[TriLUG] to delete root, or not too?

Aaron S. Joyner aaron at joyner.ws
Tue Nov 14 10:00:00 EST 2006 

Alan Porter wrote:

>
>> Another interesting note, is that on most *BSD systems, the root
>> user's shell is csh.  This causes some pain for those people who
>> aren't familiar with it, but since all the boot scripts are written
>> in csh, and run with the root user's shell, you can't reasonably
>> change it and then reboot the system.
>
>
> Any shell programmer worth his salt would explicitly specify the shell
> interpreter in the first line of all shell scripts (the first line
> should contain #!/bin/myshell).  Otherwise, it depends on reading the
> running user's preferred shell (in most cases, from the current value
> of the $SHELL variable).
>
> If these shell scripts were written properly, then it would not matter
> which login shell was in /etc/passwd under the entry for 'root'.  And
> it would not matter which shell the user happened to be running when
> he issued commands.
>
> Anything else is just plain sloppiness.
>
> Alan


So I did some quick googling to check why I had this mental aversion to
changing root's shell.  The *BSD I've tinkered with most was when I ran
a FreeBSD for a couple years.  I distinctly recall some (probably
juvenile) problems and errors when changing root's shell and rebooting. 
Upon reflection, it may not have been a boot scripts issue, but more one
of accessibility of shell in single user mode.  Typically
 on FreeBSD bash is installed from the ports or packages systems, and
typically is dynamically linked, and lives in /usr/bin or
/usr/local/bin.  Of course, on reboot into single user mode (not as
uncommon in the FreeBSD world, an advised practice when upgrading the
base system*, which is sometimes done say, every few months), if /usr
isn't mounted when attempting to invoke the root shell, you get prompted
about which shell you'd like to use.  This is of course, not
catastrophic, just annoying, but seems to be the one reference I can
find to reasons for not changing root's shell**..  I thought I
remembered some more spectacular failure, but perhaps it was just the
"whoop, that's a big ugly error about not being able to find root's
shell..." that sticks in my mind.  Maybe what I had done was naively
copy /usr/bin/bash to /bin/bash, and set that as root's shell.  That
might have caused a more spectacular failure, if when it booted, it
couldn't mount /usr for some reason, so couldn't get to the dynamic
libraries it needed from /usr/lib, thus trying to invoke root's shell
which did exist, and failing?  If someone has a bogus FreeBSD box
sitting around they don't mind potentially temporarily hosing, I'd love
to know the answer.  :)

So in short, Alan is correct.  Any reasonable script worth discussing
will specify it's interpreter, and you should be able to change root's
shell in FreeBSD to something other than csh with at worst only minimal
inconvenience on rebooting into single user mode.  It should go with out
saying that all of the FreeBSD boot scripts should be considered
"reasonable scripts worth discussing".  :)

Aaron S. Joyner

* - http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
** -
http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/security.html#TOOR-ACCOUNT

More information about the TriLUG mailing list