bash - superuser

Micheal Patterson micheal at tsgincorporated.com
Mon Dec 20 09:53:43 PST 2004 

----- Original Message ----- 
From: "Joshua Lokken" <joshua.lokken at gmail.com>
To: "David Landgren" <david at landgren.net>
Cc: <freebsd-questions at freebsd.org>
Sent: Monday, December 20, 2004 11:04 AM
Subject: Re: bash - superuser


> On Mon, 20 Dec 2004 12:29:37 +0100, David Landgren <david at landgren.net>
wrote:
> > Giuliano Cardozo Medalha wrote:
> > > Hi,
> > >
> > > I have a machine with FreeBSD 5.3 - release -p2.
> > >
> > > I have installed bash from ports.
> > >
> > > How is possible to use bash in root account ?
> > >
> > > Thanks a lot
> >
> > Don't.
> >
> > Leave /bin/sh as your shell.
>
> 'Leave' /bin/sh as your shell makes it sound like /bin/sh is the
> default root shell.  Did this change in FreeBSD 5.x?  It appears
> that in 4.x, the root shell is /bin/csh by default, which [I believe]
> is linked to /bin/tcsh.
>
>
> -- 
> Joshua Lokken
> Open Source Advocate

csh is still the default root shell.

At one time, systems required multiple drives due to space. So, these
systems would have a partioning scheme such as:

hda0 - /
hda1 - /var
hda2 - /swap
hda3 - /usr

... and so on depending on their drive capacity at the time. Please keep in
mind that this OS (and it's ancestors) were running on systems that had
multiple drives with 20mb or less in their day. The tree has constantly
grown from those days. As such, many admins use this scheme today because
they either have used this scheme for 10's of years and don't wish to change
their ways. Personal and/or financial reasoning aside as to why they don't
wish to change is totally their decision.

Even so, there are some good points to this methodology. It provides the
ability to not lose the entire system in the event of drive failure. In this
method, having the root shell on another partition invites failure for the
entire system should root's shell reside on a crashed / failed partition. No
root, no repair capability.

On the other hand, many admins use a system with a single drive in them and
use NIS/NFS as their userland drive space. Some may even have /usr/ itself
fed from NFS.

In either method, if you want to use anything other than csh, you will need
to move it to /bin. You want it to be uncorruptable in the event of breach.
So, if you still wish to use bash as the root shell, copy the executable
into /bin, add it to /etc/shells, and set it immutable ("chflags schg
/bin/bash") so that in the event of breach, the shell is still unable to be
modified and will be reachable in the event of NFS or partition failure.

With the state of drives, raid arrays, etc in todays world, either way will
work just as good as the other. Each person has their own preferences for
their own reasons.

--

Micheal Patterson
Senior Communications Systems Engineer
405-917-0600

Confidentiality Notice:  This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

More information about the freebsd-questions mailing list