Hi all, On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote: > https://fedoraproject.org/wiki/Changes/FixRescueMode > > == Summary == > Fedora defaults to locking the root account, which is needed by > single-user mode. This Change uses `sulogin --force` so the password > request is bypassed under this circumstance. > Thanks for all the feedback. Going to do a reply here rather than in individual subthreads since I'm responding to several suggestions. For those who thinks this is a security concern (granted, not a new one, but one that is more convenient), requiring some password seems to be the way out - do we want to allow any /local/ %wheel users to log in? - or do we want to use a recovery passphrase of some sort? - TPM dependencies might not be appropriate I'm leaning towards not rushing this and delaying to F37; Chris Murphy raised a good question on whether the current bypass is fine for CoreOS or not. For F36 - I agree that it's better to *not* have a rescue mode than a broken one. How about this as an end state we can realistically achieve: - if the root password is set, rescue mode should appear in the GRUB menu - if the root password is not set - rescue mode should not be listed - if someone tries to invoke it, it should display an error rather than prompting for a non-existent password If that seems reasonable, we can figure out where to put the hooks next. Best regards, -- Michel Alexandre Salim profile: https://keyoxide.org/michel@xxxxxxxxxxxxxxx
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
