1
Fork 0

new post: Don't set an empty root password on Chrome OS

This commit is contained in:
Jan-Erik Rediger 2014-03-04 16:41:45 +01:00
parent 29d32bf39b
commit f1c7f732c7

View file

@ -0,0 +1,33 @@
---
layout: post
title: Don't set an empty root password on Chrome OS
date: 04.03.2014 16:41
---
So I got this [Chromebook][chromebook-post] in Developer Mode and wanted to set
a root password to atleast protect it a little.
Easy:
~~~bash
sudo chromeos-setdevpasswd
~~~
Oh, wait. You pressed enter twice here? Backup your data and reset the device.
This is what `chromeos-setdevpasswd` does:
~~~bash
#!/bin/sh
mkdir -p /mnt/stateful_partition/etc
echo "chronos:$(openssl passwd -1)" > /mnt/stateful_partition/etc/devmode.passwd
~~~
openssl does not care that you just used an empty password, atleast if you also verify it.
But so do `su` and `sudo`, which means you won't be able to get root rights again.
But it's Chrome OS after all, so most things are stored in your Google profile
anyway, resetting and restoring the thing is done easily.
[chromebook-post]: http://fnordig.de/2014/03/03/samsung-chromebook-a-short-review/