fallback for nss and stuff in libc

Michel Talon talon at lpthe.jussieu.fr
Sat Dec 13 02:55:47 PST 2003


ibotty <bsd at xxxxxxxxxx> wrote in
news:3fda5a3d$0$169$415eb37d at xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx: 

> this is out for discussion.
> 
> when we have our nss+auth daemon (how to name that beast?),
> we will have stubs in libc to message that daemon.
> 
> when this daemon is not available, we should try to start it (this
> should only happen in single-user mode, though).
> 
> if that fails, how are we going to deal with it?
> 
> because, it will be impossible (ehem, should be impossible), that the
> daemon cannot be started by root or crashes, we would NOT need any
> fallback. 

Do you support the famous problem of resetting root's passwd in single
user mode in your scheme? In my opinion, being able to boot a rescue
cdrom and remove the root passwd on hard disk is an absolute must.
Otherwise, if the console is marked insecure you cannot enter the system
at all, and you are good for reinstall. The fallback to a small flat
passwd file in single user mode looks perfectly fine to me. Then you can
edit it with a rescue cdrom, reboot single user even on an insecure
console and do whatever necessary.


> 
> in the case, that it does not start (due to a bad kernel or daemon),
> it should be at least possible to mount a cdrom and cp a know working
> kernel and daemon.
> so IMO, the only fallback needed is to support mount and cp.
> 
> ~ibotty
> 






More information about the Kernel mailing list