From owner-freebsd-questions@freebsd.org Thu Dec 31 13:27:44 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6E9E7A56212 for ; Thu, 31 Dec 2015 13:27:44 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de (mx01.qsc.de [213.148.129.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3071114C7 for ; Thu, 31 Dec 2015 13:27:43 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de (port-92-195-17-9.dynamic.qsc.de [92.195.17.9]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 67E153CDA0; Thu, 31 Dec 2015 14:27:40 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id tBVDRdpv001926; Thu, 31 Dec 2015 14:27:39 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Thu, 31 Dec 2015 14:27:39 +0100 From: Polytropon To: David Benfell Cc: freebsd-questions@freebsd.org Subject: Re: Rebuilding FreeBSD! Message-Id: <20151231142739.721ca5dc.freebsd@edvax.de> In-Reply-To: <56850513.4020208@parts-unknown.org> References: <20151231060644.GA42655@becker.bs.l> <56850513.4020208@parts-unknown.org> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Dec 2015 13:27:44 -0000 On Thu, 31 Dec 2015 02:36:03 -0800, David Benfell wrote: > On 12/30/2015 10:06 PM, Bertram Scharpf wrote: > > Not actually a different shell. Just install another one from > > ports/packages. To avoid disappointments I recommend to leave csh or > > sh in /etc/passwd at least for root. > Having used zsh for well over a decade in both Linux and BSD systems, I > have never found it necessary to leave csh or sh or bash as the root > shell. This advice is still valid due to the following reasons: When users install additional shells, they usually go to the /usr/local subtree. When the user also has partitioned the disk so that /usr is a partition different from /, then /usr/local/bin/* won't be available in single-user mode. If the default shell points to a program in that location - well, problem. However, many shells support being installed into /bin (even though this is a slight interference with the OS), and most also support being built statically, so no 3rd party libraries in /usr/local/lib will be required. A non-existing shell will not permit a login. For the root user, which is the only one where you always want to be sure it can log in, having a shell that _might_ not be available is a bad idea. For regular users it's okay, as they usually do not log in in case of an emergency - and "emergency" often means a state of heavily reduced system functionality (only console login, no X, maybe no network, single-user mode, no daemons running, worst case). Furthermore, it's often advised not to do interactive work as the "root" user. A configurable UID 0 account is provided with the "toor" user which can easily have a custom shell. This makes sure emergency operations aren't made complicated. For everything else, there's always su, sudo, and super, with varying degrees of permissions and shell environment inheritance. > Scripts all have their own #! line so they'll use the shell > they're written for (pretty much always sh in FreeBSD ports and the base > system as far as I know). This is correct. That's why removing /bin/sh (which is, by the way, also the default dialog shell in single-user mode!) is a bad idea. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...