[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Passwordless root shell is offered when boot problem occurs.

Sthu Deus (sthu.deus@gmail.com on 2011-12-02 15:17 +0700):
> >From here it's all guesswork. You'd need to provide a full bootlog up
> >to the point where the shell is started to get any meaningful
> >answers.
> Hmm. I thought everybody has the same OS behavior in such condition...
> And the problem here is only improper/default configuration.

That could very well be, but I haven't had a boot problem in years
(well, except when trying out systemd). A standard Debian config should
not offer a passwordless root shell unless you explicitly ask for it,
but I can think of at least four ways to get such a root shell -- not
including misconfiguration, bugs or alternative boot devices.

> I have grepped through my logs on HDD partition that caused the boot
> stop (because one partition was not mounted that set to be auto
> mounted) - 

I don't think you'll find anything in the system logs. From the little
information you have given, it is clear that the system has not fully
started, so there is no reason to assume that /var/log is accessible or
that syslog is running.

Early boot messages should be found in /var/log/boot, but bootlogd
seems very hit&miss on my systems. Filesystem checks are logged
in /var/log/fsck.

> In general, am I correct in understanding the situation, that what I
> gonna do is abnormal behavior in Debian distro., and to have the root
> password-less shell in "emergency" cases is OK for some (to
> developers / security team) reasons

It's not about emergency situations, although it certainly can be used
as such. It's about accesss: if anyone has physical access to your
machine, there are so many ways to access your system that it is silly
to protect against one of them.

So yes, protecting yourself from physical attacks by insisting on a
root password is abnormal behaviour. How are you going to prevent an
attacker from opening your PC and connecting the harddisk to his own

> - and in case I want to commit
> what I have targeted, I have to develop the solution myself (that is
> there is no a config. file that I might simply turn on the password
> prompt for root shell in such cases)?

In short, yes. If you really want to be that paranoid (and there are
good reasons for it, especially on laptops), you should be looking at
encryption as your solution (dm-crypt, truecrypt, bitlocker), not


Reply to: