Hi,
In Fedora 20 and 21, the installer doesn't require setting the root password. Yet systemd in both requires a root password to do anything, including basic boot time troubleshooting, in both rescue.target and emergency.target.
If the user is dropped to an emergency shell at boot, and are referred to rdsosreport.txt, they can't do anything if they haven't set a root password. And if they need to do a password reset, they're stuck also.
Questions
Is this the intended and desired UX for Workstation?
If not, what policy change is most practical? Requiring the user set a root password, or somehow enabling systemd emergency.target to accept a non-root user in group wheel?
Points of comparison
Windows has a burdensome password reset method, but it does offer startup repair environments that don't require a password. OS X has a safe boot option, as well as a separate recovery environment, also without requiring a password, and a password reset can be done within this environment.
On Mon, Jan 26, 2015 at 12:48 PM, Chris Murphy lists@colorremedies.com wrote:
Hi,
In Fedora 20 and 21, the installer doesn't require setting the root password. Yet systemd in both requires a root password to do anything, including basic boot time troubleshooting, in both rescue.target and emergency.target.
If the user is dropped to an emergency shell at boot, and are referred to rdsosreport.txt, they can't do anything if they haven't set a root password. And if they need to do a password reset, they're stuck also.
Questions
Is this the intended and desired UX for Workstation?
If not, what policy change is most practical? Requiring the user set a root password, or somehow enabling systemd emergency.target to accept a non-root user in group wheel?
It's been a while since I installed openSUSE but my recollection is that the default is to set the root password to the same value as the user password. You can uncheck that and use another password. Also, the non-root user is *not* in the 'wheel' group by default IIRC.
I'd go that route - require a root password but give the user the option to copy the administrator password to 'root'.
Points of comparison
Windows has a burdensome password reset method, but it does offer startup repair environments that don't require a password. OS X has a safe boot option, as well as a separate recovery environment, also without requiring a password, and a password reset can be done within this environment.
-- Chris Murphy -- desktop mailing list desktop@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/desktop
On Mon, Jan 26, 2015 at 3:23 PM, M. Edward (Ed) Borasky znmeb@znmeb.net wrote:
It's been a while since I installed openSUSE but my recollection is that the default is to set the root password to the same value as the user password. You can uncheck that and use another password. Also, the non-root user is *not* in the 'wheel' group by default IIRC.
That is true, the admin checkbox isn't checked by default in the installer, but I think gnome-initial-setup adds the user to wheel. g-i-s only comes up if a user wasn't created in the installer. This is consistent with Windows and OS X too, the first user is an admin.
I'd go that route - require a root password but give the user the option to copy the administrator password to 'root'.
I think this is reasonable for Workstation, but I'm also really anti forcing users to follow password rules for root. So as long as tying the first user password to root doesn't then cause ridiculous security theater rules to be enforced on the user, great. Again as point of reference Windows and OS X don't have such limitations. I think it's fine to warn the user if their password is a dictionary word or whatever best practices is for warnings. I would sooner consider it more appropriate if the UI were to resort to name calling than enforcing specific password rules.
On Mon, Jan 26, 2015 at 3:29 PM, Chris Murphy lists@colorremedies.com wrote:
On Mon, Jan 26, 2015 at 3:23 PM, M. Edward (Ed) Borasky znmeb@znmeb.net wrote:
It's been a while since I installed openSUSE but my recollection is that the default is to set the root password to the same value as the user password. You can uncheck that and use another password. Also, the non-root user is *not* in the 'wheel' group by default IIRC.
That is true, the admin checkbox isn't checked by default in the installer, but I think gnome-initial-setup adds the user to wheel. g-i-s only comes up if a user wasn't created in the installer. This is consistent with Windows and OS X too, the first user is an admin.
I'd go that route - require a root password but give the user the option to copy the administrator password to 'root'.
I think this is reasonable for Workstation, but I'm also really anti forcing users to follow password rules for root. So as long as tying the first user password to root doesn't then cause ridiculous security theater rules to be enforced on the user, great. Again as point of reference Windows and OS X don't have such limitations. I think it's fine to warn the user if their password is a dictionary word or whatever best practices is for warnings. I would sooner consider it more appropriate if the UI were to resort to name calling than enforcing specific password rules.
-- Chris Murphy -- desktop mailing list desktop@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/desktop
It depends a lot on the threat model. Users don't do as much threat modeling as they should; in the case of Windows they sorta trust Microsoft but they also buy virus protection they don't need and fall for scams distressingly often.
Case in point - I recently installed the Windows 10 tech preview in a VM. In the process of using *Bing search* I accidentally enabled a nasty piece of scareware called Vosteran. What's worse, Microsoft seems to have recorded that in its cloud for me as an IE default - I reformatted the hard drive and reinstalled and when I opened IE up again, Vosteran was still there!
So I say enforce strong passwords, close *all* the ports on a workstation (including ssh - I had some bad guy in Hong Kong trying to get into my system recently) and teach users how to be safe. Make the rootkit detectors available and well-documented, etc.
desktop@lists.fedoraproject.org
-
Chris Murphy -
M. Edward (Ed) Borasky