This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 869675 - RFE: Anaconda should warn user when disabling root account in certain situations
RFE: Anaconda should warn user when disabling root account in certain situations
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: anaconda (Show other bugs)
18
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: David Cantrell
Fedora Extras Quality Assurance
AcceptedNTH
: Reopened
Depends On:
Blocks: F18Beta-accepted/F18BetaFreezeExcept
  Show dependency treegraph
 
Reported: 2012-10-24 10:29 EDT by Ladislav Jozsa
Modified: 2013-03-12 10:26 EDT (History)
6 users (show)

See Also:
Fixed In Version: anaconda-18.15-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-11-07 11:39:47 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Ladislav Jozsa 2012-10-24 10:29:43 EDT
When disabling root password during Minimal installation, the user effectively cuts itself from normal login to the system after the installation finishes. Anaconda should at least warn (if not forbid) that user won't be able to login.

The same applies for default installation, if add user dialog in firstboot screen is skipped.
Comment 1 Chris Lumens 2012-10-24 10:33:02 EDT
You must be looking at an old tree.  As of anaconda-18.15, a root password is required.  See also bug 859069.
Comment 2 Ladislav Jozsa 2012-10-24 10:40:55 EDT
I'm actually testing recent F18b TC6 (anaconda 18.19) where as you said root password is required but if you don't set any, anaconda will gracefully accept that. Then it tells user that root account is disabled.
Comment 3 Chris Lumens 2012-10-24 10:46:02 EDT
Note that I really don't think there's a good way to tell people this sort of thing.  They're just going to skip right over the dialog, and we are not interested in displaying lots of pop ups.  So, the root password should just be required like the bug says it is.
Comment 4 Ladislav Jozsa 2012-10-24 10:59:32 EDT
OK, I agree with you. It's perfectly OK for me to fix anaconda in the way you describe it.
Comment 5 Adam Williamson 2012-10-26 01:48:39 EDT
at which we point we're effectively back to oldui behaviour and the whole 'root account locked by default' thing has been thoroughly defenestrated, right?

I don't mind that, at all, but it all seems to be a bit piecemeal.
Comment 6 Volker Sobek 2012-10-26 19:42:23 EDT
(In reply to comment #5)
> at which we point we're effectively back to oldui behaviour and the whole
> 'root account locked by default' thing has been thoroughly defenestrated,
> right?

I think the point here is to require a root password *only* if the software selection you have chosen will leave you without firstboot after reboot. A root password would not be required if you chose a DE.
Comment 7 Jesse Keating 2012-10-29 19:08:10 EDT
If we're going to make another change to the behaviour, we should do this before the beta.  Proposing as NTH.
Comment 8 Adam Williamson 2012-10-29 19:33:17 EDT
volker: ah, yeah. That seems reasonable. IIRC we saw problems with the 'positive' case - where we try to detect when firstboot *will* run, and not require you to enter a password in that case - but I don't see a problem with the 'negative' case, where we force you to enter a password when we think firstboot *won't* run. Off the top of my head I can't envisage a case where firstboot won't be present but the admin would want to not enter a root password.
Comment 9 Adam Williamson 2012-10-29 19:35:03 EDT
For NTH this is a bit tricky as it's sensitive behaviour but it's hard to see how adding a test that forces you to enter a root password could be catastrophic. The worst way I can see for it to go wrong which we wouldn't immediately catch is if, in some case, it forces you to create a root password when you don't really need one. But that would not be a disaster. It's nowhere near as bad as *not* forcing you to create a root password when you *do* really need one.

So I'm a light +1 NTH on this, as it should improve the 'safety' of the minimal case and I can't see how it can really negatively affect any other case. Even the worst case scenario isn't terrible here.
Comment 10 Adam Williamson 2012-10-31 14:47:52 EDT
Discussed at 2012-10-31 NTH review meeting: http://meetbot.fedoraproject.org/fedora-qa/2012-10-31/f18beta-blocker-review-6.2012-10-31-16.00.log.txt .

Note that the proposed fix for this is not as Volker suggested in comment #6 and I elaborated in comment #8. The proposed fix is simply to go back to requiring a root password to be set on all installs.

This was accepted as NTH. The agreement is that anaconda team has effectively decided 'look, there's all sorts of landmines with this whole idea of not requiring a root password any more, so let's wave the white flag, go back to the pre-F18 behaviour of always requiring a root password to be set, and stop fiddling with it'.

We think that's a sensible and safe decision, and if it's going to be done that way, it should be implemented for the Beta release, not between Beta and Final. So the change is accepted as NTH.
Comment 11 Fedora Update System 2012-10-31 22:51:17 EDT
anaconda-18.22-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.22-1.fc18
Comment 12 Fedora Update System 2012-11-01 14:26:50 EDT
Package anaconda-18.22-1.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing anaconda-18.22-1.fc18'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-17432/anaconda-18.22-1.fc18
then log in and leave karma (feedback).
Comment 13 Fedora Update System 2012-11-02 00:05:46 EDT
anaconda-18.23-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.23-1.fc18
Comment 14 Fedora Update System 2012-11-02 21:05:13 EDT
anaconda-18.24-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.24-1.fc18
Comment 15 Fedora Update System 2012-11-05 20:40:23 EST
anaconda-18.25-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.25-1.fc18
Comment 16 Ladislav Jozsa 2012-11-06 04:58:47 EST
Verified on F18b-TC7, anaconda 18.24. The root password must be set. An attempt to enter empty root password, effectively disabling it now fails.
Comment 17 Fedora Update System 2012-11-06 13:51:11 EST
Package anaconda-18.25-1.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing anaconda-18.25-1.fc18'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-17691/anaconda-18.25-1.fc18
then log in and leave karma (feedback).
Comment 18 Fedora Update System 2012-11-06 21:12:22 EST
anaconda-18.26-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.26-1.fc18

Note You need to log in before you can comment on or make changes to this bug.