Re: Dangers of using a non-base shell
On 2007-11-09 18:10, Alex Zbyslaw <[EMAIL PROTECTED]> wrote: > Giorgos Keramidas wrote: >> i.e. here's an ftp session on my laptop: >> >> [EMAIL PROTECTED]:/root# fgrep ftp: /etc/passwd >> ftp:*:1003:1003:& user:/home/ftp:/usr/sbin/nologin >> [EMAIL PROTECTED]:/root# su ftp >> [EMAIL PROTECTED]:/root$ id >> uid=1003(ftp) gid=1003 groups=1003 >> [EMAIL PROTECTED]:/root$ > > Must be new, because in 5.4 I get: > [...] > I find the behaviour you get definitely undesirable. There are > occasionally accounts have special purpose shells which do work in > some restricted fashion which you *might* want to use (in which case > you can su) or which you might not (so you su -m). [...] False alarm. I had a desynced /etc/pwd.db when this happened. The correct behavior with nologin as the shell is: [EMAIL PROTECTED]:/root# su ftp This account is currently not available. [EMAIL PROTECTED]:/root# > Confused. I apologize for the confusion :/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
Giorgos Keramidas wrote: On 2007-11-09 18:55, Andrew Pantyukhin <[EMAIL PROTECTED]> wrote: On Tue, Oct 30, 2007 at 01:39:12PM +0200, Giorgos Keramidas wrote: I've been using the following for some time: keramida> su - Password: root# exec env SHELL=/usr/local/bin/bash bash -l I know it doesn't work on slolaris^W some Unix flavors, but I've been quite happy with "su -m". Heh, putting the Solaris bashing (sic) aside, I can see how the -m option can be useful some times. After all, it was implemented because *someone* thought it would be neat to have around :-) Actually, there's another reason that root should just stay with sh. On a lot of systems, ones I have seen (and Linux is one of those), poor programming practices mean that many things will break if the root user isn't running sh (or in Linux's case, bash). Ask folks, they'll claim it's untrue, but that's because they themselves run bash, and never saw the breakage. I myself like tcsh, and the breakage is quite real, I finally had to give up using tcsh on those systems. It's not a really strong reason for a FreeBSD user, but for those of us who work among a lot of OSes, it's better to get used to it, because you just can't fight city hall. Trying to fix every single utility on those systems (which I did before I gave up trying) just means nightmares when you have to update stuff. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
Giorgos Keramidas wrote:
On 2007-11-09 16:34, Alex Zbyslaw <[EMAIL PROTECTED]> wrote:
[ discussing `su -m' option ]
Also the only way I know on FreeBSD to interactively become a user
with no real shell (true, nologin etc).
It should be possible to type:
su username
i.e. here's an ftp session on my laptop:
[EMAIL PROTECTED]:/root# fgrep ftp: /etc/passwd
ftp:*:1003:1003:& user:/home/ftp:/usr/sbin/nologin
[EMAIL PROTECTED]:/root# su ftp
[EMAIL PROTECTED]:/root$ id
uid=1003(ftp) gid=1003 groups=1003
[EMAIL PROTECTED]:/root$
Good idea, though :)
Must be new, because in 5.4 I get:
100 {root @ cartman} # fgrep ftp: /etc/passwd
ftp:*:6000:6000:Anon FTP:/home/ftp:/usr/sbin/nologin
101 {root @ cartman} # su ftp
This account is currently not available.
102 {root @ cartman} # id
uid=0(root) gid=0(wheel) groups=0(wheel)
103 {root @ cartman} # su -m ftp
([EMAIL PROTECTED])1% id
uid=6000(ftp) gid=6000(ftp) groups=6000(ftp)
([EMAIL PROTECTED])2% exit
104 {root @ cartman} # /usr/sbin/nologin
This account is currently not available.
