root password

Asheesh Laroia asheesh at
Wed Jan 2 21:35:46 EST 2008

On Wed, 2 Jan 2008, Bernardo Innocenti wrote:

> I think we should re-enable the empty root password for
> Update.1.
> The reason why is that we have plenty of documentation in
> the wiki and elsewhere suggesting people to login as root or
> to su as root.  There should be at least a transition period
> so the support people don't get flooded with questions on how
> to login as root.

Can 'su' be replaced with a wrapper that runs 'sudo -s'?  That way, only 
the olpc user can run sudo su, but activities can't get root.

We could also have a race through the wiki to replace mentions of 'su' 
with the appropriate sudo call.

> We could also use pam_wheel to let olpc become root with
> no password using the friendlier su in addition to sudo.
> Even better, we could put
>  /sbin/mingetty --noclear --autologin root tty1
> in inittab to circumvent the issue altogether.

If the OLPC security team says that's fine, then it does help avoid 
updating the documentation. (-:

-- Asheesh.

Politics is not the art of the possible.  It consists in choosing
between the disastrous and the unpalatable.
 		-- John Kenneth Galbraith

More information about the Devel mailing list