A system is configured to automatically lock accounts after a number of failed login attempts. This was done by enabling the feature globally (LOCK_AFTER_RETRIES=YES) without any further changes. Is the root user also affected by the account locking?

A.
By default, root is excluded from automatic account locking.

B.
root can always log in on the console, whether it is locked or not.

C.
The framework ensures that root can never be automatically locked.

D.
The /etc/shadow entry for the root user has the value -1 for failed login attempts, which causes this account to never be locked.