Control: tags -1 moreinfo On Mon, 14 Dec 2020 13:12:59 +0200 Andrei POPESCU <andreimpope...@gmail.com> wrote: > Some text based on below would make sense for the Release Notes for > buster. If agreed I'll try to come up with a wording.
Sure. Does this also apply for bullseye, or is the issue fix somehow? > > On Lu, 07 dec 20, 10:11:48, Greg Wooledge wrote: > > On Sat, Dec 05, 2020 at 12:41:57PM +0200, Andrei POPESCU wrote: > > > On Vi, 04 dec 20, 08:09:44, Greg Wooledge wrote: > > > > I am also going to guess that Deepin, like Ubuntu, defaults to giving > > > > you a user account with sudo access, and no root password. You can > > > > achieve that in Debian as well, by doing something special during the > > > > installation. In all cases, it's a stupid idea and you shouldn't do it. > > > > > > This is a pretty strong (and harsh!) statement. Care to expand on the > > > reasons? > > > > It prevents access to single-user mode. The fact that Debian (and > > these others?) still puts a single-user mode entry into the GRUB menu, > > knowing that it won't work, is just adding insult to injury. > > A web search found #802211[1]. > > Short version: > > For systemd >= 240 (buster[2]) run as root > > systemctl edit rescue.service > > and add: > > [Service] > Environment=SYSTEMD_SULOGIN_FORCE=1 > > (see /usr/share/doc/systemd/ENVIRONMENT.md.gz) > > > The 'rescue.service' is started by systemd in case it detects 'single' > on the kernel command line (see systemd(1)). > > You might want to do the same for 'emergency.service' as well (or > instead), since this service is started *automatically* in case of > certain errors (see systemd.special(7)) or if you add 'emergency' to the > kernel command line (e.g. if you can't fix your system via the 'rescue' > service). > > > An untested patch to the Debian Installer exists to add both snippets if > the user chooses to leave the root password blank. > > > [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802211 > [2] see the bug for another snippet that should work for squeeze or > earlier. Paul
OpenPGP_signature
Description: OpenPGP digital signature
