Date: Thu, 06 Jan 2000 09:18:20 -0500 From: "Douglas B. Quayle" <dquayle@slk.com> To: R Joseph Wright <rjoseph@nwlink.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: window manager question Message-ID: <3874A42B.EF8D76DA@slk.com> References: <200001052224.XAA37273@dorifer.heim3.tu-clausthal.de> <387435D1.7E20347D@nwlink.com>
next in thread | previous in thread | raw e-mail | index | archive | help
R Joseph Wright wrote: > Oliver Fromme wrote: > > > > R Joseph Wright <rjoseph@nwlink.com> wrote in list.freebsd-questions: > > > Does this mean that generally I should never login as root, even for > > > example when installing a new port? I should do su instead? > > > > Yes, exactly. > > > > This is especially important on machines which have more than > > one admin. When you use su, it is much easier to track > > changes to the system and find out who did what. When you > > login as root, you're working "anonymously". This can be > > dangerous, and is generally not desirable. > > > > I usually configure all virtual terminals as "insecure", so > > it's impossible to login as root. ;-) (ssh and ftp don't > > allow root logins by default, and telnet is disabled on most > > of the FreeBSD boxes here.) > > How do you configure a terminal as insecure? Edit /etc/ttys. Each terminal has an entry stating whether it is secure or insecure. Insecure terminals prohibit root login. > > > > I also prefer to compile ports as normal user (/usr/ports is > > writable by members of the wheel group), and only do the > > "make install" as root. However, this is a bit inconvenient, > > because dependencies don't work right (they fail to install > > automatically as normal user, of course, so you have to do > > that manually as root). Not a big deal, though. > > > > > If that's > > > the case, is there an rc file that I can use to get my su shell to > > > behave as my user shell? For example, I like for the prompt to show my > > > user name and current working directory. > > > > When you use ``su -m'', your shell will read the standard > > rc files, so you should get identical behaviour. Note that > > it will _not_ read the login profile, because it is not a > > login shell (for example, if you use zsh, then ~/.zprofile > > will not be read, but ~/.zshrc will be read). > > > > Personally, I like to have a different prompt when I'm root, > > therefore my ~/.zshrc (I'm using zsh) contains this (among > > other stuff): > > > > if [[ $EUID -eq 0 ]]; then > > PROMPT="%Broot%b@%m:%4(~:...:)%3c%B#%b " > > else > > PROMPT="%n@%m:%4(~:...:)%3c> " > > fi > > > > This will give me a nice bold ``root'' in the prompt, so I > > never forget that I have to be careful not to type rm -rf / > > and kill -9 -1 and things like that. ;-) > > I use bash. It was used by default in redhat linux, which was my first > exposure to unix-like systems. I like the way it behaves the best of > all the shells I've used, although I tried out zsh briefly and it seemed > very similar to bash. > > I've got it all set up perfectly now. My root login shell is now csh, > with the "stock" .cshrc. I've got ~/.bashrc and ~/.profile set up with > all my aliases instead of /etc/profile. This allows me to use my > aliases whenever invoking the shell, login or otherwise. I have alias > su='su -m'. Now I have no need to login as root anymore. > > There is only one problem. My .rc files have this setup, as you > described, but modified for bash: > > if [[ $EUID -eq 0 ]]; then > PS1="root@\h\w\$" > else > PS1="joseph@\h\w\$" > fi > According to the man page on bash, the "$" is supposed to show up as "#" > if uid is 0, otherwise it will show as "$". It doesn't do this, > however. It always shows up as "$", regardless of uid. > > Thanks for the help > -- > Best Regards, Joseph > > You will do foolish things, > but do them with enthusiasm. Colette. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3874A42B.EF8D76DA>