Darren J Moffat wrote: > sundar Yamunachari wrote: >> Hi, >> >> What is decision on this issue? Can we handle 4885 and 1436 as >> separate issues and allow 1436 to be integrated? or do we need to fix >> 4885 first? > > I think 1436 can be addressed first providing you set set root as a > role and until 4885 is fixed I'd recommend setting the root password > to be the same as that of the initial user. That sounds good. We will set root as a role and use the same password as that the administrative user setup by the installer. > > After 4885 is fixed then the root account can be disabled for logins > (passwd -N root) [ it can still run cron jobs ]. I will update the bug 12204 to disable root account when 4885 is fixed > > Having an empty root password is not acceptable even when root is a role. okay. > >> Back to 1436, we set PASSREQ=YES in /etc/default/login as default >> setting in opensolaris. To allow null password for root, does the >> PASSREQ to be changed to NO? Is there any security issues with >> turning the falg to NO? > > It would have to be changed back to NO and PLEASE don't do that, > because it applies to every user not just root. understood.
Thanks for your help, Sundar
