Add ability to disable root account lockdown

[jakub-d]

micro-config-drive unconditionally disables password login for the root account. Please add an ability to disable this feature.

I am referring to https://github.com/clearlinux/micro-config-drive/blob/48be37060f39f24e0797123c2e00d95375d83e84/src/main.c#L124

[ahkok]

You can do this with runcmd.

We could make another (highly specialized) option for this, but I feel there's a simple way to undo this, and it's uncommon to want to do this - most people will be using a privileged account instead.

[jakub-d]

most people will be using a privileged account instead.

I don't agree with it. There are certain situations where root account is used. I know I can make a workaround with a runcmd.

Your application makes changes to the system and it is not possible to reconfigure it.

Cloud-config provides disable_root option: https://github.com/canonical/cloud-init/blob/master/doc/examples/cloud-config.txt#L225

Can you please implement it?

[ahkok]

We purposely chose not to implement many of the (hundreds?) of options that Ubuntu's implementation offers, but keep the feature set limited to the basics. The above argument is valid for all those options that we omit. I do not feel that this options sticks out far enough that this is needed, the use case you present seems rare and goes against standard security practices.