297695 – Installation Live CD: no need to ask for password of root

Bug 297695 - Installation Live CD: no need to ask for password of root

Summary: Installation Live CD: no need to ask for password of root

Status:	RESOLVED FIXED
Duplicates (1):	310756 (view as bug list)

Alias:	None

Product:	openSUSE 10.3
Classification:	openSUSE
Component:	Installation (show other bugs)
Version:	Beta 3
Hardware:	Other Other

Priority:	P5 - None Severity: Major (vote)
Target Milestone:	---
Assignee:	Christoph Thiel
QA Contact:	Jiri Srain

URL:
Whiteboard:	LiveCD
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2007-08-06 09:59 UTC by Nikolay Derkach
Modified:	2007-09-19 21:40 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Nikolay Derkach 2007-08-06 09:59:19 UTC

Asking a user for root password in live cd is rather confusing. At least when starting yast live install module this demand should likely go away.

Comment 1 Jiri Srain 2007-08-08 13:07:27 UTC

I strongly disagree.

It is important that the installer asks for the root password and sets it accordingly. Otherwise, most of the users would keep the old one, which would result in using a public known password.

Comment 2 Nikolay Derkach 2007-08-08 13:29:40 UTC

You just completely missunderstood me. I'm not talking that user shouldn't been asked for password during installation!

I was just considering disable of asking pasword "linux" _within_ live cd environment, for example in starting installation module.

Comment 3 Jiri Srain 2007-08-09 11:00:07 UTC

This should be partly solved by /etc/sudoers - then user "linux" is able to run commands with root permission without knowing root password.

Anyway, this is issue of the live media creation...

Comment 4 Jan-Christoph Bornschlegel 2007-08-09 12:40:28 UTC

Did I understand correctly that you'd like to have an empty root password?
This may be a valid approach for Live CDs, but how about USB devices then?
Jiri, what do you think?

There are several possible solutions:
- add a file/patch that includes sudoers
- make the root passwd empty
(- users can provide a template passwd/shadow file if desired under ./root/etc)
- make the root passwd configurable through config.xml (in the same manner than the default users')

I will add a method to use patches in the <configdir>/root/... files anyway -- WIP --, so patching passwd/shadow is one solution.

Comment 5 Stephan Binner 2007-09-14 08:58:05 UTC

With the Beta3plus-Live-KDE-CD.iso a dialog shows up asking for the root password. Just clicking OK continues the installation but the user has no hint given that root has no password. Better find a solution which doesn't invoke the live-installer for "/sbin/yast2 live-installer" at all.

Comment 6 Francis Giannaros 2007-09-14 21:13:09 UTC

As we've just been discussing in #opensuse-kiwi, since that module is started up (like all other GUI apps in KDE) through kdesu, it would be sufficient to edit /etc/sudoers to have something like:

Defaults targetpw
ALL ALL=(ALL) NOPASSWD: ALL

...and kdesu (or gksu) will never prompt for a root password. The only other problem is that when you explicitly type 'su' in a terminal it will. There are probably many hacky ways to get around this problem, but perhaps the best one is to have bashrc echo a message along the lines of "Welcome to the openSUSE terminal. The root password is root" or whatever.

Comment 7 Christoph Thiel 2007-09-18 13:49:29 UTC

*** Bug 310756 has been marked as a duplicate of this bug. ***

Comment 8 Christoph Thiel 2007-09-19 21:40:05 UTC

Fixed in SVN.