sundar Yamunachari wrote: > Hi, > > What is decision on this issue? Can we handle 4885 and 1436 as > separate issues and allow 1436 to be integrated? or do we need to fix > 4885 first?
I think 1436 can be addressed first providing you set set root as a role and until 4885 is fixed I'd recommend setting the root password to be the same as that of the initial user. After 4885 is fixed then the root account can be disabled for logins (passwd -N root) [ it can still run cron jobs ]. Having an empty root password is not acceptable even when root is a role. > Back to 1436, we set PASSREQ=YES in /etc/default/login as default > setting in opensolaris. To allow null password for root, does the > PASSREQ to be changed to NO? Is there any security issues with turning > the falg to NO? It would have to be changed back to NO and PLEASE don't do that, because it applies to every user not just root. -- Darren J Moffat
