On May 13, 2008, at 6:00 PM, Gary Winiger wrote: > Proposal: > ======== > Add a "solaris.system.maintenance" authorization. Modify > sulogin(1M) to > prompt for a username and password. If the username entered is > authenticated by the password and has the "solaris.system.maintenance" > authorization, enter system maintenance mode. If not, as before this > project, deny access.
I haven't been able to follow every message in this busy thread, but please fill me on regarding one question I have: At many sites, 'root' is the only local, non-locked account and all other users (aside from the standard system accounts such as daemon..nobody) are in NIS, LDAP, or the like and are auth'd via Kerberos. Given that environment, what would happen in a situation where a box under this proposed scheme were to boot into single-user, with network access unavailable? /dale
