SUMMARY: is changing root account shell a good idea?

From: Charles Vachon <cvachon2_at_mrn.gouv.qc.ca>
Date: Tue, 27 Apr 1999 10:48:42 -0400

Hello again admins,

In my partial summary posted last week, I asked responders to resend their
message to my mailbox if these were not included in the summary. I received
several new responses, confirming that mail sent to me was really lost at
some point last week.

So, thanks to the following people, for either resending their responses, or
preparing new ones in light of comments published in the partial summary:

Hank Lee <hank.lee_at_vta.org>
Davis <Davis_at_Tessco.Com>
Larry Griffith <larry_at_cs.wsc.ma.edu>
Lawrence Decker <ldecker_at_pbchcd.state.fl.us>
Jerome M Berkman <jerry_at_uclink4.berkeley.edu>
Ian Mortimer <ian_at_physics.uq.edu.au>

The original question was:

> Hello managers,
>
> What are the pro's and con's of changing the shell for the root account
> in /etc/passwd? The default /bin/sh is rather limited for interactive
> usage, and typing "ksh -o emacs" in every starting session is annoying.
> The compelling choice is: change the root's shell to /bin/ksh, but is it
> a good idea?
>
> I will post a summary of your thoughts, opinions, comments, etc...
>
> Thank you!

Again, opinions vary, to the point that some are in contradiction. By
respect to their contents, I reproduced them all integrally below. Responses
contained in the partial summary are not reproduced here. I invite you to
consult "partial
SUMMARY: is changing root account shell a good idea?" for the first batch of
responses received on this subject".

####################

Hank Lee:

Charles,

I've been told, and I've always believed, that root should have a shell
that was statically linked. Statically linked shells do not require
dynamic runtime libraries, and therefore not dependent on them. If, for
some reason, some of your dynamic runtime libraries got corrupted, your
system may crash and your dynamically linked shell might not run. Another
possibility is that if a clever hacker gets onto your system, and sees
that root uses a dynamically linked shell. He may replace one or more of
those dynamic runtime libraries with ones that compromises your system
security even more. This used to be a problem when I worked at an
educational institution, running Sun Solaris.

As far as I know, root's default shell, /sbin/sh, is not dynamically
linked:

% file /sbin/sh
sh: COFF format alpha demand paged executable or object module
stripped - version 3.11-10

ksh, however, is:

% file /bin/ksh
ksh: COFF format alpha dynamically linked, demand paged executable or
object module stripped - version 3.11-10

--
Hank Lee <hank.lee_at_vta.org>
UNIX Systems Administrator
SAP Basis Administrator
Santa Clara County Transit District
####################
Davis:
Charles,
  Changing root's shell has no affect on boottime procedures. If you look at
the /sbin/rc2 and rc3 scripts they do explicit shell checks before executing
the startup scripts. The shell used in single user mode is /sbin/sh (not
/bin/sh as noted in one reply).
In fact, /bin is simply a link to /usr/bin and many binaries in /usr/ucb are
hard links to /usr/bin files.
It is /not/ a good idea to create one big / partition that contains both /
and /usr as was described in one reply. This is not supported and will break
installupdate and dupatch installation.
Note that even in single user mode, many binaries in /sbin are no longer
linked static. They use the shared libraries in /shlib.
Alan Davis
Tru64 Unix Consultant
####################
Larry Griffith:
Dear Charles,
        Sorry to hear about all your mail troubles.  I have used ksh as a
root
shell for years without problems.  I would echo the sentiments in your
partial
summary about making sure your shell is available in /.  Granted that su
works
for most tasks, still some things must be done directly as root (like
changing
the root password).  vipw works fine with ksh.
                                                        Larry
####################
Lawrence Decker:
I changed all three of my DEC servers to bash as my root shell
account.  First check to see if the shell you want is in the
/etc/shell file.  After that dxaccount, and change the shell.
Lawrence Decker
Palm Beach County Health Care District
Where ever you go...There you are
####################
Jerome Berkman:
I think /bin is always a symbolic link for /usr/bin on Digital UNIX
(but not necessarily elsewhere).  Maybe the point is to make sure
the shell is in / as sh is in /sbin/sh, but csh and ksh are not in /
But we do use:
        root:*:0:1:UCLINK4 Root,,,:/:/bin/csh
and have not gotten into any trouble so far...
        - Jerry Berkman, UC Berkeley
####################
Ian Mortimer:
Hi Charles
We've been using bash or ksh as our root shell here for years
without any problems.
> Make certain that whatever shell you use is in /bin, not /usr/bin.
> Don't use a link.  That way if you have to boot into single user,
> you still have a shell.
This is false.  You always get /sbin/sh in single user no matter
what shell is specified in /etc/passwd.  You have to do 'exec ksh'
(or whatever) in single user to get your preferred shell.
Ian
####################
Many thanks to all who took time to share ideas on this matter.
--
===============================================
Charles Vachon tel: (418) 627-6355 x2760
  email: cvachon2_at_mrn.gouv.qc.ca
  Administrateur de système
  FRCQ/Ministère des Ressources
  Naturelles du Québec
===============================================

Received on Tue Apr 27 1999 - 14:52:00 NZST