Thanks Paul, Our security model does not allow sudo. Instead we use something called pmrun which requires authentication across a network. (Don't get me started on the pitfalls of that)
sudo nor pmrun address the issue of the "*Enter root password for maintenance, or CTL-D to continue*" prompt when the system has problems starting up. I've convinced our security people that the zLinux console is acceptably protected by the "logon by" option, especially after pointing out how the typed zLinux password is displayed, and the console is spooled. So, now I just want to get all this auto-login working properly. :-) Cheers, Don On Wed, Aug 16, 2017 at 05:12 Paul Flint <fl...@flint.com> wrote: > Greetings Donald, > > The model that many debian packages has preferred over the years is that > of a "rootless" security model. In this configuration you must log in as > a user and then "sudo" to root. In order to do this you must be in the > sudoers group or be explicitly mentioned in /etc/sudoers. If you are > explicitly cited in /etc/sudoers, then when you get to the "Enter > root password or CTL-D to continue" prompt on your way to busy box - not a > plesant or optimal situation you can enter your password and get buzy > fixing whatever broke. > > I really am very happy with this "rootless" model, it is uncommon in RHEL > and SuSE. > > Sincerely, > > Flint > > On Tue, 15 Aug 2017, Donald Russell wrote: > > > Date: Tue, 15 Aug 2017 22:17:07 +0000 > > From: Donald Russell <russell....@gmail.com> > > Reply-To: Linux on 390 Port <LINUX-390@VM.MARIST.EDU> > > To: LINUX-390@VM.MARIST.EDU > > Subject: Auto login root on 3270 console ttyS0 > > > > I run a SLES 11 (for emergency recovery) and RHEL 7 system on zVM 6.3/6.4 > > > > Sysadmins can LOGON BY to get to the zLinux console if necessary. > > > > How/what do I have to configure so logging onto the 3270 console gets me > > logged into root in a bash shell automatically? Similar question for > > sometimes the system has problems coming up and it's prompting for "Enter > > root password or CTL-D to continue". How can that be bypassed so it just > > goes into a bash shell logged in as root? > > > > I've searched google and see reams and reams of "autologging root is a > bad > > idea"... I say that depends.... I think the zVM userid/password > protecting > > access to the zLinux console is sufficient, the "bad idea" view is based > on > > a physical machine that anybody could access, that's not the case for > > ZLinux on z/VM. > > > > Thanks, > > Donald Russell > > > > > > -- > > Sent from iPhone Gmail Mobile > > > > ---------------------------------------------------------------------- > > For LINUX-390 subscribe / signoff / archive access instructions, > > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 > or visit > > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > ---------------------------------------------------------------------- > > For more information on Linux on System z, visit > > http://wiki.linuxvm.org/ > > > > Kindest Regards, > > > > ☮ Paul Flint > (802) 479-2360 Home > (802) 595-9365 Cell > > /************************************ > Based upon email reliability concerns, > please send an acknowledgement in response to this note. > > Paul Flint > 17 Averill Street > Barre, VT > 05641 > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or > visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- > For more information on Linux on System z, visit > http://wiki.linuxvm.org/ > -- Sent from iPhone Gmail Mobile ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
