* Justin Wells said: > > I think we should consider that the alternate root user should be the > one with bash as a shell. This is primarily because single user mode > doesn't give you a choice about which user's shell it's going to > drop you into. > > The alternate root user could be used for day to day administration > and could have a dynamically linked shell. Hmm.... no, I don't think it will work. You must remeber about the power of habit - people are USED to the root account and we can't ignore it. The issue with a single mode is easily to be worked around by slightly modifying the sulogin program - passing it an additional parameter with the account name would do. > This has an additional advantage: > > -- you can default the bash user's password to '*' (password disabled) > and an administrator who wants to long in and use bash can then > use passwd to set this to something else > > Now you don't have to worry about cloning the root user's password. I guess that the cloning is much more acceptable than totally changing the admin's habit to use the root account. Cloning can be done fully automagically. > The further we go with this discussion, the more arguments arise that > seem to push us toward the same solution already adopted by several > other Unixes, which have a bash UID 0 as "toor". It seems so that we really need it. marek
Attachment:
pgp9Gd00aMJYD.pgp
Description: PGP signature