Re: [HEADSUP] making /bin/sh the default shell for root

On Tue, 12 Oct 2021 14:42:48 +0200
Guido Falsi via freebsd-current <freebsd-current@freebsd.org> wrote:

> On 12/10/21 14:21, Gary Jennejohn wrote:
> > On Tue, 12 Oct 2021 06:59:00 -0400
> > grarpamp <grarpamp@gmail.com> wrote:
> >   
> >>> No. The system shell is supposed to make the system usable
> >>> by the users. Actually, the real problem is that the easiest way
> >>> to shoot one's own foot is by changing the language (say, the
> >>> shell) spoken by default by FreeBSD.  
> >>
> >> Well, the FreeBSD system speaks sh for its own use, this is clearly
> >> documented as the shell called by init(8), and later by rc(8),
> >> it should probably be the root:0 entry at least for consistancy.
> >> No other shell is called by the FreeBSD system there.
> >> Whatever the users want for their own shells is really up
> >> to them to decide after that.
> >>
> >> "Default" is bit of low context word, as there is no falling
> >> back to some shell occuring, no filling in for some missing
> >> option, etc. Maybe use word "shipped" or "root" instead.
> >>
> >> Everyone said they already do, and will continue to,
> >> exec whatever shell they like, whether after login,
> >> or by changing the entry. So in addition to the user
> >> being ultimately responsible for their own box and usage,
> >> this well announced entry for UPDATING cannot therein
> >> really be responsible for any user self-shooting.
> >>  
> >>> This is non-sense.  
> >>
> >> Well, FreeBSD does not add every shell in base,
> >> does not add every app to base, etc.
> >> Some reasons for those limits should be obvious.
> >> This update gives further distilling clarity by
> >> limiting the number of shipped uid 0 entries to 1,
> >> with that 1 being sh.
> >>  
> >>> Every unix user should know that it's
> >>> possible to changing the used shell by using
> >>> chsh and this includes root.  
> >>
> >> Then for every user, this update is not a problem.
> >>  
> > 
> > I've been using UNIX both privately and professionally since 1984
> > and I must admit that I never heard of chsh before seeing this
> > e-mail.  I simply use vipw; it's the logical way to do this sort
> > of thing IMHO.  But I suppose that this is the way to go for users
> > who don't have root access (which I always have).  
> 
> AFAIK only root can use vipw, while chsh is usable by all system users.
> 

Which is pretty much what I wrote above.

> Guess you've been root since 1984 :)
> 

On the systems I've had control of, always.  I started out with 4.2BSD
running on a VAX, which didn't have chpass, so csh was the default.  The
VAX was used to cross-compile AT&T III/IV/V to run on Motorola CPUs.

I always had full control of the target machines, although the Bourne
shell was pretty much the only shell available then.

After relocating for that employer from Berkeley to Germany I helped
administer the VAX, so I had to have root access.

Unfortunately, the german spinoff went tits up in 1989 and I decided to
stay in Germany.

And, no matter where I was employed after that, I was always able to
get root access, which I never abused.

But since 2000 I've administered my own FreeBSD machines at home as a
freelancer (but I'm now retired), so root access is always required.

-- 
Gary Jennejohn