sysrc bug

[Eugene Grosbein]

01.06.2021 6:07, Roger Marquis wrote:

>> Also, changing the root shell is bad for many reasons and I'm not
>> surprised that something doesn't work.
> 
> Surprised this old myth is still being repeated.  Having used various
> root shells in FreeBSD and other Unux/Linux systems for decades I have to
> ask specifically what said reasons are, particularly considering
> /usr/sbin/sysrc starts with "#!/bin/sh" (as does and should every system
> shell script).

Original statement was: "one should not change root shell to something like /usr/local/bin/bash"
and/or "one should not change root shell at all" (unless one knows what he does).

There are multiple ways for unexperienced root to breaks things changing its shell:
- vipw allows one to make a misprint typing shell path name rendering root without a shell (so "toor" user was born);
- /usr/local/bin/bash or any other shell residing on file system not mounted in single user mode
and/or requiring libraries residing on not inaccessible file system, including NFS-mounted;
- some historic scripts making assumptions on root shell behaviour etc.

So it is much safer to create distinct non-root user with desired shell and use "su -m"
that raises privileges but keeps user environment intact (HOME, shell, other environment).