105 {root @ cartman} # alias su
106 {root @ cartman} # which su
/usr/bin/su
I find the behaviour you get definitely undesirable. There are
occasionally accounts have special purpose shells which do work in some
restricted fashion which you *might* want to use (in which case you can
su) or which you might not (so you su -m). I don't know off hand of any
PD examples, but I maintain some proprietary software which has an
account which uses a "shell" which understands various keywords and
commands, which restricts what you can do over ssh, for example. But
for maintenance you sometimes just want to be that user with a regular
shell. I can't see how to achieve that given the behaviour you seem to
get with su.
I seem to recall mharc being a bit like this - certainly needed the
Linux equivalent "su -s /bin/csh" when doing stuff with it.
There's no indication in the online man pages that su should behave the
way you've shown it, unless I'm missing something (a distinct
possibility :-)). Even the page from FreeBSD-7 says "The invoked shell
is the one belonging to the target login." Your /usr/sbin/nologin isn't
a real shell, is it? Or you have some alias for su? Who knows, maybe
it's because I run csh - there does seem to be special case code for it
in su.c but I can't see how it would have this effect!
Confused.
--Alex
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On 2007-11-09 16:34, Alex Zbyslaw <[EMAIL PROTECTED]> wrote: > > [ discussing `su -m' option ] > > Also the only way I know on FreeBSD to interactively become a user > with no real shell (true, nologin etc). It should be possible to type: su username i.e. here's an ftp session on my laptop: [EMAIL PROTECTED]:/root# fgrep ftp: /etc/passwd ftp:*:1003:1003:& user:/home/ftp:/usr/sbin/nologin [EMAIL PROTECTED]:/root# su ftp [EMAIL PROTECTED]:/root$ id uid=1003(ftp) gid=1003 groups=1003 [EMAIL PROTECTED]:/root$ Good idea, though :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
Giorgos Keramidas wrote: On 2007-11-09 18:55, Andrew Pantyukhin <[EMAIL PROTECTED]> wrote: On Tue, Oct 30, 2007 at 01:39:12PM +0200, Giorgos Keramidas wrote: I've been using the following for some time: keramida> su - Password: root# exec env SHELL=/usr/local/bin/bash bash -l I know it doesn't work on slolaris^W some Unix flavors, but I've been quite happy with "su -m". Heh, putting the Solaris bashing (sic) aside, I can see how the -m option can be useful some times. After all, it was implemented because *someone* thought it would be neat to have around :-) Also the only way I know on FreeBSD to interactively become a user with no real shell (true, nologin etc). --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On 2007-11-09 18:55, Andrew Pantyukhin <[EMAIL PROTECTED]> wrote: > On Tue, Oct 30, 2007 at 01:39:12PM +0200, Giorgos Keramidas wrote: > > I've been using the following for some time: > > > > keramida> su - > > Password: > > root# exec env SHELL=/usr/local/bin/bash bash -l > > I know it doesn't work on slolaris^W some Unix flavors, but I've > been quite happy with "su -m". Heh, putting the Solaris bashing (sic) aside, I can see how the -m option can be useful some times. After all, it was implemented because *someone* thought it would be neat to have around :-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Tue, Oct 30, 2007 at 01:39:12PM +0200, Giorgos Keramidas wrote: > On 2007-10-29 20:50, Stephen Allen <[EMAIL PROTECTED]> wrote: > > It's been drawn to my attention not to use bash from the ports > > collection, because if one of it's dependencies (gettext or libiconv) > > fails or is updated significantly, it could break, and prevent > > login. The suggested solution was to use a base shell (such as sh) and > > append 'bash -l' to .shrc to automatically enter bash. > > > > The quite annoying side-effect is having to type 'exit' twice to get > > out of a su shell or screen. > > > > Would it be a better idea to use the pre-compiled binary for bash? > > And if I did so, could I be alerted to updates as easy as using > > 'pkg_version -v' when checking if any ports need updating? > > I've been using the following for some time: > > keramida> su - > Password: > root# exec env SHELL=/usr/local/bin/bash bash -l I know it doesn't work on slolaris^W some Unix flavors, but I've been quite happy with "su -m". It changes workflow in many ways, but once you get a handle of it, it can really be useful. E.g. my zsh history is shared between root and the user who su'd into him. And if anything goes wrong, I just drop the -m key. It's another story when it comes to remote login (non-root)... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
