Re: Adding a superuser
FWIW, I think I would rather have "toor" (or a username of your choosing)
*not* have UID 0, and instead just be permitted to su to root if it
becomes necessary, while having a statically linked shell such as sash.
You can force a shell different from root's usual with the -s (or
--shell=) argument to su. So if root's shell is broken, you could log in
as toor (or any user who can su and who has a non-broken shell) and then:
su -s /bin/sash
which will leave you in a root sash shell.
AFAICT though, this doesn't work with the su from the "secure-su" package,
so buyer beware. :)
Btw, here's another alternative from the sulogin(8) man page:
ENVIRONMENT VARIABLES
sulogin looks for the environment variable SUSHELL or
sushell to determine what shell to start. If the environ
ment variable is not set, it will try to execute root's
shell from /etc/passwd. If that fails it will fall back to
/bin/sh.
This is very valuable together with the -b flag to init.
To boot the system into single user mode, with the root
file system mounted read/write, using a special "failsafe"
shell that is statically linked (this example is valid for
the LILO bootprompt)
boot: linux -b rw sushell=/bin/sash
So you have your choice of methods with which to avoid the extra UID
0. :)
Feel free to poke holes in anything mentioned above, as I have never had a
broken root shell so I've never run into this myself. But it seems to me
they should work fine.
On 9 Jan 2000, Arcady Genkin wrote:
> John Hasler <john@dhh.gt.org> writes:
>
> > lrwxrwxrwx 1 root root 4 Nov 6 19:39 /bin/sh -> bash
>
> Geez! Thanks for pointing this out, I had no idea. I wonder what would
> be the rationale for not including a standard sh in a distro... 8-/
>
> > Make 'sash' toor's shell.
>
> Done. Thanks for the tip.
> --
> Arcady Genkin http://www.thpoon.com
Reply to: