Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!zaphod.mps.ohio-state.edu!usc!snorkelwacker!spdcc!ima!minya!jc
From: jc@minya.UUCP (John Chambers)
Newsgroups: comp.unix.questions
Subject: Re: ksh bad for root?
Summary: vipw doesn't like it...
Message-ID: <105@minya.UUCP>
Date: 13 Feb 90 03:32:33 GMT
References: <9872@pyr.gatech.EDU>
Lines: 29

In article <9872@pyr.gatech.EDU>, peggy@pyr.gatech.EDU (Cris Simpson) writes:
> 
> 	I heard someplace (don't remember where) that root should not
> have /bin/ksh as the login shell.  Is this true?  Why?
> 
> This may have come from a(n?) HP publication.

It may be because of problems like I've seen recently on some DECstations 
where we installed tcsh.  Several users liked it so much that they made
it the login shell of all the system pseudo-users, including root.  Then
they tried editing the password file with vipw.  When they said to :w 
their changes, vipw refused, on the grounds that root had an illegal
shell.  It seems that vipw likes to "protect" you from producing a bogus
root account, and it does so by having hard-coded names of allowed shells.
Investigation showed that vipw is a compiled program, so unless you have
the source, you can't use any shells for root except those on its very
short list.

Or you can do as most of these users have done, and just change the
passwd file with vi or emacs.  So much for that attempt to hold the
users' hands.

[Now let's see if this newly-installed level 18 news will post a
followup correctly...]

-- 
John Chambers ...!{harvard,ima,mit-eddie}!minya!jc

[Sorry, no clever saying today.]