Bug#952450: user-setup: set SYSTEMD_SULOGIN_FORCE=1 in env for rescue/emergency.service when root account is locked
Package: user-setup
Version: 1.83
Severity: normal
User: devel@kali.org
Usertags: origin-kali
Following https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802211
the systemd-sulogin-shell binary run by rescue.service and
emergency.service now adds the --force flag for the sulogin call
when SYSTEMD_SULOGIN_FORCE is set to 1 in the environment.
https://github.com/systemd/systemd/commit/33eb44fe4a8d7971b5614bc4c2d90f8d91cce66c
explains that the expectation is that distributions should now
put service override files to set this environment variable.
Thus user-setup should create the appropriate configuration file when
the root account is not configured. Maybe this should be controlled
by some low priority debconf question as the password-less login through
the rescue boot entry can be seen as a security issue by some.
Cheers,
-- System Information:
Debian Release: bullseye/sid
APT prefers oldoldstable
APT policy: (500, 'oldoldstable'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages user-setup depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.73
ii passwd 1:4.8.1-1
user-setup recommends no packages.
user-setup suggests no packages.
Reply to: