[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#977358: release-notes: document how to make the rescue mode usable if no root password is set (buster)



Control: tags -1 moreinfo

On Mon, 14 Dec 2020 13:12:59 +0200 Andrei POPESCU
<andreimpopescu@gmail.com> wrote:
> Some text based on below would make sense for the Release Notes for 
> buster. If agreed I'll try to come up with a wording.

Sure. Does this also apply for bullseye, or is the issue fix somehow?

> 
> On Lu, 07 dec 20, 10:11:48, Greg Wooledge wrote:
> > On Sat, Dec 05, 2020 at 12:41:57PM +0200, Andrei POPESCU wrote:
> > > On Vi, 04 dec 20, 08:09:44, Greg Wooledge wrote:
> > > > I am also going to guess that Deepin, like Ubuntu, defaults to giving
> > > > you a user account with sudo access, and no root password.  You can
> > > > achieve that in Debian as well, by doing something special during the
> > > > installation.  In all cases, it's a stupid idea and you shouldn't do it.
> > > 
> > > This is a pretty strong (and harsh!) statement. Care to expand on the 
> > > reasons?
> > 
> > It prevents access to single-user mode.  The fact that Debian (and
> > these others?) still puts a single-user mode entry into the GRUB menu,
> > knowing that it won't work, is just adding insult to injury.
> 
> A web search found #802211[1].
>
> Short version:
> 
> For systemd >= 240 (buster[2]) run as root
> 
>     systemctl edit rescue.service
>     
> and add:
> 
>     [Service]
>     Environment=SYSTEMD_SULOGIN_FORCE=1
> 
> (see /usr/share/doc/systemd/ENVIRONMENT.md.gz)
> 
> 
> The 'rescue.service' is started by systemd in case it detects 'single' 
> on the kernel command line (see systemd(1)).
> 
> You might want to do the same for 'emergency.service' as well (or 
> instead), since this service is started *automatically* in case of 
> certain errors (see systemd.special(7)) or if you add 'emergency' to the 
> kernel command line (e.g. if you can't fix your system via the 'rescue' 
> service).
> 
> 
> An untested patch to the Debian Installer exists to add both snippets if 
> the user chooses to leave the root password blank.
> 
> 
> [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802211
> [2] see the bug for another snippet that should work for squeeze or 
> earlier.

Paul

Attachment: OpenPGP_signature
Description: OpenPGP digital signature


Reply to: