Bug 628929

Summary:	init 1 wants root password
Product:	[Fedora] Fedora	Reporter:	Petr Lautrbach <plautrba>
Component:	initscripts	Assignee:	Bill Nottingham <notting>
Status:	CLOSED RAWHIDE	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	medium	Docs Contact:
Priority:	low
Version:	14	CC:	iarlyy, jonathan, lpoetter, metherid, mschmidt, mtasaka, notting, plautrba, rvokal
Target Milestone:	---
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2010-09-14 23:26:03 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Petr Lautrbach 2010-08-31 12:40:20 UTC

Description of problem:
when I switch to init 1 or when I boot to init 1, I am asked for root password:
Give root password for maintenance
(or type Control-D to continue):

ctrl-d just shows it again and again. 

Version-Release number of selected component (if applicable):
systemd-8-3.fc14.x86_64

How reproducible:
always when boot to runlevel 1

Steps to Reproduce:
1. add 1 to the end of kernel command line or run "init 1" command

Expected results:
shell should be run without asking for password

Comment 1 Michal Schmidt 2010-08-31 13:31:17 UTC

s/sulogin/sushell/ in single.service should do it.

Comment 2 Michal Schmidt 2010-08-31 13:45:07 UTC

BTW, in upstart it is configurable whether to start sulogin or sushell in single-user mode using SINGLE=... in /etc/sysconfig/init.

Comment 3 Lennart Poettering 2010-08-31 14:37:03 UTC

Hmm, why would you want a password-less shell there?

Comment 4 Bill Nottingham 2010-08-31 15:46:46 UTC

History, more than anything else. It's always been that ay.

In any case, s/sulogin/sushell/ is needed for SELinux reasons.

Comment 5 Michal Schmidt 2010-08-31 15:59:21 UTC

(In reply to comment #4)
> In any case, s/sulogin/sushell/ is needed for SELinux reasons.

I don't think so. They both give you an unconfined_t shell.

Comment 6 Bill Nottingham 2010-08-31 18:06:08 UTC

sulogin and sushell will.

execing just a shell won't.

Comment 7 Lennart Poettering 2010-08-31 22:35:12 UTC

Well, but we currently use sulogin.

I find it really weird if booting into single user mode would not ask for a password.

Comment 8 Bill Nottingham 2010-09-01 04:33:56 UTC

I'm not sure what to tell you. It's been the default that way for 15 years, for better or worse... have you really not noticed?

Comment 9 Petr Lautrbach 2010-09-01 08:00:50 UTC

(In reply to comment #3)
> Hmm, why would you want a password-less shell there?

Typically, I use if (it's used) as rescue runlevel, e.g. if I don't know root password or authentication is broken or I need reset root password. It's better then init=/bin/bash

But it would be nice to let administrator set sulogin instead sushell (sushell as default) via configuration variable like it's now done with upstart.

Comment 10 Lennart Poettering 2010-09-03 02:39:41 UTC

(In reply to comment #8)
> I'm not sure what to tell you. It's been the default that way for 15 years, for
> better or worse... have you really not noticed?

I noticed, but I kinda assumed that was oversight.

Comment 11 Bill Nottingham 2010-09-08 16:16:44 UTC

This is fixed in 9-3/initscripts-9.19-1.