sulogin-shell: Use force if SYSTEMD_SULOGIN_FORCE set

When the root account is locked sulogin will either inform you of
this and not allow you in or if --force is used it will hand
you passwordless root (if using a recent enough version of util-linux).

Not being allowed a shell is ofcourse inconvenient, but at the same
time handing out passwordless root unconditionally is probably not
a good idea everywhere.

This patch thus allows to control which behaviour you want by
setting the SYSTEMD_SULOGIN_FORCE environment variable to true
or false to control the behaviour, eg. via adding this to
'systemctl edit rescue.service' (or emergency.service):

[Service]
Environment=SYSTEMD_SULOGIN_FORCE=1

Distributions who used locked root accounts and want the passwordless
behaviour could thus simply drop in the override file in
/etc/systemd/system/rescue.service.d/override.conf

Fixes: #7115
Addresses: https://bugs.debian.org/802211

diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md
index 016a89787dd14503b107dac25720534e34762a74..654f7d25cff6e3a234b490f7008f19fe8b9e6269 100644 (file)
--- a/docs/ENVIRONMENT.md
+++ b/docs/ENVIRONMENT.md
@@ -112,6 +112,12 @@ systemd-timedated:
   first existing unit listed in the environment variable, and
   `timedatectl set-ntp off` disables and stops all listed units.
 
+systemd-sulogin-shell:
+
+* `$SYSTEMD_SULOGIN_FORCE=1` — This skips asking for the root password if the
+  root password is not available (such as when the root account is locked).
+  See `sulogin(8)` for more details.
+
 bootctl and other tools that access the EFI System Partition (ESP):
 
 * `$SYSTEMD_RELAX_ESP_CHECKS=1` — if set, the ESP validation checks are

diff --git a/src/sulogin-shell/sulogin-shell.c b/src/sulogin-shell/sulogin-shell.c
index 5db3592d6fd225fbacf3c909a735fe3d581d2be4..a1ea2333de5c0cd82733276d22999c47db9921a8 100644 (file)
--- a/src/sulogin-shell/sulogin-shell.c
+++ b/src/sulogin-shell/sulogin-shell.c
@@ -9,6 +9,7 @@
 #include "bus-util.h"
 #include "bus-error.h"
 #include "def.h"
+#include "env-util.h"
 #include "log.h"
 #include "process-util.h"
 #include "sd-bus.h"
@@ -89,7 +90,11 @@ static void print_mode(const char* mode) {
 }
 
 int main(int argc, char *argv[]) {
-        static const char* const sulogin_cmdline[] = {SULOGIN, NULL};
+        const char* sulogin_cmdline[] = {
+                SULOGIN,
+                NULL,             /* --force */
+                NULL
+        };
         _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
         int r;
 
@@ -99,6 +104,10 @@ int main(int argc, char *argv[]) {
 
         print_mode(argc > 1 ? argv[1] : "");
 
+        if (getenv_bool("SYSTEMD_SULOGIN_FORCE") > 0)
+                /* allows passwordless logins if root account is locked. */
+                sulogin_cmdline[1] = "--force";
+
         (void) fork_wait(sulogin_cmdline);
 
         r = bus_connect_system_systemd(&bus);