SCIENTIFIC-LINUX-USERS Archives

February 2012

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: From where does fsck failure prompt root passwd come?
From:
Yannick Perret <[log in to unmask]>
Reply To:
Yannick Perret <[log in to unmask]>
Date:
Thu, 2 Feb 2012 23:54:55 +0100
Content-Type:
text/plain
Parts/Attachments:
text/plain (74 lines) 
Hello,

the only place I found that have the "Give root password" in /sbin/sulogin.
# strings /sbin/sulogin | grep "Give ro"
Give root password for maintenance
which is part of sysvinit-tools package.

'sulogin' is only called from /etc/rc.sysinit as far as I know (in boot 
sequence).

Did you try to run /sbin/sulogin on a running machine? It will ask you 
root password, and it could be interresting to check if it can works 
outside the boot sequence.

Regards,
--
Y.


Yasha Karant a écrit :
> I have been discussing the failure mode that I have observed:
>
> also documented in
>
> https://bugzilla.redhat.com/show_bug.cgi?id=636628
>
> after fsck fails during a (re)boot
>
> Give root password for maintenance
> (or type Control-D to continue):
>
> At this stage, at every second key stroke, it reports "Login 
> incorrect." and
> repeats the above "Give root password...".
>
> as an endless loop.
>
> The argument has been presented on this list that it is the root user 
> failure to configure a password into grub.conf or other bootloading or 
> initialization applications/routines configuration or input data files.
>
> I have been discussing this issue with a number of experienced systems 
> persons, and none of us accept this argument, especially as without 
> special intervention or configuration, the expected behavior was 
> displayed on EL 4 and 5, as well as several other non-TUV 
> distributions.  Expected behavior:  whatever root password was encoded 
> into the /etc/shadow file is used by the routine that handles "Give 
> root password for maintenance" is accepted, and not at every second 
> key stroke would it report "Login incorrect."
>
> When the system is first installed from physical media such as a 
> bootable DVD (for EL, this is with every major release, e.g., EL 4, EL 
> 5, EL 6, etc.), and a root password is required to be set during 
> installation, this password is put in an encrypted form in the 
> appropriate file in /etc (e.g., /etc/shadow) and wherever else it 
> might be required (e.g., in /boot if the particular implementation 
> were to require this).  Moreover, for fsck to run during the boot 
> process, even if /boot is on a separate partition from / (root 
> partition), the fsck executable is on a partition that must have been 
> mounted, and thus /etc/shadow should be available.  Hence, the 
> (encrypted) password should be available.
>
> The bug is that the password entry routine (as in response to the 
> prompt "Give root password for maintenance") does not accept the full 
> vector of characters for the root password including the Enter 
> keystroke that terminates the vector.
>
> As there are correspondents to this list that evidently feel the above 
> arguments to be incorrect, references to the relevant Linux source 
> code sections and design documents (e.g., state machine chart for the 
> sequence that contains "Give root password for maintenance") greatly 
> would be appreciated.
>

ATOM RSS1 RSS2