git.ipfire.org Git - thirdparty/systemd.git/commit

author	Andreas Henriksson <andreas@fatal.se>
	Sun, 14 Oct 2018 12:53:09 +0000 (14:53 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Wed, 17 Oct 2018 18:30:10 +0000 (20:30 +0200)
commit	33eb44fe4a8d7971b5614bc4c2d90f8d91cce66c
tree	76ede20632d53c8ec8d1e9fdd71267ec301406d8	tree \| snapshot
parent	d86c8a6cdb7ae42819d7f0e8a8695e3982ef4ca9	commit \| diff

sulogin-shell: Use force if SYSTEMD_SULOGIN_FORCE set

When the root account is locked sulogin will either inform you of
this and not allow you in or if --force is used it will hand
you passwordless root (if using a recent enough version of util-linux).

Not being allowed a shell is ofcourse inconvenient, but at the same
time handing out passwordless root unconditionally is probably not
a good idea everywhere.

This patch thus allows to control which behaviour you want by
setting the SYSTEMD_SULOGIN_FORCE environment variable to true
or false to control the behaviour, eg. via adding this to
'systemctl edit rescue.service' (or emergency.service):

[Service]
Environment=SYSTEMD_SULOGIN_FORCE=1

Distributions who used locked root accounts and want the passwordless
behaviour could thus simply drop in the override file in
/etc/systemd/system/rescue.service.d/override.conf

Fixes: #7115
Addresses: https://bugs.debian.org/802211

docs/ENVIRONMENT.md		diff \| blob \| blame \| history
src/sulogin-shell/sulogin-shell.c		diff \| blob \| blame \| history