|
Bugzilla – Full Text Bug Listing |
| Summary: | [request] Lock root account by default | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Aeon | Reporter: | Milachew <milachew> |
| Component: | Base | Assignee: | Richard Brown <rbrown> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | 0xdopice, alexander, stacheldrahtje |
| Version: | Current | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Milachew
2023-07-09 07:58:43 UTC
Investigating We cannot just look the root account since the default sudo configuration requires you to authenticate as root. If we want to lock the root account we also need to change the sudoers configuration, more exact remove or invert the statment 'Defaults targetpw'. Maybe I'm stating the obvious here but I think it's good to keep it in this report as well. (In reply to dopice from comment #2) > We cannot just look the root account since the default sudo configuration > requires you to authenticate as root. If we want to lock the root account we > also need to change the sudoers configuration, more exact remove or invert > the statment 'Defaults targetpw'. > > Maybe I'm stating the obvious here but I think it's good to keep it in this > report as well. Thanks for the obvious.. the implimentation in testing right now configures sudo for the wheel group and disables targetpw for the wheel group I keep everything else as the default openSUSE config because a) I'm lazy and b) its easier if Aeon does its own thing without touching the universal defaults. Current prototype images don't have a root account set |