Michel Alexandre Salim wrote: > - do we want to allow any /local/ %wheel users to log in? This seems fine to me. > - or do we want to use a recovery passphrase of some sort? I'm not sure what you mean here. When a passphrase is called a recovery passphrase, it's usually because authentication is normally done some other way. For example, if you normally log in by inserting some kind of hardware token, then you may want a recovery passphrase to use in case the hardware token is broken or lost. As long as users normally log in with a passphrase, I see no need to have a separate passphrase for rescue mode. Root's or a wheel user's usual passphrase should be fine. > For F36 - I agree that it's better to *not* have a rescue mode than a > broken one. How about this as an end state we can realistically achieve: > - if the root password is set, rescue mode should appear in the GRUB > menu > - if the root password is not set > - rescue mode should not be listed > - if someone tries to invoke it, it should display an error rather > than prompting for a non-existent password This looks sane. If there is a separate boot entry for the rescue mode, then maybe Grub could be programmed to require a passphrase before it will boot that entry? Björn Persson
Attachment:
pgp9QL4yc8rPy.pgp
Description: OpenPGP digital signatur
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
