[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sash



Hi.

In article <[🔎] 19990920190014.A3598@usatoday.com>
 raul@usatoday.com (Raul Miller) writes:

> > I think you should just use useradd to edit the password file.
> 
> You mean without ensuring that the password is useful?
> 
> I've already elected to give the admin a choice (whether or not to add
> the account -- that'll be in the next release).  The problem with password
> prompting is that it doesn't fit well into an automated or gui install.
> 
> Under these circumstances do you still feel it's useful to add
> a locked account?

How about to include following small script
 (maybe "/sbin/sashpasswd" with permission 0700 or 0744):

    #! /bin/sh
    PATH=/usr/bin
    passwd root
    passwd sashroot

and promote to use it instead of passwd command itself in changing
the root's password.

I think about hacking the passwd command, but it may go difficult work as 
the passwd package has so many patches, and not so efficient work to hack 
with other package, at least for me, I feel. It may be better just to use it.

You wrote:

  | Ok, I'll put back a single install time question where the sysadmin has
  | one of several options: sash is inert and doesn't manage the password
  | file, sash will become the root shell, sash will create a sashroot
  | account from the current root account and use that as it's shell.
  | 
  | And some notes on how to change this.

then, the action maybe 

    a) sash is inert and doesn't manage the password file.
        : only put the files into their place.

    b) sash will become the root shell.
        : a) + use "usermod -s /bin/sash root" or "chsh -s /bin/sash root"

    c) sash will create a sashroot account from the current root
       account and use that as it's shell.
        : the default setting for 3.3-6

and (here is my proposal)

    d) sash will create a locked sashroot account with useradd, and 
       display the message to use sashpasswd above as soon as possible.

By the way, /bin/sash is not listed on /etc/shells. Is it Okay ?

# sash may be not the choise for ordinary users, but it does not
# need to prohibit to use sash as login shell by normal users.

## Well, I should file this to passwd package as wishlist,,,

 Thanks.

-- 
  Taketoshi Sano: <sano@debian.org>,<sano@debian.or.jp>,<kgh12351@nifty.ne.jp>


Reply to: