Bug 869675 - RFE: Anaconda should warn user when disabling root account in certain situations
Summary: RFE: Anaconda should warn user when disabling root account in certain situations
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: anaconda
Version: 18
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: David Cantrell
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: AcceptedNTH
Depends On:
Blocks: F18Beta-accepted, F18BetaFreezeExcept
TreeView+ depends on / blocked
 
Reported: 2012-10-24 14:29 UTC by Ladislav Jozsa
Modified: 2013-03-12 14:26 UTC (History)
6 users (show)

Fixed In Version: anaconda-18.15-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-11-07 16:39:47 UTC
Type: Bug


Attachments (Terms of Use)

Description Ladislav Jozsa 2012-10-24 14:29:43 UTC
When disabling root password during Minimal installation, the user effectively cuts itself from normal login to the system after the installation finishes. Anaconda should at least warn (if not forbid) that user won't be able to login.

The same applies for default installation, if add user dialog in firstboot screen is skipped.

Comment 1 Chris Lumens 2012-10-24 14:33:02 UTC
You must be looking at an old tree.  As of anaconda-18.15, a root password is required.  See also bug 859069.

Comment 2 Ladislav Jozsa 2012-10-24 14:40:55 UTC
I'm actually testing recent F18b TC6 (anaconda 18.19) where as you said root password is required but if you don't set any, anaconda will gracefully accept that. Then it tells user that root account is disabled.

Comment 3 Chris Lumens 2012-10-24 14:46:02 UTC
Note that I really don't think there's a good way to tell people this sort of thing.  They're just going to skip right over the dialog, and we are not interested in displaying lots of pop ups.  So, the root password should just be required like the bug says it is.

Comment 4 Ladislav Jozsa 2012-10-24 14:59:32 UTC
OK, I agree with you. It's perfectly OK for me to fix anaconda in the way you describe it.

Comment 5 Adam Williamson 2012-10-26 05:48:39 UTC
at which we point we're effectively back to oldui behaviour and the whole 'root account locked by default' thing has been thoroughly defenestrated, right?

I don't mind that, at all, but it all seems to be a bit piecemeal.

Comment 6 Volker Sobek 2012-10-26 23:42:23 UTC
(In reply to comment #5)
> at which we point we're effectively back to oldui behaviour and the whole
> 'root account locked by default' thing has been thoroughly defenestrated,
> right?

I think the point here is to require a root password *only* if the software selection you have chosen will leave you without firstboot after reboot. A root password would not be required if you chose a DE.

Comment 7 Jesse Keating 2012-10-29 23:08:10 UTC
If we're going to make another change to the behaviour, we should do this before the beta.  Proposing as NTH.

Comment 8 Adam Williamson 2012-10-29 23:33:17 UTC
volker: ah, yeah. That seems reasonable. IIRC we saw problems with the 'positive' case - where we try to detect when firstboot *will* run, and not require you to enter a password in that case - but I don't see a problem with the 'negative' case, where we force you to enter a password when we think firstboot *won't* run. Off the top of my head I can't envisage a case where firstboot won't be present but the admin would want to not enter a root password.

Comment 9 Adam Williamson 2012-10-29 23:35:03 UTC
For NTH this is a bit tricky as it's sensitive behaviour but it's hard to see how adding a test that forces you to enter a root password could be catastrophic. The worst way I can see for it to go wrong which we wouldn't immediately catch is if, in some case, it forces you to create a root password when you don't really need one. But that would not be a disaster. It's nowhere near as bad as *not* forcing you to create a root password when you *do* really need one.

So I'm a light +1 NTH on this, as it should improve the 'safety' of the minimal case and I can't see how it can really negatively affect any other case. Even the worst case scenario isn't terrible here.

Comment 10 Adam Williamson 2012-10-31 18:47:52 UTC
Discussed at 2012-10-31 NTH review meeting: http://meetbot.fedoraproject.org/fedora-qa/2012-10-31/f18beta-blocker-review-6.2012-10-31-16.00.log.txt .

Note that the proposed fix for this is not as Volker suggested in comment #6 and I elaborated in comment #8. The proposed fix is simply to go back to requiring a root password to be set on all installs.

This was accepted as NTH. The agreement is that anaconda team has effectively decided 'look, there's all sorts of landmines with this whole idea of not requiring a root password any more, so let's wave the white flag, go back to the pre-F18 behaviour of always requiring a root password to be set, and stop fiddling with it'.

We think that's a sensible and safe decision, and if it's going to be done that way, it should be implemented for the Beta release, not between Beta and Final. So the change is accepted as NTH.

Comment 11 Fedora Update System 2012-11-01 02:51:17 UTC
anaconda-18.22-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.22-1.fc18

Comment 12 Fedora Update System 2012-11-01 18:26:50 UTC
Package anaconda-18.22-1.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing anaconda-18.22-1.fc18'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-17432/anaconda-18.22-1.fc18
then log in and leave karma (feedback).

Comment 13 Fedora Update System 2012-11-02 04:05:46 UTC
anaconda-18.23-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.23-1.fc18

Comment 14 Fedora Update System 2012-11-03 01:05:13 UTC
anaconda-18.24-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.24-1.fc18

Comment 15 Fedora Update System 2012-11-06 01:40:23 UTC
anaconda-18.25-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.25-1.fc18

Comment 16 Ladislav Jozsa 2012-11-06 09:58:47 UTC
Verified on F18b-TC7, anaconda 18.24. The root password must be set. An attempt to enter empty root password, effectively disabling it now fails.

Comment 17 Fedora Update System 2012-11-06 18:51:11 UTC
Package anaconda-18.25-1.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing anaconda-18.25-1.fc18'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-17691/anaconda-18.25-1.fc18
then log in and leave karma (feedback).

Comment 18 Fedora Update System 2012-11-07 02:12:22 UTC
anaconda-18.26-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/anaconda-18.26-1.fc18


Note You need to log in before you can comment on or make changes to this bug.