Bug#93894: lshell sucks, should be removed

To: 93894@bugs.debian.org
Cc: oohara@libra.interq.or.jp
Subject: Bug#93894: lshell sucks, should be removed
From: Oohara Yuuma <oohara@libra.interq.or.jp>
Date: Sat, 19 Jan 2002 12:45:13 +0900 (JST)
Message-id: <[🔎] 20020119.124513.41649327.oohara@grain>
Reply-to: Oohara Yuuma <oohara@libra.interq.or.jp>, 93894@bugs.debian.org

I found lshell (orphaned, #93894) is just too braindead.
Its description says:
> Description: Enforce limits to protect system integrity.
>  This program enforces resource quotas stored in a configuration file. It is
>  easier and more secure that writing a shell script in /etc/profile and
>  trying to compare user names in hard-coded if/else type trees.
It is a simple C program that does basically the following:
#!/usr/bin/perl
# BEGIN BIG ASSUMPTIONS
# * The absolute path of the login shell has exactly one occurrence of
#   the string "/lshells".
# * The directory which contains the binary file of the shell S a user want
#   to use has a directory D such that:
#   - D is named "lshells"
#   - D have a symlink L to /usr/bin/lshell, the binary file of lshell
#   - L and S have the same name
#   For example:
#     /bin/sh (S)
#     /bin/lshells/ (D)
#     /bin/lshells/sh -> /usr/bin/lshell (L)
# * The login shell defined in /etc/passwd must be an appropriate symlink L
#   that is mentioned above (of course, it must be one of the files listed
#   in /etc/shells)
# END BIG ASSUMPTIONS
$shell = $ENV{SHELL};
$shell =~ s:/lshells::;
&set_limit();
!system($shell) || print STDERR "falling back to sh\n";
system("/bin/sh");

This means that a user must have /bin/lshells/ or /usr/bin/lshells/ to use
lshell.  It is ugly.  In fact, the .deb comes with /bin/lshells/ and
/usr/bin/lshells/!  It also has a postinst script which creates the
necessary symlinks and asks the user if it may do a massive chsh for all
non-system users (that is, uid > 99) and then modify /etc/shells (a conffile
of the package "passwd").

lshell needs lots of hack (or a complete rewrite) to follow the FHS.
If a sysadmin wants to set a resource limit now, s/he can use
the pam_limits PAM module.  Therefore I think lshell should be removed
from the Debian archive.

I am not a Debian developer.  Can I file a bug against ftp.debian.org?

--
Oohara Yuuma <oohara@libra.interq.or.jp>
Graduate-school of Science, Kyoto University
PGP key (key ID F464A695) http://www.interq.or.jp/libra/oohara/pub-key.txt
Key fingerprint = 6142 8D07 9C5B 159B C170  1F4A 40D6 F42E F464 A695

I always put away what I take.
--- Ryuji Akai, "Star away"

Reply to:

Follow-Ups:
- Re: Bug#93894: lshell sucks, should be removed
  - From: Oohara Yuuma <oohara@libra.interq.or.jp>
- Re: Bug#93894: lshell sucks, should be removed
  - From: Junichi Uekawa <dancer@netfort.gr.jp>

Prev by Date: Re: Vanishing /usr/doc symlink
Next by Date: Re: Bug#93894: lshell sucks, should be removed
Previous by thread: Re: Bug#129913: ITP: ksensors -- ksensors - kde lm-sensors frontend
Next by thread: Re: Bug#93894: lshell sucks, should be removed
Index(es):
- Date
- Thread