Re: Boots into emergency mode. How to analyze?

Fri, 26 Jun 2015 20:49:36 -0700 


On 6/26/2015 6:12 AM, Matthijs Wensveen wrote:



On 06/26/2015 01:55 PM, Nick T. wrote:

On 06/26/2015 12:55 PM, to...@tuxteam.de wrote:

well and good until you find yourself in the situation
this very thread is about: your root filesystem is broken and you
can only log in as root. Then you need your root password.



Ubuntu and debian can boot into recovery mode from the grub menu, 
from there it asks for the root password IF there is one, if not it 
just gives you a root shell.


- Nick

Not the case. Even in rescue mode I needed to supply the root login. I 
could use init=/bin/sh but I couln't find anything in the logs in 
/var/log, so I'm guessing systemd and journalctl keeps the journal in 
some other place (probably some binary format hidden in a database or 
something).



I'm now back to having a root password, which allows me to use 
emergency mode. I'm unsure if having a root password (and an enabled 
root account) is better or worse, security-wise. If an attacker has 
access to the grub menu, you're probably screwed anyhow.



From the standpoint of remote access, don't think there is a 
significant difference.



From the standpoint of physical access to the machine, I would go on 
the assumption that if someone has the
time to boot into recovery mode and mess with the system, they have time 
to boot from optical or flash disk
and mess with the system, so unless you have gone into the bios/uefi and 
set passwords, it's not going to make

that much difference.


If they have time to do that, maybe they have time to take the hard 
drive out and attach it to another machine,
again sudo versus root, no difference, and bios/uefi passwords don't 
come into play either in that case.



That leaves you with encryption then, if you really need that level of 
security.



Personally, if I had to start from scratch for some reason, I would skip 
the root password during install and just use
sudo. But since my Debian installation predates that option, I stick 
with using root.



I am pretty comfortable with the way sudo works in Ubuntu and did not 
bother creating a root password there.
Normally if I have to do something from the command line one of 'sudo -H 
'some command'', or 'sudo su' meets
my needs or the gtk/kde frontends for sudo if I have to start something 
with a GUI.


Later, Seeker


--

To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/558e1b99.9050...@comcast.net
























					Reply via email to