"Ang utong ko ay sasabog sa sarap!" exclaimed [EMAIL PROTECTED] while reading this message on Fri, Nov 09, 2007 at 12:00 and then responded with: > Date: Thu, 8 Nov 2007 23:42:08 -0500 (EST) > From: Darren Henderson <[EMAIL PROTECTED]> > Subject: Re: Dangers of using a non-base shell > On Tue, 30 Oct 2007, Roland Smith wrote: > > But if you're starting in single user mode, only / will be > > mounted. So if you have /usr or /usr/local on a separate > > partition, you'd be screwed. > > That is why root should only use a shell that's in the / partition. And since you control the machine that should be easy to do. Put the programs YOU need in a directory on / - even if those are elsewhere in the standard distribution. Yoy may find that you want something that is not there normally. Probably a rare occurance but you won't break anything - particularly if you 'cp' it and not move 'mv' it. > You'll be prompted for a shell if your default isn't available. > I've used bash for the root shell for years. Doesn't mean that > you will never have a problem but this paticular situation > just means you'll have to hit enter to accept /bin/sh or enter > another shell when booting into single user. > -Darren I've been using ksh [not the pd verison but the REAL Korn Shell] for years - even on all the commercial Unix systems I used to maintain. But on FreeBSD I always copy it to /bin/ksh [dropping the 93 extension in the default install] and being of the belt & suspendors mentality I ALWAYS compile it statically - and just checking /bin I find only pgrep and pkill NOT statically linked. Old habits die hard but I surely won't be bitten by a corrupt library. Bill -- Bill Vermillion - bv @ wjv . com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Tue, 30 Oct 2007, Roland Smith wrote: But if you're starting in single user mode, only / will be mounted. So if you have /usr or /usr/local on a separate partition, you'd be screwed. That is why root should only use a shell that's in the / partition. You'll be prompted for a shell if your default isn't available. I've used bash for the root shell for years. Doesn't mean that you will never have a problem but this paticular situation just means you'll have to hit enter to accept /bin/sh or enter another shell when booting into single user. -Darren __ Darren Henderson [EMAIL PROTECTED] Help fight junk e-mail, visit http://www.cauce.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Mon, 2007-10-29 at 20:50 +, Stephen Allen wrote: > It's been drawn to my attention not to use bash from the ports > collection, because if one of it's dependencies (gettext or libiconv) > fails or is updated significantly, it could break, and prevent login. > The suggested solution was to use a base shell (such as sh) and append > 'bash -l' to .shrc to automatically enter bash. > > The quite annoying side-effect is having to type 'exit' twice to get out > of a su shell or screen. > > Would it be a better idea to use the pre-compiled binary for bash? No, as the same problem exists. What you're looking for is a statically compiled binary. There have been a few threads in the October about statically compiling bash. If you look hard enough, you'll even find someone who claims that the only shells for unix lovers are sh, csh, and tcsh. But I like bash's tab completion. No other shell implements it as well that I've found. > And > if I did so, could I be alerted to updates as easy as using 'pkg_version > -v' when checking if any ports need updating? > > Many thanks, > Steve > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
> It's been drawn to my attention not to use bash from the ports
> collection, because if one of it's dependencies (gettext or libiconv)
> fails or is updated significantly, it could break, and prevent login.
> The suggested solution was to use a base shell (such as sh) and append
> 'bash -l' to .shrc to automatically enter bash.
Personally, I use zsh for root's shell, and I just have the port
compile it statically, so I don't have to worry about a broken
dependency. There are other caveats, of course.
