asheesh at creativecommons.org
Wed Jan 2 21:35:46 EST 2008
On Wed, 2 Jan 2008, Bernardo Innocenti wrote:
> I think we should re-enable the empty root password for
> The reason why is that we have plenty of documentation in
> the wiki and elsewhere suggesting people to login as root or
> to su as root. There should be at least a transition period
> so the support people don't get flooded with questions on how
> to login as root.
Can 'su' be replaced with a wrapper that runs 'sudo -s'? That way, only
the olpc user can run sudo su, but activities can't get root.
We could also have a race through the wiki to replace mentions of 'su'
with the appropriate sudo call.
> We could also use pam_wheel to let olpc become root with
> no password using the friendlier su in addition to sudo.
> Even better, we could put
> /sbin/mingetty --noclear --autologin root tty1
> in inittab to circumvent the issue altogether.
If the OLPC security team says that's fine, then it does help avoid
updating the documentation. (-:
Politics is not the art of the possible. It consists in choosing
between the disastrous and the unpalatable.
-- John Kenneth Galbraith
More information about the Devel