As part of the Anaconda UI redesign, we had hoped to offload root password setting to the installed host. We had envisioned a scenario where the installer locked the root account and post-install software such as Firstboot or Gnome Initial Experience would take care of adding a user to the system and marking that user as a "super" user. This would obviate the need for a root password, as the super user could use sudo to accomplish admin tasks.
That's how things looked prior to Fedora 18 Alpha, but in testing it became apparent that we couldn't always count on Firstboot or GIE to set things up right, or even be present.
This was particularly true of text mode, where the only packages installed was the bare minimal set. So first text mode grew a password spoke, and we made it mandatory.
Then I wrote a password spoke for GUI mode which lived in the main setup hub. For Alpha this was an optional spoke and it defaulted to a locked root account. Some thought was put into flipping the optional vs mandatory state based on install data, such as whether or not Firstboot was selected for install. Part of being able to do that was moving the spoke from the main setup hub to the install (or configuration) hub. If it lives in this hub we should have finalized data about what packages were selected for install. However doubts arose as to whether "part of the payload" was enough data to ensure that Firstboot or GIE actually ran and we were worried we could still lead users into being locked out of their freshly installed system.
So, for Beta, I've just pushed a set of changes that will make the password spoke a mandatory spoke. You must visit the spoke before you can complete the install. You can still mark the root account as disabled, just by leaving the password fields blank, but you do so at your own risk. This configuration is likely to remain for Fedora 18.
ok, then if we do not choose a password for root (in the installation), to install from a terminal we have to use sudo, by default, or am I wrong?
ReplyDeleteexample:
sudo yum -y install vlc
This news is very important to me, since I have several programas invoked by "su"
The installer will make you visit the root password spoke. There you will have an option of disabling the root account by supplying blank passwords twice. If you do this, then it's up to you to make sure a user gets created and that the user gets granted sudo rights. Firstboot will help you with this, but isn't always ran.
ReplyDeleteIf you proceed with this setup, then to do root level tasks you would need to use sudo. If you wish to continue using root in the traditional way, just supply a real password when you visit the spoke.
thanks @Jlk, You've clarified my doubts, For a possible super user (sudo), I created a simple launcher that identifies the type of user, using "id". In my guinea pig "ubuntu" working properly. In Fedora I recreated something similar, adding the /etc/group, "27(sudo)" and the current user to the /etc/sudoers, and it works for the moment. I think for the beta version I'll have a better idea if it will work or not my launcher. I can not think another solution for the moment as a normal user (1000).
ReplyDelete