On Wed, Dec 08, 2021 at 12:12:33PM -0500, Chris Murphy wrote: > On Tue, Dec 7, 2021 at 6:28 AM Zbigniew Jędrzejewski-Szmek > <zbys...@in.waw.pl> wrote: > > > > On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote: > > > Fedora defaults to locking the root account, which is needed by > > > single-user mode. This Change uses `sulogin --force` so the password > > > request is bypassed under this circumstance. > > > > I think this is a terrible idea. The problem is real, but this > > solution addresses it in the wrong place. Essentially, you are proposing > > a behaviour of "something is wrong, let's make everything open without > > authentication", which is good for debugging and development, but not > > acceptable for a real system. > > Is it terrible enough that CoreOS should revert? > https://github.com/coreos/fedora-coreos-config/commit/eb74f2ea3e9b453902315539e4f327481162c4f8
I'd say that this makes coreos unsuitable as a general purpose image. Maybe it's OK in limited circumstances where "physical" access is only possible if you're the administrator on the host. Zbyszek _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
