[systemd-devel] Emergency mode if non-critical /etc/fstab entries are missing

Marc Haber mh+systemd-devel at zugschlus.de
Mon Sep 26 05:25:45 UTC 2016


On Mon, Sep 26, 2016 at 10:52:50AM +1300, Sergei Franco wrote:
> The emergency mode assumes console access, which requires physical access,
> which is quiet difficult if the machine is remote.

It does also assume knowledge of the root password, which is in
enterprise environments not often the case. Enterprises usually have
root passwords stowed away in a safe, behind a three-headed guard dog,
requiring management approval, and > 2 eyes mechanisms, and usually
have password-changing processes attached that touch other machines
sharign the same root password as well (for example because the root
password hash is stamped into the golden image).

Many enterprise environments that I know have their processes geared
in a way that the root password is not needed in daily operation.
Login via ssh key, privilege escalation via sudo.

systemd requiring the root password because some tertiary file system
doesn't mount is a nuisance for those environments.

Some sites have resorted to adding "nofail" to all fstab lines just to
find themselves with the next issue since the initramfs of some
distributions doesn't know this option yet. 

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421


More information about the systemd-devel mailing list