Date: Mon, 2 Mar 2009 02:55:09 +0100 From: Polytropon <freebsd@edvax.de> To: Daniel Lannstrom <op@trekdanne.se> Cc: freebsd-questions@freebsd.org Subject: Re: Root shell Message-ID: <20090302025509.100163c4.freebsd@edvax.de> In-Reply-To: <20090301164355.GA29675@haruhi> References: <d2f26f270903010650h243df36bx2ea07d434567633e@mail.gmail.com> <20090301155532.GA29514@haruhi> <4ad871310903010811o47b77f04y7976819e101b881b@mail.gmail.com> <20090301164355.GA29675@haruhi>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 1 Mar 2009 17:43:55 +0100, Daniel Lannstrom <op@trekdanne.se> wrote: > On Sun, Mar 01, 2009 at 11:11:56AM -0500, Glen Barber wrote: > > This explains one of the reasons not to change root's shell: > > > > http://www.freebsd.org/doc/en/books/faq/security.html#TOOR-ACCOUNT > > Yes that's exactly what I meant. Is there any other reason except for > that? As I see it that problem can easily be solved by copying bash to > the root file system. Also many systems today have the root and /usr > on the same file system. I wouldn't rely on the "many systems today" assumption. As an addition, I'd like to mention that there are "two root shells": First is the system's standard scripting shell /bin/sh which is usually invoked first when entering maintenance mode (single user mode). As well as FreeBSD's standard dialog shell /bin/csh it resides on the / partition. Maybe it can be seen as an "unwritten law", or at least as a kind of well intended suggestion to use /bin/csh for root's dialog shell as well as /bin/sh for scripting. It may be considered "old fashion", but it has served well to follow this suggestion over the years. Just as a very individual example, I haven't found any need to install BASH on any system I've done so far. But it's completely okay to have BASH as a user's dialog shell when the system is up and running well. Furthermore, I don't think copying the bash* binary is sufficient to have BASH in SUM in a problem situation (which is: / is mounted ro, nothing else mounted). Reason: % which bash | xargs ldd /usr/local/bin/bash: libncurses.so.7 => /lib/libncurses.so.7 (0x280ff000) libintl.so.8 => /usr/local/lib/libintl.so.8 (0x2813d000) libiconv.so.3 => /usr/local/lib/libiconv.so.3 (0x28146000) libc.so.7 => /lib/libc.so.7 (0x2823b000) There are library dependencies on /usr partition. -- Polytropon >From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090302025509.100163c4.freebsd>