I believe adding '--force' is just as important when the root account has a password, to allow system access in case /etc/password and/or /etc/shadow are unreadable or otherwise damaged.
This is of course much less likely to happen than needing su access in general. But there are no real reasons to avoid '--force' on systems having a root password. '--force' will not make any difference unless /etc/shadow is modified. And if you can modify /etc/shadow in any way, then... So the two important differences with unconditional '--force' are: - enabling emergency rescue of systems with damaged /etc - requiring one additional change to fully lock down the root account for console users These differences are exactly the same whether or not the root account was locked down by the installer. If you find the last one acceptable for an installer locked down root account, then it must be acceptable for a manually locked down root as well. Therefore: Please invoke sulogin with '--force' by default. There is no need to do any installer-based magic. Bjørn _______________________________________________ Pkg-systemd-maintainers mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
