From owner-freebsd-questions@FreeBSD.ORG Mon Dec 20 21:55:00 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F6E216A4CE for ; Mon, 20 Dec 2004 21:55:00 +0000 (GMT) Received: from clunix.cl.msu.edu (clunix.cl.msu.edu [35.9.2.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 021DC43D39 for ; Mon, 20 Dec 2004 21:55:00 +0000 (GMT) (envelope-from jerrymc@clunix.cl.msu.edu) Received: (from jerrymc@localhost) by clunix.cl.msu.edu (8.11.7p1+Sun/8.11.7) id iBKLsrt13676; Mon, 20 Dec 2004 16:54:53 -0500 (EST) From: Jerry McAllister Message-Id: <200412202154.iBKLsrt13676@clunix.cl.msu.edu> To: tom@vilot.com (Tom Vilot) Date: Mon, 20 Dec 2004 16:54:51 -0500 (EST) In-Reply-To: <41C6EE24.4080606@vilot.com> from "Tom Vilot" at Dec 20, 2004 08:22:12 AM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: FreeBSD Questions Subject: Re: bash - superuser X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Dec 2004 21:55:00 -0000 > > >Using a shell not contained in the root filesystem can cause problems > >even when not in single user mode. There are enough examples in the archives. > > > Admittedly, I'm still a bit of a noob, but I can't stand any shell but > bash. > > >>I really don't get what the problem is with this 'sh is on the root' argument. > >>Using bash is a lot more productive for many people, so why not let them use it? > >> > >No problem for people to be productive with bash or whatever shell they > >prefer. Just not for root. You should not even use the root account unless > >absolutely necessary. > > > Ya mean like ... > > ... editing /etc/rc.conf > ... installing a port or package > ... updating the ports tree and/or running portupgrade > ... configuring the firewall > ... backing up the file system > ... checking /var/log files for attempts at cracking > ... reading root's email > ... rsyncing to a remote server > > I would be curious how I could do any of the above as someone other than > root. Then the thing to do is create another root account and make the default shell for that one be bash, leaving the root root be /bin/sh. Then, just use the other account for all that stuff, and keep the root root pristine for disasters. Alternatively, while you are logged in as the root root and the needed file systems are mounted, type '/usr/local/bin/bash' or whatever path it is installed as and viola you have bash. ////jerry