c2dfb7
From d8ae33a302f01601e9e98b4aca3516e93c634a54 Mon Sep 17 00:00:00 2001
c2dfb7
From: Andreas Henriksson <andreas@fatal.se>
c2dfb7
Date: Sun, 14 Oct 2018 14:53:09 +0200
c2dfb7
Subject: [PATCH] sulogin-shell: Use force if SYSTEMD_SULOGIN_FORCE set
c2dfb7
c2dfb7
When the root account is locked sulogin will either inform you of
c2dfb7
this and not allow you in or if --force is used it will hand
c2dfb7
you passwordless root (if using a recent enough version of util-linux).
c2dfb7
c2dfb7
Not being allowed a shell is ofcourse inconvenient, but at the same
c2dfb7
time handing out passwordless root unconditionally is probably not
c2dfb7
a good idea everywhere.
c2dfb7
c2dfb7
This patch thus allows to control which behaviour you want by
c2dfb7
setting the SYSTEMD_SULOGIN_FORCE environment variable to true
c2dfb7
or false to control the behaviour, eg. via adding this to
c2dfb7
'systemctl edit rescue.service' (or emergency.service):
c2dfb7
c2dfb7
[Service]
c2dfb7
Environment=SYSTEMD_SULOGIN_FORCE=1
c2dfb7
c2dfb7
Distributions who used locked root accounts and want the passwordless
c2dfb7
behaviour could thus simply drop in the override file in
c2dfb7
/etc/systemd/system/rescue.service.d/override.conf
c2dfb7
c2dfb7
Fixes: #7115
c2dfb7
Addresses: https://bugs.debian.org/802211
c2dfb7
(cherry picked from commit 33eb44fe4a8d7971b5614bc4c2d90f8d91cce66c)
c2dfb7
c2dfb7
Resolves: #1625929
c2dfb7
---
c2dfb7
 doc/ENVIRONMENT.md                |  6 ++++++
c2dfb7
 src/sulogin-shell/sulogin-shell.c | 11 ++++++++++-
c2dfb7
 2 files changed, 16 insertions(+), 1 deletion(-)
c2dfb7
c2dfb7
diff --git a/doc/ENVIRONMENT.md b/doc/ENVIRONMENT.md
c2dfb7
index 1e648be640..39a36a52cc 100644
c2dfb7
--- a/doc/ENVIRONMENT.md
c2dfb7
+++ b/doc/ENVIRONMENT.md
c2dfb7
@@ -101,3 +101,9 @@ systemd-timedated:
c2dfb7
   NTP client services. If set, `timedatectl set-ntp on` enables and starts the
c2dfb7
   first existing unit listed in the environment variable, and
c2dfb7
   `timedatectl set-ntp off` disables and stops all listed units.
c2dfb7
+
c2dfb7
+systemd-sulogin-shell:
c2dfb7
+
c2dfb7
+* `$SYSTEMD_SULOGIN_FORCE=1` — This skips asking for the root password if the
c2dfb7
+  root password is not available (such as when the root account is locked).
c2dfb7
+  See `sulogin(8)` for more details.
c2dfb7
diff --git a/src/sulogin-shell/sulogin-shell.c b/src/sulogin-shell/sulogin-shell.c
c2dfb7
index 5db3592d6f..a1ea2333de 100644
c2dfb7
--- a/src/sulogin-shell/sulogin-shell.c
c2dfb7
+++ b/src/sulogin-shell/sulogin-shell.c
c2dfb7
@@ -9,6 +9,7 @@
c2dfb7
 #include "bus-util.h"
c2dfb7
 #include "bus-error.h"
c2dfb7
 #include "def.h"
c2dfb7
+#include "env-util.h"
c2dfb7
 #include "log.h"
c2dfb7
 #include "process-util.h"
c2dfb7
 #include "sd-bus.h"
c2dfb7
@@ -89,7 +90,11 @@ static void print_mode(const char* mode) {
c2dfb7
 }
c2dfb7
 
c2dfb7
 int main(int argc, char *argv[]) {
c2dfb7
-        static const char* const sulogin_cmdline[] = {SULOGIN, NULL};
c2dfb7
+        const char* sulogin_cmdline[] = {
c2dfb7
+                SULOGIN,
c2dfb7
+                NULL,             /* --force */
c2dfb7
+                NULL
c2dfb7
+        };
c2dfb7
         _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
c2dfb7
         int r;
c2dfb7
 
c2dfb7
@@ -99,6 +104,10 @@ int main(int argc, char *argv[]) {
c2dfb7
 
c2dfb7
         print_mode(argc > 1 ? argv[1] : "");
c2dfb7
 
c2dfb7
+        if (getenv_bool("SYSTEMD_SULOGIN_FORCE") > 0)
c2dfb7
+                /* allows passwordless logins if root account is locked. */
c2dfb7
+                sulogin_cmdline[1] = "--force";
c2dfb7
+
c2dfb7
         (void) fork_wait(sulogin_cmdline);
c2dfb7
 
c2dfb7
         r = bus_connect_system_systemd(&bus;;