Re: F10 and no root login - impossible to maintain systems!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, 2009-01-23 at 13:46 -0500, Bill Nottingham wrote:
> Kevin Kofler (kevin.kofler@xxxxxxxxx) said: 
> > The funny thing is, the GDM config file even used to say in a comment that
> > anybody who disables root login "should be shot".
> 
> Yes, but the Queen of England has no authority here.

Authority or not, that doesn't make her wrong.  Tell the nag-nannies I
said sod off.  It's not that I *need* to login as root on an X session,
it's that I *want* to.  If I accept the risks (of which there aren't
really any since I'm only doing this on test machines behind a firewall
that aren't used for web surfing or email, I just want the desktop real
estate that I get with lots of side by side gnome terminals instead of
flipping console vts all the time), then that's my business.  Not to
mention that all my test boxes use both NFS and NIS internally, and the
only valid local account is root, and no I'm not going to create some
dumb ass account that's local only with a home in /tmp so I can actually
login and fix any NIS/NFS related problems, I don't need one, I have
root.  And I'm really curious about what the difference is between
telling someone go to init 3 and then run startx instead of just logging
in as root is.  I can't, for the life of me, see any benefit to telling
people not to login as root while leaving that hole open, after all, the
entire session will still be owned by root either way.

Anyway, much thanks to the person that pointed out where to go to fix
this fascist crap.  I consider myself a "super user", but each person
has their areas of expertise and mucking around with pam isn't mine.
Guess I'll be adding a new sed command to my %post scripts in my
kickstarts.  I would suggest you do the same Ben, the nanny state has
taken over.

-- 
Doug Ledford <dledford@xxxxxxxxxx>
              GPG KeyID: CFBFF194
              http://people.redhat.com/dledford

Infiniband specific RPMs available at
              http://people.redhat.com/dledford/Infiniband

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux