Path: utzoo!attcan!uunet!husc6!uwvax!rutgers!gatech!emory!arnold
From: arnold@emory.uucp (Arnold D. Robbins {EUCC})
Newsgroups: comp.unix.wizards
Subject: Booting SunOS 4.0 singlu user (was Re: NFS security)
Keywords: NFS, mknod
Message-ID: <3168@emory.uucp>
Date: 7 Sep 88 19:06:12 GMT
References: <126@leibniz.UUCP> <670028@hpclscu.HP.COM> <1394@basser.oz> <1202@luth.luth.se> <66897@sun.uucp> <14186@comp.vuw.ac.nz>
Reply-To: arnold@emory.UUCP (Arnold D. Robbins {EUCC})
Organization: Emory University
Lines: 27

In article <14186@comp.vuw.ac.nz> duncan@comp.vuw.ac.nz (Duncan McEwan) writes:
>....  I think SunOS 4.0 can be configured to require the
>superuser password before coming up in single user mode.
>
>My only information regarding this feature in SunOS 4.0 is a brief
>mention in the 4.0 release notes, so I may have mis-interpreted it.
>No doubt someone will correct me if I have.

This feature is straight-forward, and fairly elegant. The file /etc/ttytab
is in the format of the 4.3BSD /etc/ttys:

# name	getty				type		status	comments
#
console	"/usr/etc/getty std.9600"	sun		on secure

The 'secure' on the line for the console has the usual meaning of "root
can log in on this terminal", and is also overloaded to mean "OK, you can
come up with a single user root shell". If 'secure' is missing, or /etc/ttytab
is not there, then the system prompts for the root password when booting
single user.

This could profitably be incorporated into future BSD releases.
-- 
Arnold Robbins -- Emory University Computing Center
DOMAIN:	arnold@unix.cc.emory.edu (finally!)
UUCP:	{ decvax, gatech, skeeve }!emory!arnold		BITNET:	arnold@emoryu1
PHONE:	+1 404 727-7636