In my case, I just throw this in /etc/make.conf:
.if ${.CURDIR:M*/shells/zsh}
NO_SHARED=yes
.endif
Regards,
Josh
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Mon, 29 Oct 2007 20:50:40 + Stephen Allen <[EMAIL PROTECTED]> wrote: > It's been drawn to my attention not to use bash from the ports > collection, because if one of it's dependencies (gettext or libiconv) > fails or is updated significantly, it could break, and prevent login. It's only really root that matters. There is a alternate account called toor which you can use with bash if you like, it has a uid of zero like root, and the same home directory, so it's just the same. It's also possible to build a statically linked version of bash from ports if you want. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Mon, Oct 29, 2007 at 08:50:40PM +, Stephen Allen wrote: > It's been drawn to my attention not to use bash from the ports collection, > because if one of it's dependencies (gettext or libiconv) fails or is > updated significantly, it could break, and prevent login. The suggested > solution was to use a base shell (such as sh) and append 'bash -l' to .shrc > to automatically enter bash. This is only a problem for root. If you want to use bash as root you should compile it statically. See below. > Would it be a better idea to use the pre-compiled binary for bash? And if > I did so, could I be alerted to updates as easy as using 'pkg_version -v' > when checking if any ports need updating? You can define WITH_STATIC_BASH when you're building bash, so the binary is self-contained. But if you're starting in single user mode, only / will be mounted. So if you have /usr or /usr/local on a separate partition, you'd be screwed. That is why root should only use a shell that's in the / partition. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpsNmMLeqBVg.pgp Description: PGP signature
Re: Dangers of using a non-base shell
On Mon, Oct 29, 2007, Stephen Allen wrote: >It's been drawn to my attention not to use bash from the ports >collection, because if one of it's dependencies (gettext or libiconv) >fails or is updated significantly, it could break, and prevent login. >The suggested solution was to use a base shell (such as sh) and append >'bash -l' to .shrc to automatically enter bash. > >The quite annoying side-effect is having to type 'exit' twice to get out >of a su shell or screen. Try using ``exec'' to start these which will replace your current shell with the one being exec'ed. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 Many companies that have made themselves dependent on [the equipment of a certain major manufacturer] (and in doing so have sold their soul to the devil) will collapse under the sheer weight of the unmastered complexity of their data processing systems. -- Edsger W. Dijkstra, SIGPLAN Notices, Volume 17, Number 5 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Mon, Oct 29, 2007 at 08:50:40PM +, Stephen Allen wrote: > It's been drawn to my attention not to use bash from the ports > collection, because if one of it's dependencies (gettext or libiconv) > fails or is updated significantly, it could break, and prevent login. > The suggested solution was to use a base shell (such as sh) and append > 'bash -l' to .shrc to automatically enter bash. I've only ever heard this advice applied to the root account. Generally speaking, I keep my root accounts using /bin/csh and I run (z|k)sh on my user accounts. If something were ever to break, I'd just log in as root to fix it. > The quite annoying side-effect is having to type 'exit' twice to get out > of a su shell or screen. For screen, you can just change the SHELL environment variable before you run it: SHELL=/usr/local/bin/pdksh screen New screen windows will use the new shell. For a more permanent fix, you can add e.g. "shell /usr/local/bin/pdksh" to your .screenrc file. > Would it be a better idea to use the pre-compiled binary for bash? And > if I did so, could I be alerted to updates as easy as using 'pkg_version > -v' when checking if any ports need updating? There was a pretty long thread on this here: http://lists.freebsd.org/pipermail/freebsd-questions/2007-October/159670.html Another issue that you'll have to contend with is that if your filesystem on which bash lives fails to mount, you'll be in the same boat. You could copy it to /bin (which is usually on the same filesystem as / and /boot, meaning you're almost guaranteed to have it, even if other filesystems fail to mount) but I don't like cluttering up my filesystem. > Many thanks, > Steve Erik ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Mon, Oct 29, 2007 at 08:50:40PM +, Stephen Allen