On May 14, 2008, at 2:13 AM, Dan Price wrote: > On Tue 13 May 2008 at 03:00PM, Gary Winiger wrote: >> This project enables a policy where "root" can never be used >> directly by >> administrators as an account providing full system access. >> In a Major release this policy may be made the default. > > To be clear: I'm agnostic about the goodness of this idea; I'm > concerned > that the defintion of "default" is not clear, and that the zones case > has not been fully explored here.
I hope the previous message helps with this... > In a sense, a zone is the "most pure" > version of this problem, since it doesn't get much provisioned by an > installer, really-- it just gets laid out on the system, and lets > sysidtool do the rest. Agreed that the zone issue has not been fully explored and we should do this before approving this case. I did create a zone on DP1 and ran into this bug, and I seem to remember using "zlogin -S" or something like that to get around the lack of a root password. Fixing this is mandatory.
