fallback for nss and stuff in libc

ibotty bsd at ibotty.net
Mon Dec 15 08:58:26 PST 2003


>> because, it will be impossible (ehem, should be impossible), that the
>> daemon cannot be started by root or crashes, we would NOT need any
>> fallback.
> 
> Do you support the famous problem of resetting root's passwd in single
> user mode in your scheme? In my opinion, being able to boot a rescue
> cdrom and remove the root passwd on hard disk is an absolute must.

yes, as the libc would simply fork a local (new) auth daemon.
so you can magically use it.

> Otherwise, if the console is marked insecure you cannot enter the system
> at all, and you are good for reinstall. The fallback to a small flat
> passwd file in single user mode looks perfectly fine to me. Then you can
> edit it with a rescue cdrom, reboot single user even on an insecure
> console and do whatever necessary.

it has been decided to do this.
BUT, i think we do not need to support *_r fallbacks then.

~ibotty





More information about the Kernel mailing list