[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The "locked box" approach is probably not used in very large enterprises. At least not where I work (> 100,000 employees, > 98,000 Tier 3 workstations.)
Bob


On 06/15/2009 03:14 PM, Phil Meyer wrote:
Mike Dwiggins wrote:
I installed Fedora 11 on a dual-boot machine. When I booted up on the Fedora partition I went straight to /etc/pam.d/gdm and deleted the line which keeps out root as a login. I still cannot login as root! Did this version hide a block on root somewhere else?
Many have answered properly here, but it may not be common knowledge 
how it is done professionally in large shops.
In most big data centers, the root password is not known to anyone, 
but is kept in a sealed envelope in a locked drawer at the operations 
center, which is manned 24x7.  It takes manager approval to open the 
desk, lock-box, envelope, and get the root password.
Consider that, next time you 'think' you need to log in as root.  I 
personally have administered UNIX/Linux systems for years at a time 
without ever typing the root password, or logging in as root.
During automated installs, and all large shops do/should be doing 
automated installs, the root password is set.
Management, and the operations staff can set the root passwords across 
all systems at once, and without notice to me or any other administrator.
In fact, normal users cannot log into most systems, and administrators 
can only log in remotely with ssh keys (no passwords) to the systems 
that they administer.
Just a thought.  It was never intended that casual users ever log in 
as root on any UNIX based system, and should have been less prevalent 
on Linux for many years.
I myself, felt it necessary to log in as root on Linux systems for one 
post install session, up until about Fedora 2.  But not since then.
Good Luck!

--
fedora-list mailing list
[email protected]
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]
  Powered by Linux