[Pkg-sysvinit-devel] Bug#823660: initscripts: Restore locked root account access by using sulogin --force

Andreas Henriksson andreas at fatal.se
Sat May 7 09:12:07 UTC 2016 

Package: initscripts
Version: 2.88dsf-59.3
Severity: important

Dear Maintainer,

Since sysvinit-utils/util-linux package versions shipped in Debian Stretch
the sulogin program is now provided by util-linux (replacing previously
supplied sulogin implementation from sysvinit-utils).

The Debian sysvinit package used to carry a (buggy) patch against sulogin
which allowed people to log in as root even when the root account is locked.
(Neither sysvinit or util-linux upstreams for sulogin never supported it.)
This patch was not carried over to the util-linux package when switching
to util-linux sulogin implementation in Debian for various reasons primarily:
 - the patch had serious bugs
 - unconditionally handing out root shells where considered questionable
   for some usecases (eg. kiosk mode).

After discussions with util-linux upstream a compromise was found to allow
handing out root shell even with locked root account *only* when the
--force (-e) option is specified.

As far as I've been told the Debian installer creates a locked root account
when people just press enter (without giving a password) at the root
password prompt, which seems reasonably common among users.
That means users has no way to be let in even when following instructions
given by sulogin. The systemd package has been updated to pass the --force
flag. The initscripts package (src:sysvinit) needs equivalent changes to
restore the old status quo (and thus ignoring potential kiosk mode usecase
problems -- kiosk mode users should alter their init scripts and remove
the --force flag to be secure).

Regards,
Andreas Henriksson

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages initscripts depends on:
ii  coreutils       8.25-2
ii  debianutils     4.7
ii  lsb-base        9.20160110
ii  mount           2.28-1
ii  sysv-rc         2.88dsf-59.3
ii  sysvinit-utils  2.88dsf-59.3

Versions of packages initscripts recommends:
ii  e2fsprogs  1.43~WIP.2016.03.15-2
ii  psmisc     22.21-2.1+b1

initscripts suggests no packages.

-- no debconf information

More information about the Pkg-sysvinit-devel mailing list