Re: [blfs-dev] [systemd] Add a warning about /run/nologin in shadow (Was: [blfs-book] r21579 - trunk/BOOK/postlfs/security)

Sat, 11 May 2019 12:00:04 -0700 


On 5/11/2019 1:48 AM, xry111--- via blfs-book wrote:

Modified: trunk/BOOK/postlfs/security/shadow.xml
==============================================================================
--- trunk/BOOK/postlfs/security/shadow.xml      Fri May 10 13:25:39 2019        
(r21578)
+++ trunk/BOOK/postlfs/security/shadow.xml      Fri May 10 23:48:04 2019        
(r21579)
@@ -477,6 +477,19 @@
<screen role="root" revision="systemd"><userinput>rm -f /run/nologin</userinput></screen> + <warning revision="systemd"> 
+          <para>
+            If you are building <application>Shadow</application> with 
Linux-PAM,
+            you should install <xref linkend="systemd"/> before rebooting.
+            Or the old <application>systemd</application> installed in LFS will
+            create <filename>/run/nologin</filename> at next boot and stop you
+            from login into the system.  If you really need to reboot before
+            installing <application>systemd</application>, the configuration
+            line containing <filename 
class="libraryfile">pam_nologin.so</filename>
+            must be removed from <filename>/etc/pam.d/login</filename>.
+          </para>
+        </warning>
+
          <warning>
            <para>
              At this point, you should do a simple test to see if



I had worked around this in LFS a long time ago. I created 
/lib/systemd/systemd-user-sessions with nothing more than 'rm -f 
/run/nologin' as it will be replaced when systemd is reinstalled in 
BLFS. Is this no longer working? If not, the note certainly does not 
hurt, in fact, it is helpful to explain this behavior, but I think that 
the issue should also be corrected here, possibly even move the addition 
in LFS to here. We need to tell the system that user sessions are ready 
(in this minimal configuration, they actually are despite systemd not 
being aware of this - we have to make it aware by removing the file). I 
understand that this needs to have a caveat of "Do not do this if you've 
already reinstalled systemd." Note that the root user can always login, 
regardless of /run/nologin.


Thoughts?

--DJ


--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page






















					Reply via email to