On Thu, Jan 15, 2004 at 01:06:21PM -0600, Adam F. Rogoyski wrote: > Hi. In a i386 install with the daily 100 meg sarge cd > (sarge-i386-netinst.iso 11-Jan-2004 15:18 107M) > I was able to hit Cancel when it prompts for the root password and proceed > to Finish Setup, dropping me at the login screen. Now I couldn't log on > because there was no root password set. You might want to put some kind > of warning there, or let the root user log on with a null password until > one is yet. Yes, this is bug #207816, a side effect of re-engineering the PAM config files, which I've been allowing to languish in the BTS. Based on this and other requests, I've come to the conclusion that there's a real need for two separate "common" auth configs, because interactive and non-interactive services don't have much common ground. The changes I'm aware of so far that should be included in such a common-auth-interactive file are: - call pam_nologin.so - call pam_env.so - add 'nullok' to the pam_unix option list These seem to be the common features of those services whose needs are not satisfied by /etc/pam.d/common-auth today. Sam, would you agree? -- Steve Langasek postmodern programmer
Attachment:
pgpv3iMyww_S6.pgp
Description: PGP signature