Bug 1042736

Summary: anaconda lets you exit without setting root password if you create an admin user, but RHEL does not put such a user in sudoers by default
Product: Red Hat Enterprise Linux 7 Reporter: Adam Williamson <awilliam>
Component: anacondaAssignee: Vratislav Podzimek <vpodzime>
Status: CLOSED DUPLICATE QA Contact: Release Test Team <release-test-team>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 7.0CC: vpodzime
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-12-13 09:25:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Adam Williamson 2013-12-13 09:05:16 UTC 
To reproduce:

Install RHEL 7 public beta. While package install is proceeding, create a user account and check the 'make this user an administrator' box. Do *not* set a root password.

anaconda will let you escape the install like this. Now, boot the installed system. If you do a minimal install, you go straight to a login prompt; if you do a larger install, initial-setup may run, but I think it does not require you to set a root password.

log in as the user you created. Now, try and do an 'administrative' task, since you are an 'administrator': 'sudo su'.

"(username) is not in the sudoers file. This incident will be reported."

At least in a non-graphical install you have now shot yourself in the foot, you have no access to admin privileges.

In Fedora, 'administrator' users are put in sudoers, so just having an admin user is sufficient to ensure you will be able to access administrative functions. But I guess this is not the case in RHEL. If that's not changed, anaconda should always require you to set a root password on RHEL, or else you can lock yourself out.
Comment 1 Adam Williamson 2013-12-13 09:06:34 UTC 
the user is added to the 'wheel' group, but apparently this doesn't grant sudo privs in RHEL.
Comment 2 Vratislav Podzimek 2013-12-13 09:25:19 UTC 

*** This bug has been marked as a duplicate of bug 994623 ***