On 08/ 2/10 04:55 AM, Mike DeMarco wrote:
In making root a role you now rely on a user account to be available
at all times. You can not login as the role and if the user account
gets misconfigured in some way you can not login at all. User
accounts are fluid they grow and get configured in different way each
time you risk having the user account blow up and not be able to get
back into the host to fix it other than with the LiveCD. Which means
you always have to keep the LiveCD handy. Since root should be a
limited use account you can and should give it a very cryptic
password and keep its environment static. This ensures a level of
sanity to the account and with it being static it will be left in a
safe,secure and reliable state.
Incidentally, if root is a role and the network is down and you have no
local user accounts, you can still recover without a Live CD. You can
use the root password to boot in single-user mode, even when root is a role.
Scott
--
Scott Rotondo
Senior Principal Engineer, Solaris Core OS Engineering
President, Trusted Computing Group
Phone: +1 650 786 6309 (Internal x86309)
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
