Bug 6841 - "ENABLE_SULOGIN" in msec should modify the file /etc/sysconfig/init
Summary: "ENABLE_SULOGIN" in msec should modify the file /etc/sysconfig/init
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 2
Hardware: x86_64 Linux
Priority: Normal major
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact:
URL: http://www.mageialinux-online.org/for...
Whiteboard:
Keywords: Junior_job, PATCH, Triaged
Depends on:
Blocks:
 
Reported: 2012-07-21 17:42 CEST by Jean Michel Varvou
Modified: 2013-11-23 16:16 CET (History)
7 users (show)

See Also:
Source RPM: msec
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Jean Michel Varvou 2012-07-21 17:42:33 CEST 
Description of problem:
The tool MSEC "ENABLE_SULOGIN" to force the entry of the password for the root user in failsafe mode does not work.

If you set ENABLE_SULOGIN to "yes" and start the system in failsafe mode, the password for the root user is not asked to connect to the system.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Change ENABLE_SULOGIN to "yes"
2.Reboot and choose the failsafe mode
3.The connection without a password is possible for the user root
Comment 1 Manuel Hiebel 2012-07-21 23:16:38 CEST 
In the file /etc/inittab
after the comment # Single user mode do you see something ?

Source RPM: (none) => msec

Comment 2 Jean Michel Varvou 2012-07-22 08:06:35 CEST 
Hello

ENABLE_SULOGIN to NO
# Single user mode
ca::ctrlaltdel:/sbin/shutdown -t3 -r now

ENABLE_SULOGIN to YES
# Single user mode
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
~~:S:wait:/sbin/sulogin
Comment 3 Manuel Hiebel 2012-07-22 11:28:59 CEST 
ok so msec seems ok ihmo, more in the basic level maybe

Any ideas thomas or colin ?

CC: (none) => mageia, tmb
Source RPM: msec => sysvinit-legacy

Comment 4 Colin Guthrie 2012-07-22 11:44:45 CEST 
Note that under systemd in mga2 that /etc/inittab is no longer used so it's irrelevant.

Check /etc/sysconfig/init and see what the SINGLE= variable says.

This should be what controls what is used for login in failsafe mode.

I'm not sure that things work nicely anyway as I'm pretty sure there was/is a problem with sulogin anyway.


Note that all this stuff is just fake security anyway... just boot with init=/bin/bash and you'll see why. Unless you lock down the bootloader to prevent this, this approach bypasses any security anyway. If you are going to the effort of locking down the bootloader then whey are you still providing a failsafe option at all in the first place? :)
Comment 5 Jean Michel Varvou 2012-07-22 14:38:27 CEST 
Hello

By default, in /etc/sysconfig/init, we have SINGLE=/sbin/sushell . If we change to have SINGLE=/sbin/sulogin, the password for root is required when we start in single user mode.

Well done Colin!
Manuel Hiebel 2012-07-22 15:29:29 CEST

Component: Security => RPM Packages
Summary: The tool MSEC "ENABLE_SULOGIN" to force the entry of the password for the root user in failsafe mode does not work => "ENABLE_SULOGIN" in msec should modify the file /etc/sysconfig/init
Source RPM: sysvinit-legacy => msec

Comment 6 Manuel Hiebel 2012-07-22 15:37:47 CEST 
seems it was not imported in our svn, http://svn.mandriva.com/viewvc/soft/msec/trunk/src/msec/plugins/msec.py?revision=270437&view=markup

Keywords: (none) => Junior_job

Comment 7 Sandro CAZZANIGA 2012-09-28 11:48:33 CEST 
Now it is ;)

CC: (none) => cazzaniga.sandro

Comment 8 Samuel Verschelde 2013-08-29 16:44:23 CEST 
Hi, thanks for reporting this bug.
As there is no maintainer for this package I added the committers in CC.

Keywords: (none) => PATCH, Triaged
CC: (none) => dmorganec, doktor5000, stormi, thierry.vignaud

Comment 9 Manuel Hiebel 2013-10-22 12:20:58 CEST 
This message is a reminder that Mageia 2 is nearing its end of life.
Approximately one month from now Mageia will stop maintaining and issuing updates for Mageia 2. At that time this bug will be closed as WONTFIX (EOL) if it remains open with a Mageia 'version' of '2'.

Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Mageia version prior to Mageia 2's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Mageia 2 is end of life.  If you would still like to see this bug fixed and are able to reproduce it against a later version of Mageia, you are encouraged to click on "Version" and change it against that version of Mageia.

Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Mageia release includes newer upstream software that fixes bugs or makes them obsolete.

-- 
The Mageia Bugsquad
Comment 10 Manuel Hiebel 2013-11-23 16:16:29 CET 
Mageia 2 changed to end-of-life (EOL) status on ''22 November''. Mageia 2 is no
longer maintained, which means that it will not receive any further security or
bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of Mageia
please feel free to click on "Version" change it against that version of Mageia
and reopen this bug.

Thank you for reporting this bug and we are sorry it could not be fixed.

--
The Mageia Bugsquad

Status: NEW => RESOLVED
Resolution: (none) => OLD
Note You need to log in before you can comment on or make changes to this bug.