[systemd-devel] Emergency mode if non-critical /etc/fstab entries are missing
Lennart Poettering
lennart at poettering.net
Fri Nov 4 20:38:58 UTC 2016
On Fri, 04.11.16 16:14, Marc Haber (mh+systemd-devel at zugschlus.de) wrote:
> On Thu, Nov 03, 2016 at 10:55:35PM +0100, Lennart Poettering wrote:
> > On Mon, 26.09.16 07:02, Marc Haber (mh+systemd-devel at zugschlus.de) wrote:
> > > On Mon, Sep 26, 2016 at 10:52:50AM +1300, Sergei Franco wrote:
> > > > The emergency mode assumes console access, which requires physical access,
> > > > which is quiet difficult if the machine is remote.
> > >
> > > It does also assume knowledge of the root password, which is in
> > > enterprise environments not often the case. Enterprises usually have
> > > root passwords stowed away in a safe, behind a three-headed guard dog,
> > > requiring management approval, and > 2 eyes mechanisms, and usually
> > > have password-changing processes attached that touch other machines
> > > sharign the same root password as well (for example because the root
> > > password hash is stamped into the golden image).
> > >
> > > Many enterprise environments that I know have their processes geared
> > > in a way that the root password is not needed in daily operation.
> > > Login via ssh key, privilege escalation via sudo.
> > >
> > > systemd requiring the root password because some tertiary file system
> > > doesn't mount is a nuisance for those environments.
> > >
> > > Some sites have resorted to adding "nofail" to all fstab lines just to
> > > find themselves with the next issue since the initramfs of some
> > > distributions doesn't know this option yet.
> >
> > "nofail" has been around as long as fstab has been around really. It's
> > not a systemd invention.
>
> I cannot say anything about that, I don't have any non-systemd
> machines left. However, that machines stop booting and require the
> root password is a totally new experience for me that came with systemd.
Well, some distros ignored the return value of mount -a, we generally
try to not to ignore error conditoins, in particular if they might be
relevant for security.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list