[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#93894: lshell sucks, should be removed

I found lshell (orphaned, #93894) is just too braindead.
Its description says:
> Description: Enforce limits to protect system integrity.
>  This program enforces resource quotas stored in a configuration file. It is
>  easier and more secure that writing a shell script in /etc/profile and
>  trying to compare user names in hard-coded if/else type trees.
It is a simple C program that does basically the following:
# * The absolute path of the login shell has exactly one occurrence of
#   the string "/lshells".
# * The directory which contains the binary file of the shell S a user want
#   to use has a directory D such that:
#   - D is named "lshells"
#   - D have a symlink L to /usr/bin/lshell, the binary file of lshell
#   - L and S have the same name
#   For example:
#     /bin/sh (S)
#     /bin/lshells/ (D)
#     /bin/lshells/sh -> /usr/bin/lshell (L)
# * The login shell defined in /etc/passwd must be an appropriate symlink L
#   that is mentioned above (of course, it must be one of the files listed
#   in /etc/shells)
$shell = $ENV{SHELL};
$shell =~ s:/lshells::;
!system($shell) || print STDERR "falling back to sh\n";

This means that a user must have /bin/lshells/ or /usr/bin/lshells/ to use
lshell.  It is ugly.  In fact, the .deb comes with /bin/lshells/ and
/usr/bin/lshells/!  It also has a postinst script which creates the
necessary symlinks and asks the user if it may do a massive chsh for all
non-system users (that is, uid > 99) and then modify /etc/shells (a conffile
of the package "passwd").

lshell needs lots of hack (or a complete rewrite) to follow the FHS.
If a sysadmin wants to set a resource limit now, s/he can use
the pam_limits PAM module.  Therefore I think lshell should be removed
from the Debian archive.

I am not a Debian developer.  Can I file a bug against ftp.debian.org?

Oohara Yuuma <oohara@libra.interq.or.jp>
Graduate-school of Science, Kyoto University
PGP key (key ID F464A695) http://www.interq.or.jp/libra/oohara/pub-key.txt
Key fingerprint = 6142 8D07 9C5B 159B C170  1F4A 40D6 F42E F464 A695

I always put away what I take.
--- Ryuji Akai, "Star away"

Reply to: