Date: Tue, 21 Dec 2004 11:25:30 +1030 From: Greg 'groggy' Lehey <grog@FreeBSD.org> To: Dick Davies <rasputnik@hellooperator.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: bash - superuser Message-ID: <20041221005530.GA53357@wantadilla.lemis.com> In-Reply-To: <20041221004544.GE4267@lb.tenfour> References: <41C6AC75.6020608@uol.com.br> <20041220120620.GA68520@duplo.dahoam> <20041220133252.GB7774@lb.tenfour> <20041220145227.GA24495@ei.bzerk.org> <20041221000020.GS84787@wantadilla.lemis.com> <20041221002449.GA11833@falcon.midgard.homeip.net> <20041221004544.GE4267@lb.tenfour>
next in thread | previous in thread | raw e-mail | index | archive | help
--SUOF0GtieIMvvwua Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tuesday, 21 December 2004 at 0:45:45 +0000, Dick Davies wrote: > * Erik Trulsson <ertr1013@student.uu.se> [1224 00:24]: >> On Tue, Dec 21, 2004 at 10:30:20AM +1030, Greg 'groggy' Lehey wrote: >>> On Monday, 20 December 2004 at 15:52:27 +0100, Ruben de Groot wrote: >>>> On Mon, Dec 20, 2004 at 01:32:53PM +0000, Dick Davies typed: >>>>> * Gerhard Meier <gemei2@web.de> [1207 12:07]: >>>>>> On Mon, Dec 20, 2004 at 08:41:57AM -0200, Giuliano Cardozo Medalha wrote: >>>>>>> I have a machine with FreeBSD 5.3 - release -p2. >>>>>>> >>>>>>> I have installed bash from ports. >>>>>>> >>>>>>> How is possible to use bash in root account ? >>>>>> >>>>>> Do not change the shell of the root account. If you have /usr or >>>>>> /usr/local on a separate partition, and you cannot mount for some >>>>>> reason, you wont be able to fix that, without booting from >>>>>> another device. >>>>> >>>>> No, but you'll still be able to use /bin/sh when going single user, so >>>>> what's the big deal? >>>> >>>> Using a shell not contained in the root filesystem can cause >>>> problems even when not in single user mode. There are enough >>>> examples in the archives. >>> >>> This is a particularly tenacious rumour. I've been using bash as my >>> root shell on many different UNIX platforms for nearly 14 years, and >>> I've never had any problems. I've also never seen any substantiated >>> problems reported anywhere. >> >> There was actually an actual problem with having bash as root shell >> reported on this very list about a week ago. See >> http://docs.FreeBSD.org/cgi/mid.cgi?41C0CC10.4020109 >> and >> http://docs.FreeBSD.org/cgi/mid.cgi?20041216001329.GA37679 >> for the conclusion of the thread. > > I can't see the beginning of the thread there, but ISTR that's a > problem with the pppd script running before the dynamic library path > is set up (so being unable to see /usr/local/lib). Yes, that's correct. > That's hardly a bash issue, It can't happen if you use a "standard" shell, so to a certain extent it's a valid criticism of my statement. I'm still thinking about the implications. There are a couple of reasons why this shouldn't happen: 1. You don't normally start networking until you have mounted your local file systems. 2. The problem is related to the invocation of su(1). It's not clear why that's there. Still, it shows that there are issues. It may be sufficient to document them. People who follow the advice in "The Complete FreeBSD" won't run into this problem, since they won't install a separate /usr file system. > and would be a non-issue if you statically linked bash (I can't > think of any reason to want a dynamically linked one). One reason is that bash pulls in a lot of libraries. That's why we used dynamic libraries in the first place. In any case, we're not talking about custom shell builds here. Greg -- When replying to this message, please copy the original recipients. If you don't, I may ignore the reply or reply to the original recipients. For more information, see http://www.lemis.com/questions.html See complete headers for address and phone numbers. --SUOF0GtieIMvvwua Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBx3SCIubykFB6QiMRAu2ZAJ9wJufcpCn079UNIXET7jh5xshRDgCdGWkd kIqGGYaR0NuIujdpWc7QV20= =g+fj -----END PGP SIGNATURE----- --SUOF0GtieIMvvwua--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041221005530.GA53357>