From owner-freebsd-security@FreeBSD.ORG Fri Jul 9 05:47:06 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACBDD16A4CE for ; Fri, 9 Jul 2004 05:47:06 +0000 (GMT) Received: from phoenix.cyber-networks.fr (hermes.cyber-networks.fr [194.98.82.219]) by mx1.FreeBSD.org (Postfix) with ESMTP id 811BA43D3F for ; Fri, 9 Jul 2004 05:47:02 +0000 (GMT) (envelope-from jean-pierre.forcioli@cyber-networks.fr) Received: from localhost (localhost [127.0.0.1]) by phoenix.cyber-networks.fr (Postfix) with ESMTP id 00EBD822B for ; Fri, 9 Jul 2004 07:46:54 +0200 (CEST) Received: from localhost ([127.0.0.1]) by localhost (phoenix [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16462-02 for ; Fri, 9 Jul 2004 07:46:50 +0200 (CEST) Received: from glenan.cyber-networks.fr (unknown [192.168.3.206]) by phoenix.cyber-networks.fr (Postfix) with SMTP id 06C3E821C for ; Fri, 9 Jul 2004 07:46:50 +0200 (CEST) Received: from 127.0.0.1 by glenan.cyber-networks.fr (InterScan E-Mail VirusWall NT); Fri, 09 Jul 2004 07:53:26 +0200 Received: id ; Fri, 09 Jul 2004 07:34:58 +0200 From: Jean-Pierre FORCIOLI To: freebsd-security@freebsd.org In-Reply-To: <20040709002231.U94008@doppelganger.el.ntu-kpi.kiev.ua> References: <20040709002231.U94008@doppelganger.el.ntu-kpi.kiev.ua> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-oLL4nkW6vSiHXSKQChCW" Organization: CYBER NETWORKS Message-ID: Mime-Version: 1.0 Date: Fri, 09 Jul 2004 07:46:57 +0200 Subject: Re: Root users shell == no existant shell /bin/bash X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: jean-pierre.forcioli@cyber-networks.fr List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jul 2004 05:47:06 -0000 --=-oLL4nkW6vSiHXSKQChCW Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, 2004-07-08 at 23:23, Taras Y. NIZHNIK wrote: > On Thu, 8 Jul 2004, Brandon Grace wrote: > > I made a mistake setting my shell and have set the root users shell to > > /bin/bash instead of /bin/sh. I am curiuos if anyone knows how to fix t= his. > > The machines is FreeBSD 4.8-RELEASE-p4 and does not have sudo only su. > How about 'su -m' ? "su -m" will be a solution only if "/bin/bash" is a valid shell and the caller is root : "The invoked shell is your login shell, and no directory changes are made. As a security precaution, if the target user's shell is a non-standard shell (as defined by getusershell(3)) and the caller's real uid is non-zero, su will fail." But apparently, Brandon can't login anymore with "root" account because "/bin/bash" doesn't exist (so isn't a valid shell...). --=20 Jean-Pierre FORCIOLI OpenPGP: 1024D/CF173713 Cyber Networks http://www.cyber-networks.fr/ Tl : +33 (0)1 42 04 95 89 Fax : +33 (0)1 42 04 95 87 --=-oLL4nkW6vSiHXSKQChCW Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBA7jFQaKwq8c8XNxMRAivrAJ4kIX759foMlTISJePcQ5wccee+iACgui6t 4ET+DgqT/rzCJ07J/vR1R2Y= =Zh71 -----END PGP SIGNATURE----- --=-oLL4nkW6vSiHXSKQChCW--