Date: Sat, 14 Oct 2000 17:08:23 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: media@mail1.nai.net Cc: freebsd-questions@FreeBSD.ORG Subject: Re: changing root shell?? Message-ID: <Pine.BSF.4.21.0010141614550.49920-100000@ren.sasknow.com> In-Reply-To: <v03130302b60dfbae4a1e@[209.150.34.194]>
next in thread | previous in thread | raw e-mail | index | archive | help
media@mail1.nai.net wrote to freebsd-questions@FreeBSD.ORG: > > First off, thanks to everyone for their help. > > >> I've been entering commands with sh syntax all along. I haven't > >> received any syntax errors. Does this mean I could have trashed my > >> system without knowing it?? > >> > >The odds are very very slim, especially considering that you received > >no syntax errors that you have damaged your system at all. > > Whew!! Thanx :) It still amazes me that I haven't received any syntax > errors, since afaik, sh and csh use very different syntax. I've also > noticed some scripts are written in sh and some are written in csh -- how > does the system know what to do?? Look at the top of the script... You will see a line like #!/bin/sh The ``#!'' pattern tells execve(2) that the executable file is an interpreter file (not a binary), and that what follows on the same line is the name and location of the program with which to execute the script (with optional arguments following the filename). Thus, #!/bin/sh #!/bin/csh #!/usr/bin/perl -w ...are all scripts. Just to show you that you don't need a bona-fide shell (like sh or csh), or an interpreter (like perl), you can use ANY program that accepts input from stdin. Run this for fun: #!/usr/bin/grep -v ^# Simple script that removes # comments like this one. Everything happy! > >Changing your root shell to sh is fine. Just try and avoid stuff on /usr > >without a damn good reason, and knowledge of the consequences. A basic way > >to change your default editor is with sysinstall. > > I've read that I should avoid sysinstall after I've already installed > because it can cause problems. Why? Obviously, you want to stay away from anything that would re-newfs your drives, change partitions, or delete stuff... but /stand/sysinstall contains many useful post-install features that can provide very useful when configuring a system. > >Ya know... all of this talk about changing root shells (again) has led me > >to believe that the litrature that comes with fbsd, linux, etc just doesn't > >make one thing clear enough to new unix users.... Root is only to be used > >for select sys admin duties... not for browsing the web, or playing quake, > >or editing graphics or whatever else... sheesh. > > Actually, _The Complete FreeBSD_ and _The FreeBSD handbook_ do make that > clear. Even sysinstall suggests creating another account besides root for > regular use. Regardless, I am doing sys admin duties (eg. trying to get my > printer to work). What I think FreeBSD should make clear, is which shell > is being used by root when you first install it. echo $SHELL # sh echo $shell # csh Or if that doesn't work, the following should work on just about any system/shell: ps | grep $$ Or, if local passwd information is available, chsh root Or, using perl to suck the entry out: #!/usr/bin/perl print getpwuid($<))[8]; Or, any of dozens of other methods ;-) Then again, anyone executing these commands without copying them down from somewhere first probably doesn't know/doesn't care very much about shells and the differences between them. For most newbies that I have encountered, the differences in syntax between the shells are subtle at best. It may be futher argued that anyone that DOES know and care about the syntax of either shell enough should also know how to find out which shell they are using ;-) > The welcome message > should say "Listen you clueless newbie, root starts with the csh shell even > though every other Unix system in your life has started with sh unless you > changed it" or something similar :) Perhaps changing the default startup script to reflect the user's current shell would be more appropriate. sh is great for writing scripts, but is generally NOT very suitable for a typical login session nowadays--many more modern shells are available that provide much more functionality for the user. > >Give toor your chosen shell (chsh toor), assign her a password, and do > >your root duties from that account, leaving the real root account with the > >default shell. Best of both worlds, really, for about 99.5% of all > >sysadmin duties on a production machine. If a 'toor' account was not > >created on your system, just add another user after root with uid = 0, gid > >= 0 and remake the password db. > > I thought toor was a backdoor for remote access in case one could not get > into root. I've heard having toor activated is a possible security risk. Plugging your computer in is also a possible security risk ;-) toor is supposed to have uid=0 gid=0, meaning, no logins are allowed from insecure terminals (see /etc/ttys). If you want to add a small extra layer of security, rename toor to something else. Be sure to change the password just as frequently as you do root's. I am not aware of any additional security risks associated with toor that are not already present in a multi-user system. > I don't think I'll need toor since I can always boot from cd from the > console. However, that is a good idea if I wanted to have tcsh or bash for > doing root. > > How do I remake the password db?? /usr/sbin/pwd_mkdb /etc/master.passwd > >> My tcsh is in /usr/local/bin/tcsh, which wouldn't work in > >>single user mode. > > > >That's bad. All files that are integral to the system (ie, required > >for the system to boot in single user mode for rescue, recovery, > >etc) should be in the root filesystem. > > sh and csh are in /bin and part of the FreeBSD install. I added tcsh and > bash on my own, so they are in /usr/local/bin tcsh was added to the base system in FreeBSD 4.0, and made the default root shell {{ TRIMMED the beginnings of a converstion that usually only develops into an editor holy war ;-) }} - Ryan -- Ryan Thompson <ryan@sasknow.com> Network Administrator, Accounts Phone: +1 (306) 664-1161 SaskNow Technologies http://www.sasknow.com #106-380 3120 8th St E Saskatoon, SK S7H 0W2 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0010141614550.49920-100000>