1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] bug, omission or feature
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20bug%2C%20omission%20or%20feature&In-Reply-To=%3C4FCB884F.6090708%40colin.guthr.ie%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="016098.html">
<LINK REL="Next" HREF="016102.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] bug, omission or feature</H1>
<B>Colin Guthrie</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20bug%2C%20omission%20or%20feature&In-Reply-To=%3C4FCB884F.6090708%40colin.guthr.ie%3E"
TITLE="[Mageia-dev] bug, omission or feature">mageia at colin.guthr.ie
</A><BR>
<I>Sun Jun 3 17:52:47 CEST 2012</I>
<P><UL>
<LI>Previous message: <A HREF="016098.html">[Mageia-dev] bug, omission or feature
</A></li>
<LI>Next message: <A HREF="016102.html">[Mageia-dev] bug, omission or feature
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#16099">[ date ]</a>
<a href="thread.html#16099">[ thread ]</a>
<a href="subject.html#16099">[ subject ]</a>
<a href="author.html#16099">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>'Twas brillig, and Richard Couture at 03/06/12 12:27 did gyre and gimble:
><i> I notice that when, at the end of the installation of MGA2, I select the
</I>><i> level of security as HIGH, that I am permitted entry into the system in
</I>><i> Linux Single mode without a challenge password, which is a new, and IMHO
</I>><i> undesirable, behavior from previous versions.
</I>><i>
</I>><i> Is this a new feature, or have I stumbled upon a bug?
</I>><i>
</I>><i> The /etc/inittab does have ~~:S:wait:/sbin/sulogin in it but I can get
</I>><i> in without a password... Must be something new in system D
</I>
/etc/inittab is no longer used or read.
For single user mode now-a-days we boot to rescue.target (this is done
automatically if you just put a 1 at the end of the kernel command line
to support "runlevel 1").
Ultimately this pulls in rescue.service
This file should source the contents of /etc/sysconfig/init and then
execute:
/bin/bash -c "exec ${SINGLE}"
So please check /etc/sysconfig/init and make sure SINGLE is set to
/sbin/sulogin rather than /sbin/sushell.
However you will see from previous threads that I'm not convinced
sulogin is actually working all that well just now and it some
pre-release testing it didn't run properly for me.
On the whole, this kind of "security" is basically bullshit anyway. It
might make things a tiny bit harder, but if you can get into the
bootloader to append a 1 on the command line, you can also append
init=/bin/bash too which totally bypasses everything too. So while it's
maybe a nice idea, for all practical purposes, it's not any kind of real
security anyway, so don't rely on it!
Col
--
Colin Guthrie
colin(at)mageia.org
<A HREF="http://colin.guthr.ie/">http://colin.guthr.ie/</A>
Day Job:
Tribalogic Limited <A HREF="http://www.tribalogic.net/">http://www.tribalogic.net/</A>
Open Source:
Mageia Contributor <A HREF="http://www.mageia.org/">http://www.mageia.org/</A>
PulseAudio Hacker <A HREF="http://www.pulseaudio.org/">http://www.pulseaudio.org/</A>
Trac Hacker <A HREF="http://trac.edgewall.org/">http://trac.edgewall.org/</A>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="016098.html">[Mageia-dev] bug, omission or feature
</A></li>
<LI>Next message: <A HREF="016102.html">[Mageia-dev] bug, omission or feature
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#16099">[ date ]</a>
<a href="thread.html#16099">[ thread ]</a>
<a href="subject.html#16099">[ subject ]</a>
<a href="author.html#16099">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|
