Project

General

Profile

Bug #8203

After installation it is not possible to login as root in the login manager

Added by cesar enrique over 2 years ago. Updated over 2 years ago.

Status:
New
Priority:
Normal
Assignee:
Category:
Caiman (Installer)
Target version:
Start date:
2017-05-11
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage

Description

I have installed OI 17.04 without creating a user (since I will use NIS for the users). When I try to login as root in the login manager it prompts for a new password (see attachment), which I enter. However, the login doesn't work either with the new or the old password. Also there are no error messages so it is very confusing for the user.

I understand that according to this page https://wiki.openindiana.org/oi/Using+OpenIndiana+-+Technical+FAQ the root password is set to expire immediately, but the reset mechanism then should work.

Files

OI-root.png (665 KB) OI-root.png cesar enrique, 2017-05-11 10:35 PM

History

#1

Updated by Aurélien Larcher over 2 years ago

Since 'root' is a role by default and not a user, I would not expect to be able to login as 'root'.
I do not know how it makes sense.

#2

Updated by Toomas Soome over 2 years ago

Aurélien Larcher wrote:

Since 'root' is a role by default and not a user, I would not expect to be able to login as 'root'.
I do not know how it makes sense.

Just to explain a bit more -the role can not log into the system, one can assume the role with su/sudo. Which is also the reason you are asked to create the user at install time, and that user is created with permission to use sudo.

#3

Updated by cesar enrique over 2 years ago

I see,

then the installer should not allow to leave empty the creation of a user or at least it should give a warning that it won't be possible to log in in the system if no user is created. Still, that option leaves the question of how to deal with installations that will do user authentication via NIS o LDAP, like my case.
#4

Updated by cesar enrique over 2 years ago

I did a bit more of investigation and it is possible indeed to log in as root:

- Reboot in single user mode.
- Log in as root with the installation password
- Change the password with "passwd"
- Reboot and log in as root in graphical mode with the new password.
The problem seems to be that the installation sets a expired password (I guess something similar to passwd -f). The screenshot I attached seems like an attempt from the login manager to set a new password but that seems to fail. So it might be a bug in lightdm actually.
#5

Updated by Nikola M. over 2 years ago

Hi, thank you cesar for your information and report.
This is not the problem, this is intentional, so this is not quite a bug to solve.

Having 'root' enabled by default could be a security problem, because it is then a common target for an attacker.
illumos uses RBAC (role based access control) where you can fine-grain needed permissions per user role. (/etc/user_attr)
You could create administrative account with appropriate rights, and use 'pfexec' instead od sudo.

Sudo is just there so you don't feel lost if coming from other platform that do not have RBAC/pfexec.

pfexec does not require entering password (it's time-consuming anyway), but one should log in with an administrative account instead. RBAC also have 'Primary Administrator' role, but it should be avoided for everyday tasks.

As a latest information, root user is created if you don't set Username and password for a new user on system installation, if you do, root is a role and can't log into by default.

if you are concerned about going into single-user at boot,
you could set a password on illumos loader boot in: /boot/loader.conf under 'password='. :)

#6

Updated by cesar enrique over 2 years ago

Hi Nikola,

thank you very much for the detailed explanation. Quoting your response "root user is created if you don't set Username and password for a new user on system installation". This is actually my case. I didn't create a new user.

So, in a situation in which no new user is created and a root user is created, how am I suppose to login into the system? I guess that the answer is that I should create a user anyway and then use pfexec or sudo. But then, the installer shouldn't allow to proceed with the installation if no user is created, don't you think so?

#7

Updated by Nikola M. over 2 years ago

What installer you were using: text installer or GUI installer or both?

The solution could be (mandatory) creating at least 2 accounts on install, that I suggested years ago:
- an Admin account that is the Primary Administrator (using pfexec and sudo)
- and the user account that is an ordinary user. (not an sudoer)
So that all administration is done by firstly logging in/identifying as Admin user, during system administration GUI commands in GUI or logging in as admin user in shell.
Problem with this could be that people expect to create one account on install, that is administrative one
and since it is not the good practice to be logged in with Primary Administrator account, in-between solution right now is to create sudoer account on install.

I think that those not creating an account during install, and ending up with root account instead, that is set to expire, should know what they are doing. So the comment that installer could inform user installing of what is going on, by popping up warning on creating root user is valid.
Also setting up expiration for root password is there for the reason, because one should already really have an account created during install, like the installer suggested.
But also installers should keep an option available to create root account for people explicitly wanting to.

So general answer would be, that creating root account could be better displayed in the installer,
and that currently situations when not creating an user during install are not supported.

Possible fixes include creating 2 accounts on install instead, with visible and displayed warning on an option having root as an account in installer.

I am actually troubled with forcing to use of sudo on newly created account during install, because informing users on RBAC and pfexec on admin account is more platform-alike (plus entering password all the time, when issuing sudo, does not makes sense to me for an administrative account)
Therefore suggested 2 accounts on install. (And not adopting Linux distros practice of relying on sudo for a single new account on install..)

Also available in: Atom PDF