On Sun, 25 Mar 2018 at 19:50:24 +0300, Mantas Mikulėnas wrote:
> Does debootstrap actually create a passwordless root account?
No, it creates a system with all system accounts locked[1] (including
root, daemon, bin, www-data, etc.) and no non-system accounts. There is
no single correct answer for how a Debian system's users should be set
up, so debootstrap defers the decision to you.
If you want to log in via a getty (as opposed to just running commands
inside the chroot/container without booting it, which is perhaps a
more common use of debootstrap), then you will have to set or clear the
root account's password or create a non-root account.
In recent versions, a truly minimal Debian chroot/container (debootstrap
--variant=minbase) doesn't have an init system like systemd or sysvinit,
so it *can't* be booted in the normal way. The larger "standard system"
produced by debootstrap without --variant includes all packages with
Priority >= standard, including systemd for modern releases or sysvinit
for old releases, and can be booted.
smcv
[1]
$ zcat minbase.tar.gz | tar -xO ./etc/passwd | grep root
root:x:0:0:root:/root:/bin/bash
$ zcat minbase.tar.gz | tar -xO ./etc/shadow | grep root
root:*:17365:0:99999:7:::
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
