I am working on a project that runs embedded linux. I want two user groups, one with limited admin access and another with basic read only access. Neither will have full root access.
Is root login normally disabled for products like this? If yes, let's say the user forgets their account passwords. They want to reset the password, but how is this accomplished without any root access?
Most boxes are designed with a reset button that can act as a 'reboot' button or if held down during boot up, a 'reset to factory defaults'.
If the user forgets their password, they need to reset the entire box and lose their existing config. You do not under any circumstances want to give someone the ability to reset a password (without root access) without physical access to the box.
At the absolute least ( physical access && config-wipe ) should always be the prerequisite for this operation.
Root accounts are usually disabled unless your reset to factory defaults is bulletproof (i.e. you have a spare copy of firmware in a hidden area that you can always restore to)