Hello, On Thu, Nov 15, 2018 at 05:47:03PM +0800, Benda Xu wrote: [...] > I think it a common Debian practice to set root passwords. Disabling > root login and put everything on `sudo` feels very Ubuntu.
The debian-installer supports both things out of the box equally. (Although very few people seem to pay any attention to the root password prompt and thus it's quite common people don't know this.) Ubuntu only does locked-root-account, and I think there are well established reasons to do so and wish it would be more obvious to Debian users how d-i works. I don't really see the point in comparing to others though. Debian should do what's best for Debian. > Therefore I think you are right saying "it was 'closed' by moving to > util-linux sulogin". [...] I'm personally absolutely not an advocate of passwordless root shells, but in my view for sysvinit it's very important to not break legacy setups. Specially when most users will not realize until they're doing disaster recovery and will get a not obvious situation that's just a dead end for them. If you think breaking this decades worth of how it has worked is ok, then I guess that's up to you. I personally mostly want to avoid being blamed for having broken it myself, through the move to util-linux sulogin. I've offered my assistance in getting it fixed, but if you opt out then I'm ok with your decision. OTOH this absolutely doesn't make sysvinit secure to use in a kiosk setup, so I don't see anything won by breaking the old setup. Regards, Andreas Henriksson
