[Bug 1213159] New: [request] Lock root account by default
https://bugzilla.suse.com/show_bug.cgi?id=1213159 Bug ID: 1213159 Summary: [request] Lock root account by default Classification: openSUSE Product: openSUSE Aeon Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Base Assignee: rbrown@suse.com Reporter: milachew@mail.lv QA Contact: qa-bugs@suse.de Target Milestone: --- Found By: --- Blocker: --- Since MicroOS aims to keep administration as small as possible, it makes sense to consider blocking root account by default. Original comment: https://www.reddit.com/r/openSUSE/comments/14u7ka1/comment/jr60ogz/?utm_source=share&utm_medium=web2x&context=3 P.S. By the way, there have already been similar discussions, but regarding ALP: https://bugzilla.opensuse.org/show_bug.cgi?id=1203978 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1213159
Natasha Ament
https://bugzilla.suse.com/show_bug.cgi?id=1213159
https://bugzilla.suse.com/show_bug.cgi?id=1213159#c1
Richard Brown
https://bugzilla.suse.com/show_bug.cgi?id=1213159
Richard Brown
https://bugzilla.suse.com/show_bug.cgi?id=1213159 https://bugzilla.suse.com/show_bug.cgi?id=1213159#c2 dopice <0xdopice@protonmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |0xdopice@protonmail.com --- Comment #2 from dopice <0xdopice@protonmail.com> --- We cannot just look the root account since the default sudo configuration requires you to authenticate as root. If we want to lock the root account we also need to change the sudoers configuration, more exact remove or invert the statment 'Defaults targetpw'. Maybe I'm stating the obvious here but I think it's good to keep it in this report as well. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1213159
https://bugzilla.suse.com/show_bug.cgi?id=1213159#c3
--- Comment #3 from Richard Brown
We cannot just look the root account since the default sudo configuration requires you to authenticate as root. If we want to lock the root account we also need to change the sudoers configuration, more exact remove or invert the statment 'Defaults targetpw'.
Maybe I'm stating the obvious here but I think it's good to keep it in this report as well.
Thanks for the obvious.. the implimentation in testing right now configures sudo for the wheel group and disables targetpw for the wheel group I keep everything else as the default openSUSE config because a) I'm lazy and b) its easier if Aeon does its own thing without touching the universal defaults. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1213159
Alexander Browne
https://bugzilla.suse.com/show_bug.cgi?id=1213159
https://bugzilla.suse.com/show_bug.cgi?id=1213159#c4
Richard Brown
participants (1)
-
bugzilla_noreply@suse.com