wrote: > It's been drawn to my attention not to use bash from the ports > collection, because if one of it's dependencies (gettext or libiconv) > fails or is updated significantly, it could break, and prevent login. Hmm, I guess it *could* happen, but in the 8 years I have been using bash on FreeBSD, it never *has* happened. Of course, that's not to say that it never *will* happen... As long as you adopt a sensible approach to upgrading your installed ports, then I don't think you'll go far wrong - portupgrade can be made to rebuild dependent packages, so any significant change to libiconv can be picked up by all other packages that require it. > The suggested solution was to use a base shell (such as sh) and append > 'bash -l' to .shrc to automatically enter bash. > > The quite annoying side-effect is having to type 'exit' twice to get out > of a su shell or screen. You could instead do something like this (untested!): if (bash --version > /dev/null) then exec bash fi which will replace your login shell with a bash, as long as bash can successfully run and display its version info. Then you only have one shell to kill to log out. > > Would it be a better idea to use the pre-compiled binary for bash? And > if I did so, could I be alerted to updates as easy as using 'pkg_version > -v' when checking if any ports need updating? Using a binary package will make no difference - it will still cause dependencies to be installed, just as if you built it from source. As long as you take time to check which ports/packages need updating at any particular time, and keep an eye on /usr/ports/UPDATING, then you shouldn't go far wrong. If you are really worried about it, then you can build a static bash, which you can then install on your / fs. Set WITH_STATIC_BASH and you can put the resulting monolithic binary anywhere you like. And yes, pkg_version -v will tell you which ports/packages are outdated, whether you installed them from binary packages or from source. To get a slightly clearer result, try # pkg_version -v | grep -v = to only see outdated ports. HTH Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Mon, Oct 29, 2007 at 08:50:40PM +, Stephen Allen wrote: > It's been drawn to my attention not to use bash from the ports > collection, because if one of it's dependencies (gettext or libiconv) > fails or is updated significantly, it could break, and prevent login. Hmm, I guess it *could* happen, but in the 8 years I have been using bash on FreeBSD, it never *has* happened. Of course, that's not to say that it never *will* happen... As long as you adopt a sensible approach to upgrading your installed ports, then I don't think you'll go far wrong - portupgrade can be made to rebuild dependent packages, so any significant change to libiconv can be picked up by all other packages that require it. > The suggested solution was to use a base shell (such as sh) and append > 'bash -l' to .shrc to automatically enter bash. > > The quite annoying side-effect is having to type 'exit' twice to get out > of a su shell or screen. You could instead do something like this (untested!): if (bash --version > /dev/null) then exec bash fi which will replace your login shell with a bash, as long as bash can successfully run and display its version info. Then you only have one shell to kill to log out. > > Would it be a better idea to use the pre-compiled binary for bash? And > if I did so, could I be alerted to updates as easy as using 'pkg_version > -v' when checking if any ports need updating? Using a binary package will make no difference - it will still cause dependencies to be installed, just as if you built it from source. As long as you take time to check which ports/packages need updating at any particular time, and keep an eye on /usr/ports/UPDATING, then you shouldn't go far wrong. If you are really worried about it, then you can build a static bash, which you can then install on your / fs. Set WITH_STATIC_BASH and you can put the resulting monolithic binary anywhere you like. And yes, pkg_version -v will tell you which ports/packages are outdated, whether you installed them from binary packages or from source. To get a slightly clearer result, try # pkg_version -v | grep -v = to only see outdated ports. HTH Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
