.bash_profile not run when using graphical login
Colin Watson
cjwatson at canonical.com
Tue Oct 5 23:26:13 UTC 2004
On Tue, Oct 05, 2004 at 06:11:17PM -0500, Martin Maney wrote:
> (BTW, while waiting for reboot... that looks to be an unwanted side
> effect of having root's password shut off: the "recovery" boot takes
> you straight into a root shell! Okay, this isn't going on anything I
> leave unattended then, is it?)
That was deliberate, actually, since otherwise there's no way to recover
from e.g. fsck on your root filesystem failing. We were happy to do this
because it actually doesn't weaken your system in the slightest: anyone
with enough physical access to select the recovery boot option could
just as easily append the 'init=/bin/sh' argument to the kernel and
bypass sulogin altogether.
If the root password is set, the recovery boot option will ask for it.
If you have a system where untrusted people have physical access, you
will want to take a number of measures to reduce your vulnerability to
them. Enabling the root password, or setting a BIOS password so that
they don't get to boot without your presence, is likely to be one of
those measures.
Cheers,
--
Colin Watson [cjwatson at canonical.com]
More information about the ubuntu-users
mailing list