Your message dated Thu, 18 Nov 2010 06:44:09 +0100 with message-id <20101118054409.GM3765@mykerinos.kheops.frmug.org> and subject line Re: Bug#603848: [Squeeze Beta1] Successful installation - but one security question has caused the Debian Bug report #603848, regarding [Squeeze Beta1] Successful installation - but one security question to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 603848: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603848 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian BTS <submit@bugs.debian.org>
- Subject: [Squeeze Beta1] Successful installation - but one security question
- From: Holger Wansing <linux@wansing-online.de>
- Date: Wed, 17 Nov 2010 22:14:54 +0100
- Message-id: <[🔎] 20101117221454.88f1ee01.linux@wansing-online.de>
Package: installation-reports Boot method: netinst cd Image version: squeeze testing beta1 Date: 17.Nov. 2010 20:00 Machine: High-reliability industry pc 'Siemens IL40' Processor: Pentium4 2,4 GHz Memory: 512 MB Partitions: output of df -Tl: Filesystem Type 1K-blocks Used Available Use% Mounted on /dev/sda1 ext4 5169540 2169328 2737608 45% / tmpfs tmpfs 257064 0 257064 0% /lib/init/rw udev tmpfs 252736 172 252564 1% /dev tmpfs tmpfs 257064 0 257064 0% /dev/shm /dev/sda6 ext4 13417584 184608 12551404 2% /home /dev/sdb1 vfat 245129 40305 204825 17% /media/floppy0 Output of lspci -knn: 00:00.0 Host bridge [0600]: Intel Corporation 82845G/GL[Brookdale-G]/GE/PE DRAM Controller/Host-Hub Interface [8086:2560] (rev 03) Subsystem: Fujitsu Technology Solutions Device [1734:1003] Kernel driver in use: agpgart-intel 00:01.0 PCI bridge [0604]: Intel Corporation 82845G/GL[Brookdale-G]/GE/PE Host-to-AGP Bridge [8086:2561] (rev 03) 00:1d.0 USB Controller [0c03]: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #1 [8086:24c2] (rev 02) Subsystem: Fujitsu Technology Solutions D1451 Mainboard (SCENIC N300, i845GV) [1734:1004] Kernel driver in use: uhci_hcd 00:1d.1 USB Controller [0c03]: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #2 [8086:24c4] (rev 02) Subsystem: Fujitsu Technology Solutions D1451 Mainboard (SCENIC N300, i845GV) [1734:1004] Kernel driver in use: uhci_hcd 00:1d.2 USB Controller [0c03]: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #3 [8086:24c7] (rev 02) Subsystem: Fujitsu Technology Solutions D1451 Mainboard (SCENIC N300, i845GV) [1734:1004] Kernel driver in use: uhci_hcd 00:1d.7 USB Controller [0c03]: Intel Corporation 82801DB/DBM (ICH4/ICH4-M) USB2 EHCI Controller [8086:24cd] (rev 02) Subsystem: Fujitsu Technology Solutions D1451 Mainboard (SCENIC N300, i845GV) [1734:1004] Kernel driver in use: ehci_hcd 00:1e.0 PCI bridge [0604]: Intel Corporation 82801 PCI Bridge [8086:244e] (rev 82) 00:1f.0 ISA bridge [0601]: Intel Corporation 82801DB/DBL (ICH4/ICH4-L) LPC Interface Bridge [8086:24c0] (rev 02) 00:1f.1 IDE interface [0101]: Intel Corporation 82801DB (ICH4) IDE Controller [8086:24cb] (rev 02) Subsystem: Fujitsu Technology Solutions D1451 Mainboard (SCENIC N300, i845GV) [1734:1004] Kernel driver in use: ata_piix 00:1f.3 SMBus [0c05]: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) SMBus Controller [8086:24c3] (rev 02) Subsystem: Fujitsu Technology Solutions D1451 Mainboard (SCENIC N300, i845GV) [1734:1004] Kernel driver in use: i801_smbus 00:1f.5 Multimedia audio controller [0401]: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC'97 Audio Controller [8086:24c5] (rev 02) Subsystem: Fujitsu Technology Solutions Device [1734:0088] Kernel driver in use: Intel ICH 01:00.0 VGA compatible controller [0300]: Matrox Graphics, Inc. MGA G400/G450 [102b:0525] (rev 85) Subsystem: Matrox Graphics, Inc. Millennium G450 32Mb SDRAM Dual Head [102b:0641] Kernel driver in use: matrox_w1 02:08.0 Ethernet controller [0200]: Intel Corporation 82801DB PRO/100 VM (LOM) Ethernet Controller [8086:103b] (rev 82) Subsystem: Fujitsu Technology Solutions Device [1734:1002] Kernel driver in use: e100 Base System Installation Checklist: [O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it Initial boot: [O] Detect network card: [O] Configure network: [O] Detect CD: [O] Load installer modules: [O] Detect hard drives: [O] Partition hard drives: [O] Install base system: [O] Clock/timezone setup: [O] User/password setup: [O] Install tasks: [O] Install boot loader: [O] Overall install: [O] Comments/Problems: Installation without any problems! I installed from netinst-cd combined with a german mirror, I used the graphical installer, desktop environment LXDE was chosen, grub2 was installed in the MBR (nice grub boot menu screen!). I have one security related question: I selected, that the root account should be deactivated, and the first regular user receives administrative rights via sudo. This works so far. But if I start the machine via the "recovery mode" entry in the grub menu (runlevel 1), I get a root (!) shell without beeing asked for any password!!! ("sulogin: root account is locked, starting shell") Is this correct and intended? Thanks for your work! Holger -- = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = Created with Sylpheed 2.5.0 under DEBIAN GNU/LINUX 5.0.0 - L e n n y Registered LinuxUser #311290 - http://counter.li.org/ = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
--- End Message ---
--- Begin Message ---
- To: Holger Wansing <linux@wansing-online.de>, 603848-done@bugs.debian.org
- Subject: Re: Bug#603848: [Squeeze Beta1] Successful installation - but one security question
- From: Christian PERRIER <bubulle@debian.org>
- Date: Thu, 18 Nov 2010 06:44:09 +0100
- Message-id: <20101118054409.GM3765@mykerinos.kheops.frmug.org>
- In-reply-to: <[🔎] 20101117221454.88f1ee01.linux@wansing-online.de>
- References: <[🔎] 20101117221454.88f1ee01.linux@wansing-online.de>
> I have one security related question: > I selected, that the root account should be deactivated, and the first > regular user receives administrative rights via sudo. > This works so far. > But if I start the machine via the "recovery mode" entry in the grub > menu (runlevel 1), I get a root (!) shell without beeing asked for > any password!!! > ("sulogin: root account is locked, starting shell") I don't really see what else could be done... Anyway, this is the intended behaviour of sulogin(8).Attachment: signature.asc
Description: Digital signature
--- End Message ---