Stephen Allen wrote: > It's been drawn to my attention not to use bash from the ports > collection, because if one of it's dependencies (gettext or libiconv) > fails or is updated significantly, it could break, and prevent login. > The suggested solution was to use a base shell (such as sh) and append > 'bash -l' to .shrc to automatically enter bash. > > The quite annoying side-effect is having to type 'exit' twice to get out > of a su shell or screen. > I tend to activate the toor user and use bash with toor and csh with root, After all thats kind of why its there :) ([EMAIL PROTECTED])$grep toor /etc/passwd toor:*:0:0:Bourne-again Superuser:/root:/usr/local/bin/bash Vince > Would it be a better idea to use the pre-compiled binary for bash? And > if I did so, could I be alerted to updates as easy as using 'pkg_version > -v' when checking if any ports need updating? > > Many thanks, > Steve > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
Stephen Allen <[EMAIL PROTECTED]> writes: > It's been drawn to my attention not to use bash from the ports > collection, because if one of it's dependencies (gettext or libiconv) > fails or is updated significantly, it could break, and prevent > login. The suggested solution was to use a base shell (such as sh) and > append 'bash -l' to .shrc to automatically enter bash. The root account has a duplicate `toor'. Thus administrators can change `toor' login shell to their preferred, with no risk of making the `root' account unusable. Regarding user accounts, I have no suggestions. BTW, when I moved from Linux to FreeBSD, I wanted to use BASH as my login shell. On day, I decided to try TCSH: user experience in FreeBSD is awesome, and since TCSH is the default shell there, I was convinced it was worth. My try was a switch, first because TCSH has cool features (see tcshrc at sourceforge) and second because of the advantage of using a shell you cannot program. The advantage is that you I not write illegible one-liners that cripple my files because I hit ENTER instead of BACKSPACE. In lieu of one-liners I now write one-filers, and I have much less shell incident than before. -- Best regards, Michaël ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On Mon, Oct 29, 2007 at 08:50:40PM +, Stephen Allen wrote: > It's been drawn to my attention not to use bash from the ports collection, > because if one of it's dependencies (gettext or libiconv) fails or is > updated significantly, it could break, and prevent login. The suggested > solution was to use a base shell (such as sh) and append 'bash -l' to .shrc > to automatically enter bash. > > The quite annoying side-effect is having to type 'exit' twice to get out of > a su shell or screen. > > Would it be a better idea to use the pre-compiled binary for bash? And if > I did so, could I be alerted to updates as easy as using 'pkg_version -v' > when checking if any ports need updating? With some of the shells there's the option to compile them statically, which would avoid the problem. You could possibly also put "bash -l && exit" in your .shrc, which would exit if bash exited successfully. I haven't tested it, but it should work. A precompiled binary wouldn't help, AFAIK, because you still wouldn't be able to use it if there was a problem with one of the libraries. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
On 2007-10-29 20:50, Stephen Allen <[EMAIL PROTECTED]> wrote: > It's been drawn to my attention not to use bash from the ports > collection, because if one of it's dependencies (gettext or libiconv) > fails or is updated significantly, it could break, and prevent > login. The suggested solution was to use a base shell (such as sh) and > append 'bash -l' to .shrc to automatically enter bash. > > The quite annoying side-effect is having to type 'exit' twice to get > out of a su shell or screen. > > Would it be a better idea to use the pre-compiled binary for bash? > And if I did so, could I be alerted to updates as easy as using > 'pkg_version -v' when checking if any ports need updating? I've been using the following for some time: keramida> su - Password: root# exec env SHELL=/usr/local/bin/bash bash -l The same trick works with s/bash/mksh/ or s/bash/pdksh/, as far as I can tell, and tcsh's history mechanism makes it easy to run the same command later. All I have to type is "exec " and hit the arrow-up key :) The env(1) trick makes sure that sub-shells use bash(1) too, and 'exec' reduces the number of 'exit' commands I have to type. Now, if there's a problem with bash(1), I will probably have to su again, but that's less trouble than being locked out because gettext has broken, the *default* root shell is bash and _that_ fails all the time. - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dangers of using a non-base shell
> The quite annoying side-effect is having to type 'exit' twice to get out > of a su shell or screen. It seems that another anoying effect is that it breaks scp(1) Best regards, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
