The discussion seems to have wandered off from what the case proposes.
Many comments are interesting, don't appear to be this case, and could be
interesting other cases for some other project team to pursue.
The project proposed by this case is to
1) maintain compatibility with existing Solaris Roles,
Rights Profiles and related mechanisms.
2) permit an administrator to configure root to be a
no login (passwd -N) account should they wish to
do so. A side effect, even without making root a
no login account, is the ability to grant users the
ability to boot single without the need to share the
root password.
3) ask permission to make the root account a nologin
account in a future Major release. As has been
pointed out, there are various other projects that
making the root account a nologin account is dependent
upon.
The project team will update the spec to make this clear when the
case has converged.
Gary..
