.BR "$SHELL -i" .
.PP
A caller is allowed if it has write access to
-.BR /etc/inittab .
-This is most easily achieved by creating or using a suitable group,
-containing all the appropriate users, and making
+.BR /etc/inittab
+and is also member of the group
+.BR root .
+This is most easily achieved by making inittab group-writeable by some
+suitable group containing all the appropriate users, and making
.B /etc/inittab
-group-owned by that group and group-writeable.
+group-owned by that group and group-writeable. The root group is
+perhaps a good choice if it isn't being used for anything else.
.SH OPTIONS
.TP
\fB-u\fR \fIusername\fR | \fB--user\fR \fIusername\fR
* really: Add "danger!" warning to usage message description of -R.
* really: Document -R option in the manpage. Closes:#693354.
+ * really: Document need to be in the "root" group as well. (This is
+ better than removing the restriction, because it would be dangerous to
+ relax this security barrier in existing deployments.) Closes:#693356.
--