Dale Ghent wrote:
> On May 13, 2008, at 6:00 PM, Gary Winiger wrote:
>
>> Proposal:
>> ========
>> Add a "solaris.system.maintenance" authorization. Modify sulogin(1M) to
>> prompt for a username and password. If the username entered is
>> authenticated by the password and has the "solaris.system.maintenance"
>> authorization, enter system maintenance mode. If not, as before this
>> project, deny access.
>
> I haven't been able to follow every message in this busy thread, but
> please fill me on regarding one question I have:
>
> At many sites, 'root' is the only local, non-locked account and all
> other users (aside from the standard system accounts such as
> daemon..nobody) are in NIS, LDAP, or the like and are auth'd via Kerberos.
>
> Given that environment, what would happen in a situation where a box
> under this proposed scheme were to boot into single-user, with network
> access unavailable?
I'm not answering on behalf of the project team, but I believe this
interpretation will be non-controversial.
Only local, unlocked accounts can be used to log in if name services are
unavailable. If root is one of those accounts, it would continue to work
as before.
Under this proposal, another local, unlocked account could be used for
single-user login if
* it has the solaris.system.maintenance authorization [under the project
team's original proposal], or
* it is authorized to assume the root role [under my suggested amendment
to the original proposal].
Scott
