From owner-freebsd-questions  Mon Dec 22 20:27:55 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id UAA28684
          for questions-outgoing; Mon, 22 Dec 1997 20:27:55 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from ocala.cs.miami.edu (ocala.cs.miami.edu [129.171.34.17])
          by hub.freebsd.org (8.8.7/8.8.7) with SMTP id UAA28679
          for <freebsd-questions@freebsd.org>; Mon, 22 Dec 1997 20:27:52 -0800 (PST)
          (envelope-from jmcla@ocala.cs.miami.edu)
Received: from ocala.cs.miami.edu by ocala.cs.miami.edu via SMTP (950413.SGI.8.6.12/940406.SGI)
	 id XAA16708; Mon, 22 Dec 1997 23:27:43 -0500
Date: Mon, 22 Dec 1997 23:27:43 -0500 (EST)
From: "Joe \"Marcus\" Clarke" <jmcla@ocala.cs.miami.edu>
To: "Matthew D. Fuller" <fullermd@futuresouth.com>
cc: Javier Henderson <javier@Kjsl.com>, freebsd-questions@freebsd.org
Subject: Re: Shooting yourself in the foot
In-Reply-To: <Pine.BSF.3.96.971222214741.11353C-100000@shell.futuresouth.com>
Message-ID: <Pine.SGI.3.96.971222232643.16691A-100000@ocala.cs.miami.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

I agree, this works great...but if you didn't add /bin/false to
/etc/shells, then not even su -m can save you.  This was my mistake a
while back with the mshell port.

Joe Clarke

On Mon, 22 Dec 1997, Matthew D. Fuller wrote:

> On Mon, 22 Dec 1997, Joe "Marcus" Clarke wrote:
> 
> > The way I fixed this when I did something similar was to take the system
> > down to single user mode, `shutdown now`, then remount / as read/write,
> > mount -u /, then edit /etc/shells to allow for /bin/false as a valid
> > shell.  Bring the system back up to multi-user and login as a user
> > allowed to su to root.  Then su to root using su -m, you should be able
> > to issue a chsh root then.  If you have no ther users in wheel, then
> > instaed of editing /etc/shells, use vipw to edit the password file and
> > change roots shell back to something else.
> No need to shutdown.
> Just do a su -m, then use vipw to set root's shell back to sh (or csh if
> you're REALLY perverse ;).
> 
> > 
> > Joe Clarke
> > 
> > On Mon, 22 Dec 1997, Javier Henderson wrote:
> > 
> > > 	So, let's say that you changed the root shell to
> > > /bin/false, which I successfully did.
> > > 
> > > 	How do you fix this? Doing "su", of course, does
> > > nothing useful right now...
> > > 
> > 
> 
> *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
> |       FreeBSD; the way computers were meant to be       |
> * "The only reason I'm burning my candle at both ends, is *
> | that I haven't figured out how to light the middle yet."|
> *    fullermd@futuresouth.com      :-}  MAtthew Fuller    *
> |      http://keystone.westminster.edu/~fullermd          |
> *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
> 
>