Paul Gevers wrote: > Hi Justin, Andrei, > > Thanks for the proposed text below. I struggle a bit with where to place > it. What do you suggest? It's not really an upgrading issue, is it?
Maybe at the end of "issues", next to the similarly chronic issue of GNOME mouseless a11y? That's under "package-specific-issues" at present, mislabelled as a case where the package might not upgrade smoothly; we don't really have any known cases of that to list, so maybe we ought to reorganise the subsections a bit. I would have hoped we could arrange things so that the bookworm deprecations subsection is at the very end, and whether we do that or not we might want the "limited-security-support" bit to be alongside the a11y and rescue.service bits in a "chronic-problems" section (but don't call it that). >> <title> >> The <literal>rescue</literal> boot option is unusable without a root >> password >> </title> >> <para> If this goes in a list that's organised in terms of packages then it needs to give more of a hint about where the problem originated: ^With the implementation of <literal>sulogin</literal> now used, >> Booting with the <literal>rescue</literal> option always requires >> the root password. If one has not been set, this makes the rescue >> mode effectively unusable. However it is still possible to boot >> using the kernel parameter <literal>init=/sbin/sulogin --force</literal> >> </para> >> <para> >> To configure systemd to do the equivalent of this whenever it boots >> into rescue mode (also known as single mode: see <ulink >> url="&url-man;/bullseye/systemd/systemd.1.html">systemd(1)</ulink>), >> run <command>sudo systemctl edit rescue.service</command> and create >> a file saying just: >> </para> >> <screen> >> [Service] >> Environment=SYSTEMD_SULOGIN_FORCE=1 >> </screen> >> <para> >> It might also (or instead) be useful to do this for the >> <literal>emergency.service</literal> unit, which is started >> <emphasis>automatically</emphasis> in the case of certain >> errors (see <ulink >> >> url="&url-man;/bullseye/systemd/systemd.special.7.html">systemd.special(7)</ulink>), >> or if <literal>emergency</literal> is added to the kernel >> command line (e.g. if the system can't be recovered by using >> the rescue mode). >> </para> Looking at that paragraph again, the man page is good enough to make me consider shortening it to The same applies to the <literal>emergency.service</literal> unit, for booting into emergency mode; see <ulink url="&url-man;/bullseye/systemd/systemd.special.7.html">systemd.special(7)</ulink>. >> <para> >> For background and a discussion on the security implications see >> <ulink url="&url-bts;/802211">#802211</ulink>. ^bug >> </para> -- JBR with qualifications in linguistics, experience as a Debian sysadmin, and probably no clue about this particular package