LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

February 2012

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS February 2012

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: From where does fsck failure prompt root passwd come?
From:	Yasha Karant <[log in to unmask]>
Reply To:	Yasha Karant <[log in to unmask]>
Date:	Thu, 2 Feb 2012 15:49:25 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (113 lines)

Thank you for the suggestion.  I am top-posting my response rather than 
bottom-posting (I have repeatedly been informed that bottom-posting is 
required for this list) because you top-posted.  As you can read, 
/sbin/sulogin from a regular shell works, although as it requires su 
first, it is unclear what sulogin actually accomplishes in this case. 
To verify that this successful operation was not due to the input coming 
via a Xwindows Gnome application, I also ran the same sequence from a 
plain non-GUI terminal screen (ctrl-alt-F4) with the identical success. 
  Obviously, something is different after a fsck failure during boot. 
As a separate test, I will try single user mode -- but this requires 
exiting my present work that I simply cannot do at this moment.

[ykarant@jb344 ~]$ /sbin/sulogin
sulogin: only root can run sulogin.
[ykarant@jb344 ~]$ su
Password:
[root@jb344 ykarant]# /sbin/sulogin
Give root password for maintenance
(or type Control-D to continue):
[root@jb344 ~]# whoami
root
[root@jb344 ~]# exit
exit
[root@jb344 ykarant]# exit
exit
[ykarant@jb344 ~]$

Yasha Karant

On 02/02/2012 03:04 PM, Yannick Perret wrote:
> Yannick Perret a écrit :
>> Hello,
>>
>> the only place I found that have the "Give root password" in
>> /sbin/sulogin.
>> # strings /sbin/sulogin | grep "Give ro"
>> Give root password for maintenance
>> which is part of sysvinit-tools package.
>>
>> 'sulogin' is only called from /etc/rc.sysinit as far as I know (in
>> boot sequence).
>>
>> Did you try to run /sbin/sulogin on a running machine? It will ask you
>> root password, and it could be interresting to check if it can works
>> outside the boot sequence.
>>
> I mean (I was not clear): it do works on a SL4 / SL5 machine. It could
> be interresting to see if it does not work for you, in which case it may
> help to track the reason of this behavior.
>
> --
> Y.
>> Regards,
>> --
>> Y.
>>
>>
>> Yasha Karant a écrit :
>>> I have been discussing the failure mode that I have observed:
>>>
>>> also documented in
>>>
>>> https://bugzilla.redhat.com/show_bug.cgi?id=636628
>>>
>>> after fsck fails during a (re)boot
>>>
>>> Give root password for maintenance
>>> (or type Control-D to continue):
>>>
>>> At this stage, at every second key stroke, it reports "Login
>>> incorrect." and
>>> repeats the above "Give root password...".
>>>
>>> as an endless loop.
>>>
>>> The argument has been presented on this list that it is the root user
>>> failure to configure a password into grub.conf or other bootloading
>>> or initialization applications/routines configuration or input data
>>> files.
>>>
>>> I have been discussing this issue with a number of experienced
>>> systems persons, and none of us accept this argument, especially as
>>> without special intervention or configuration, the expected behavior
>>> was displayed on EL 4 and 5, as well as several other non-TUV
>>> distributions. Expected behavior: whatever root password was encoded
>>> into the /etc/shadow file is used by the routine that handles "Give
>>> root password for maintenance" is accepted, and not at every second
>>> key stroke would it report "Login incorrect."
>>>
>>> When the system is first installed from physical media such as a
>>> bootable DVD (for EL, this is with every major release, e.g., EL 4,
>>> EL 5, EL 6, etc.), and a root password is required to be set during
>>> installation, this password is put in an encrypted form in the
>>> appropriate file in /etc (e.g., /etc/shadow) and wherever else it
>>> might be required (e.g., in /boot if the particular implementation
>>> were to require this). Moreover, for fsck to run during the boot
>>> process, even if /boot is on a separate partition from / (root
>>> partition), the fsck executable is on a partition that must have been
>>> mounted, and thus /etc/shadow should be available. Hence, the
>>> (encrypted) password should be available.
>>>
>>> The bug is that the password entry routine (as in response to the
>>> prompt "Give root password for maintenance") does not accept the full
>>> vector of characters for the root password including the Enter
>>> keystroke that terminates the vector.
>>>
>>> As there are correspondents to this list that evidently feel the
>>> above arguments to be incorrect, references to the relevant Linux
>>> source code sections and design documents (e.g., state machine chart
>>> for the sequence that contains "Give root password for maintenance")
>>> greatly would be appreciated.
>>>

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV