From owner-freebsd-questions Wed Jan 5 22:30:58 2000 Delivered-To: freebsd-questions@freebsd.org Received: from smtp.nwlink.com (smtp.nwlink.com [209.20.130.57]) by hub.freebsd.org (Postfix) with ESMTP id 4731E15570 for ; Wed, 5 Jan 2000 22:30:50 -0800 (PST) (envelope-from rjoseph@nwlink.com) Received: from nwlink.com (ip249.r15.d.bel.nwlink.com [207.202.175.249]) by smtp.nwlink.com (8.9.3/8.9.3) with ESMTP id WAA03571 for ; Wed, 5 Jan 2000 22:30:39 -0800 (PST) Message-ID: <387435D1.7E20347D@nwlink.com> Date: Wed, 05 Jan 2000 22:27:30 -0800 From: R Joseph Wright X-Mailer: Mozilla 4.51 [en] (X11; I; FreeBSD 3.4-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 Cc: freebsd-questions@FreeBSD.ORG Subject: Re: window manager question References: <200001052224.XAA37273@dorifer.heim3.tu-clausthal.de> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Oliver Fromme wrote: > > R Joseph Wright wrote in list.freebsd-questions: > > Does this mean that generally I should never login as root, even for > > example when installing a new port? I should do su instead? > > Yes, exactly. > > This is especially important on machines which have more than > one admin. When you use su, it is much easier to track > changes to the system and find out who did what. When you > login as root, you're working "anonymously". This can be > dangerous, and is generally not desirable. > > I usually configure all virtual terminals as "insecure", so > it's impossible to login as root. ;-) (ssh and ftp don't > allow root logins by default, and telnet is disabled on most > of the FreeBSD boxes here.) How do you configure a terminal as insecure? > I also prefer to compile ports as normal user (/usr/ports is > writable by members of the wheel group), and only do the > "make install" as root. However, this is a bit inconvenient, > because dependencies don't work right (they fail to install > automatically as normal user, of course, so you have to do > that manually as root). Not a big deal, though. > > > If that's > > the case, is there an rc file that I can use to get my su shell to > > behave as my user shell? For example, I like for the prompt to show my > > user name and current working directory. > > When you use ``su -m'', your shell will read the standard > rc files, so you should get identical behaviour. Note that > it will _not_ read the login profile, because it is not a > login shell (for example, if you use zsh, then ~/.zprofile > will not be read, but ~/.zshrc will be read). > > Personally, I like to have a different prompt when I'm root, > therefore my ~/.zshrc (I'm using zsh) contains this (among > other stuff): > > if [[ $EUID -eq 0 ]]; then > PROMPT="%Broot%b@%m:%4(~:...:)%3c%B#%b " > else > PROMPT="%n@%m:%4(~:...:)%3c> " > fi > > This will give me a nice bold ``root'' in the prompt, so I > never forget that I have to be careful not to type rm -rf / > and kill -9 -1 and things like that. ;-) I use bash. It was used by default in redhat linux, which was my first exposure to unix-like systems. I like the way it behaves the best of all the shells I've used, although I tried out zsh briefly and it seemed very similar to bash. I've got it all set up perfectly now. My root login shell is now csh, with the "stock" .cshrc. I've got ~/.bashrc and ~/.profile set up with all my aliases instead of /etc/profile. This allows me to use my aliases whenever invoking the shell, login or otherwise. I have alias su='su -m'. Now I have no need to login as root anymore. There is only one problem. My .rc files have this setup, as you described, but modified for bash: if [[ $EUID -eq 0 ]]; then PS1="root@\h\w\$" else PS1="joseph@\h\w\$" fi According to the man page on bash, the "$" is supposed to show up as "#" if uid is 0, otherwise it will show as "$". It doesn't do this, however. It always shows up as "$", regardless of uid. Thanks for the help -- Best Regards, Joseph You will do foolish things, but do them with enthusiasm. Colette. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message