2kjqHpg%2BTje5mNomzF-%3DxRFN%2BfZh6w%40mail.gmail.com%3E"
TITLE="[Mageia-dev] Handling single user/rescue/failsafe mode">molch.b at googlemail.com
</A><BR>
<I>Thu Apr 26 13:05:19 CEST 2012</I>
<P><UL>
<LI>Previous message: <A HREF="014871.html">[Mageia-dev] Handling single user/rescue/failsafe mode
</A></li>
<LI>Next message: <A HREF="014877.html">[Mageia-dev] Handling single user/rescue/failsafe mode
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#14875">[ date ]</a>
<a href="thread.html#14875">[ thread ]</a>
<a href="subject.html#14875">[ subject ]</a>
<a href="author.html#14875">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>2012/4/26 Guillaume Rousse <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">guillomovitch at gmail.com</A>>:
><i> Le 26/04/2012 12:12, Thierry Vignaud a écrit :
</I>><i>
</I>>><i> On 26 April 2012 11:38, Colin Guthrie<<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">mageia at colin.guthr.ie</A>>  wrote:
</I>>>><i>
</I>>>><i> It seems that in mga1 single user mode just gave a shell without
</I>>>><i> requiring root password.
</I>>>><i>
</I>>>><i> I'm not sure when this was added, but in the initscripts changelog, I
</I>>>><i> see it has come from the big mdvconf patch[1].
</I>>>><i>
</I>>>><i> Can anyone remember the reason for this (perhaps it was related to tcb
</I>>>><i> support?) and whether or not we should do the same thing in systemd
</I>>>><i> which currently (now that I've fixed it) uses whatever SINGLE says in
</I>>>><i> /etc/sysconfig/init.
</I>>><i>
</I>>><i>
</I>>><i> This has been like this forever...
</I>>><i> At least for the past decade.
</I>>><i> I think other distros do/did it too.
</I>><i>
</I>><i> Some of them force the use of a password for single mode. Given the ease of
</I>><i> bypassing it through init=/bin/sh, unless the bootloader is also protected,
</I>><i> I'm a bit sceptic about the interest.
</I>
For ages (Mandrakelinux/Mandriva) it has been
SINGLE=/sbin/sushell
as default. IMHO this default setting is a security issue. Someone
with access to your machine (in an office or whereever) can simply
turn it on (or first turn it off with the power button), select
failsafe from the boot menue and has all the privileges he wants
without any hurdles to jump. So I've been advocating to change this
entry in /etc/sysconfig/init.
I've been also recommending users to change the matching line in
/etc/inittab accordingly:
#Single user mode
~~:S:wait:/sbin/sulogin
which does the same. Unfortunately Mandrake/Mandriva developpers did
not share my view.
--
wobo
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="014871.html">[Mageia-dev] Handling single user/rescue/failsafe mode
</A></li>
<LI>Next message: <A HREF="014877.html">[Mageia-dev] Handling single user/rescue/failsafe mode
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#14875">[ date ]</a>
<a href="thread.html#14875">[ thread ]</a>
<a href="subject.html#14875">[ subject ]</a>
<a href="author.html#14875">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|
