| View previous topic :: View next topic |
| Author |
Message |
Mgiese
Veteran
Joined: 23 Mar 2005
Posts: 1510
Location: indiana
|
 Posted: Thu Mar 24, 2016 12:11 am Post subject: open terminal without login |
 |
|
hi there,
i recently discovered that switching to terminal 9 (ctrl+alt+f9) opens a shell without login prompt."whoami" shows that i am root.
i am a bit scared now. have i been hacked ???... can someone point me in the direction to fix this?
thanks a lot
_________________
I do not have a Superman complex, for I am God not Superman 
Ryzen7 3700x ; Geforce1650 ; kernel 5.9.9 |
|
| Back to top |
|
 |
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6818
Location: Blighty
|
| Posted: Thu Mar 24, 2016 9:48 am Post subject: |
|
|
Looks like it's the systemd debugging shell
https://freedesktop.org/wiki/Software/systemd/Debugging/
| Quote: |
Tip: If you find yourself in a situation where you cannot use systemctl (e.g. when setting this up from a different booted system), you can enable the service manually:
cd $PATH_TO_YOUR_ROOT_FS/etc/systemd/system
mkdir -p sysinit.target.wants
ln -s /usr/lib/systemd/system/debug-shell.service sysinit.target.wants/
Once enabled, the next time you boot you will be able to switch to tty9 using CTRL+ALT+F9 and have a root shell there available from an early point in the booting process. You can use the shell for checking the status of services, reading logs, looking for stuck jobs with systemctl list-jobs, etc.
Warning: Use this shell only for debugging! Do not forget to disable systemd-debug-shell.service after you've finished debugging your boot problems. Leaving the root shell always available would be a security risk. |
While I'd love to claim it's a defect in systemd, I doubt that it's enabled by default - I'm sure our resident systemd lovers can verify this.
Or is there a USE flag such as debug which turns it on? If so, I sense a Slashdot front page news story!
_________________
Use dhcpcd for all your automated network configuration needs
Use dhcpcd-ui (GTK+/Qt) as your System Tray Network tool |
|
| Back to top |
|
|
Mgiese
Veteran
Joined: 23 Mar 2005
Posts: 1510
Location: indiana
|
| Posted: Thu Mar 24, 2016 12:05 pm Post subject: |
|
|
thanks for the answer, my systemd looks like this :
| Code: | | Installed versions: 226-r2(16:33:36 12/27/15)(acl kdbus kmod lz4 pam policykit seccomp ssl -apparmor -audit -cryptsetup -curl -elfutils -gcrypt -gnuefi -http -idn -importd -lzma -nat -qrcode -selinux -sysv-utils -test -vanilla -xkb ABI_MIPS="-n32 -n64 -o32" ABI_PPC="-32 -64" ABI_S390="-32 -64" ABI_X86="32 64 -x32") |
_________________
I do not have a Superman complex, for I am God not Superman
Ryzen7 3700x ; Geforce1650 ; kernel 5.9.9 |
|
| Back to top |
|
|
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6818
Location: Blighty
|
|
| Back to top |
|
|
Mgiese
Veteran
Joined: 23 Mar 2005
Posts: 1510
Location: indiana
|
| Posted: Thu Mar 24, 2016 12:20 pm Post subject: |
|
|
so far i didnt figure it all out.
i set | Code: | | LogLevel=info CrashShell=no |
in /etc/systemd/system.conf, but the open shell didnt disappear. which keyword/useflag enables the debugging shell?
_________________
I do not have a Superman complex, for I am God not Superman
Ryzen7 3700x ; Geforce1650 ; kernel 5.9.9 |
|
| Back to top |
|
|
Mgiese
Veteran
Joined: 23 Mar 2005
Posts: 1510
Location: indiana
|
| Posted: Thu Mar 24, 2016 12:23 pm Post subject: |
|
|
i think i found the problem, in gentoo wiki systemd article :
| Code: | Or enable the debug-shell, that opens a terminal at tty9. This helps to debug services during the boot process.
root #systemctl enable debug-shell.service |
so i can disable that, but if thats an unwanted behaviour of standrad systemd configuration, or if i set this myself during
systemd switch, i cannot say, since it was 9 month ago when i did the switch
someone else should check that out please.
_________________
I do not have a Superman complex, for I am God not Superman
Ryzen7 3700x ; Geforce1650 ; kernel 5.9.9 |
|
| Back to top |
|
|
Mgiese
Veteran
Joined: 23 Mar 2005
Posts: 1510
Location: indiana
|
| Posted: Thu Mar 24, 2016 12:26 pm Post subject: |
|
|
| Code: | # systemctl
UNIT LOAD ACTIVE SUB DESCRIPTION
debug-shell.service loaded active running Early root shell on /dev/tty9 FOR DEBUGGING ONLY
|
thanks for pointing me in the right direction !
_________________
I do not have a Superman complex, for I am God not Superman
Ryzen7 3700x ; Geforce1650 ; kernel 5.9.9 |
|
| Back to top |
|
|
|
Networking & Security
