From owner-freebsd-questions Sat Oct 14 14: 4:43 2000 Delivered-To: freebsd-questions@freebsd.org Received: from static.unixfreak.org (static.unixfreak.org [63.198.170.139]) by hub.freebsd.org (Postfix) with ESMTP id 0B4DB37B503 for ; Sat, 14 Oct 2000 14:04:39 -0700 (PDT) Received: by static.unixfreak.org (Postfix, from userid 1000) id E41B61F03; Sat, 14 Oct 2000 14:04:37 -0700 (PDT) Subject: Re: changing root shell?? In-Reply-To: "from media@ct1.nai.net at Oct 14, 2000 04:09:45 pm" To: media@ct1.nai.net Date: Sat, 14 Oct 2000 14:04:37 -0700 (PDT) Cc: freebsd-questions@FreeBSD.ORG From: Dima Dorfman Reply-To: dima@unixfreak.org X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Message-Id: <20001014210437.E41B61F03@static.unixfreak.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > First off, thanks to everyone for their help. > > >Changing your root shell to sh is fine. Just try and avoid stuff on /usr > >without a damn good reason, and knowledge of the consequences. A basic way > >to change your default editor is with sysinstall. > > I've read that I should avoid sysinstall after I've already installed > because it can cause problems. I think some people say that because they've upgraded their system using `make world`, but didn't update /stand, so when they run a three year old version of sysinstall on a brand new system, something goes wrong--and you can't blame it. > >Setting the environment variable EDITOR will make some programs--vipw, > >chsh, and crontab, for example--use the editor you specify. In > >(t)csh, the syntax to do that is: "setenv EDITOR emacs" where emacs is > >the editor you would like to use. I'm not sure about the (ba)sh > >syntax, but I believe it's something like "export EDITOR=emacs". > > > >You've got bash and relatives right. You might note that the actual > >sequence for many things is VISUAL (if set), the EDITOR. This is true > >for vipw, even though the man page doesn't mention it. The idea was > >that you would get VISUAL if your termain could support a visual > >editor, otherwise EDITOR. For bash, you can add that .profile, and > >other things will inherit it. > > I don't understand. What is VISUAL?? According to whoever wrote the above paragraph (Mike?) it is the same thing as EDITOR, but it will only be run if your terminal supports it. If it doesn't, EDITOR will be run. I don't know how that's checked. Try it and find out :-) > > >Give toor your chosen shell (chsh toor), assign her a password, and do > >your root duties from that account, leaving the real root account with the > >default shell. Best of both worlds, really, for about 99.5% of all > >sysadmin duties on a production machine. If a 'toor' account was not > >created on your system, just add another user after root with uid = 0, gid > >= 0 and remake the password db. > > I thought toor was a backdoor for remote access in case one could not get > into root. I've heard having toor activated is a possible security > risk. They're both uid 0, so I don't see how toor is any more accessable than root. All restrictions (no telent/ftp logins) apply to both of them. Maybe whoever said that was referring to the case where you forget your root password and don't have physical access to the host in question. > I don't think I'll need toor since I can always boot from cd from the > console. However, that is a good idea if I wanted to have tcsh or bash for > doing root. > > How do I remake the password db?? Things like chsh and vipw do it for you. If possible, you should use them. If not, look at `man pwd_mkdb`. > >So change it. Change it /bin/bash. Dynamically linked means that the > >binary was linked to a shared object library that has to be loaded every > >time you want to run the program. I have no clue why he would say that > >you couldn't use it because it's dynamically linked. Of course you can > >use it if it's dynamically linked. Just make sure that any libs that it > >is linked to aren't out of reach in an emergency situation. > > They are on /usr not / While I have about 40M of space available on / (I > made it 60M and only about 20M is currently used), I'm reluctant to > arbitrarily add things to / That's good. Your local programs should go into /usr/local, just like how you have it. > >vi is a superior editor, it just takes some getting used to. Once you > >master the commands, editing with vi is quicker than any other editor out > >there. > > I need an editor I can use right now to get my system configured, and many > commands (eg. chsh) automatically call up vi. I'd like to spend less time > in man vi, and more time getting things done. ee is your friend. > > Some commands call up a default editor. I don't have pico and have no > intention of going back to pine (maybe I'll try mutt, I'm using Eudora Pro > on my LEM now -- I know you are mostly PC guys, but 040/7.6.1 is a rock). > Imho, using emacs without X is silly (no flames, please) and wouldn't want > to use X if I were fixing a problem as root. I'd like to set it to > ee. As multiple people have suggest before, doing "setenv EDITOR ee" in (t)csh or "export EDITOR=ee" in (ba)sh will change the default editor. You can add those to your .cshrc or .profile to run when you log in for csh and sh respevitly. -- Dima Dorfman Finger dima@unixfreak.org for my public PGP key. "Tell me what you need, and I'll tell you how to get along without it." -- Dilbert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message