8 Jun
2009
8 Jun
'09
12:36 p.m.
Hi Adam,
On Mon, Jun 08, 2009 at 01:15:57PM +0100, Adam Spiers wrote:
Based on what I've seen on this list, it looks
like most of your
customers are experienced administrators who are well aware of the
dangers of root. I don't believe there is anything special about
Ubuntu that makes direct root access any more dangerous than on other
distros; it's just that Ubuntu is the distro most often used by Linux
newbies, so in that light their sudo-based approach makes sense.
Well, I did used to treat Ubuntu the same as Debian and just provide
the root password (encrypted if requested), but several people
castigated me and pointed me at that page. Conversely since I
changed to doing things "the Ubuntu way," two people have praised me
for it.
So even though I don't agree with it, I will go along with what the
distribution recommends. I don't think I can really justify
deviating from that given how strongly Ubuntu recommends this.
The thing which interests me most on that page is
under the
"Misconceptions" section:
I won't be able to enter single-user mode!
* The sulogin program in Ubuntu is patched to handle the default
case of a locked root password
This doesn't explain what happens if your root filesystem is hosed
badly enough that it requires a manual fsck before it can be mounted
read/write. In that case it always prompts for a root password,
right? How are Ubuntu users expected to deal with that?
That is done with sulogin as well isn't it?
(Incidentally I'd never thought about this before,
but I'm guessing
that mkinitrd mirrors /etc/shadow into the initrd to avoid a catch 22
here?)
Don't know about this.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
<GeorgeWBush> I'm still banned on #ubuntu-uk though. Or should I say,
#ubuntu-anti-trans