# RHEL 5 # ------------------------------------------------------------------------------------------ # To force users to enter password in Single User mode, add following line to /etc/inittab: ~:S:respawn:/sbin/sulogin # The changes to this file takes effect after a system reboot # To make init re-read the /etc/inittab without rebooting the system, type the command /sbin/init q # RHEL 6 # ------------------------------------------------------------------------------------------ # Edit /etc/inittab and add "su:S:wait:/sbin/sulogin" before 'initdefault' line: vi /etc/inittab [...] su:S:wait:/sbin/sulogin id:3:initdefault: # Edit /etc/sysconfig/init and replace "SINGLE=/sbin/sushell" with "SINGLE=/sbin/sulogin": vi /etc/sysconfig/init [...] # Set to '/sbin/sulogin' to prompt for password on single-user mode # Set to '/sbin/sushell' otherwise SINGLE=/sbin/sulogin # RHEL 7 # ------------------------------------------------------------------------------------------ # By default, Single User mode is password protected by the root password on RHEL 7: cat /usr/lib/systemd/system/rescue.service [...] [Service] Environment=HOME=/root WorkingDirectory=/root ExecStartPre=-/bin/plymouth quit ExecStartPre=-/bin/echo -e 'Welcome to emergency mode! After logging in, type [...] ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default" <--- Type=idle StandardInput=tty-force StandardOutput=inherit StandardError=inherit KillMode=process IgnoreSIGPIPE=no SendSIGHUP=yes
Archive for the ‘Enable Authentication for Single-User Mode’ Category
Enable Authentication for Single-User Mode
Posted: May 21, 2018 in Enable Authentication for Single-User Mode, Security9