help-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-bash] New bash build as default shell

From: John Aten
Subject: Re: [Help-bash] New bash build as default shell
Date: Wed, 8 Oct 2014 14:55:05 -0500 
Hi all,

I was able to boot in with Knoppix and correct my /etc/passwd and everthing 
went fine. I can't recommend Knoppix enough for anyone with a similar disaster. 
I then added the new bash to my /etc/shells, and now have the new build as the 
default for both accounts. 

I apologize for the slightly off topic post, but at the time I wasn't entirely 
sure that it was off topic.

Thanks for the suggestions and help!


On Oct 5, 2014, at 6:02 PM, Bob Proulx wrote:

> John Aten wrote:
>> I am new to the list, and was wondering if anyone had any ideas
>> about the following problem.
> 
> This almost has more in common with Debian than with Bash.  And so I
> almost suggest the debian-user mailing list for discussion. :-)
> 
>> I am running Debian Wheezy on a Dell Inspiron laptop. I just built
>> bash 4.3.29 from source. I wanted to change my root and one user
>> account to use it as the default shell. I ran sudo chsh and entered
>> /usr/local/bin/bash, and everything was fine. I could log in and
>> out, run commands, and the $SHELL and $BASH_VERSION environment
>> variables confirmed the change.
> 
> Sure.  You were root when you made that chsh change.  So of course it
> was allowed and all was okay.  Root is the superuser and not
> restricted from doing this.  But...
> 
>> Things got hinky, though when I tried to change my regular, non-root
>> user account. While logged in as my regular user, I entered chsh,
>> but when I typed in the path, it says that I had entered an invalid
>> shell.
> 
> Right.  The list of valid shells is /etc/shells.  Since you didn't add
> /usr/local/bin/bash to that list it isn't considered a valid shell.
> All is working as it is designed to work.  If you want to make another
> shell such as your self-compiled one accepted as a valid shell you
> should add it to the /etc/shells list.  You can find information about
> this in the "man chsh" documentation.
> 
>> I tried sudo chsh, and the same. I was perplexed by this, as
>> it seemed perfectly valid when I ran it as this user by typing the
>> path into the command line of the previous default shell. Commands
>> run normally, and $BASH_VERSION returns the right number. I tried to
>> change my regular user's shell again and got the same error. I
>> triple checked the path, and tried again, this time while logged in
>> as root. It then returned:
>> 
>> chsh: PAM: Authentication failure
> 
> Many things will check that the shell is a valid login shell from the
> list in /etc/shells before the login is allowed.  Consider that people
> disable accounts by changing the login shell to one not in /etc/shells
> specifically to disable the login.
> 
>> I logged in as root and changed the shell for my regular user
>> account in /etc/passwd, but after this I couldn't log in to my
>> regular user account at all.
> 
> I expect that a typo error of some sort was made.  Editing the file
> manually will work.  But if a mistake is made then of course it
> depends upon the mistake.
> 
>> At first it gave me a 'login incorrect' error, but on repeated
>> attempts it would give what looks like a 10 or 15 line message, but
>> the screen clears so quickly I can't read it.
> 
> I find the screen clearing extremely annoying and not an enhancement
> to security.  Others disagree and have made it so that the screen is
> cleared in several different places.  Grr...  One place is that newer
> getty clears the screen by default unless --noclear is given to
> getty.  (Plus there is .bash_logout with a clear often too.)
> 
> I always disable the screen clearing.  I am okay accepting the
> responsibility that if I leave something security or privacy related
> on the screen that it is my responsibility to clear it manually if I
> don't want it displayed when I log off.
> 
> To disable getty clearing the screen add --noclear to the /etc/inittab
> such that it looks like this.  For Debian Wheezy 7 that you specified
> and earlier but not for Jessie 8 or later since systemd does this
> differently.  After editing the file send a SIGHUP to init to have it
> re-read the file.
> 
>  1:2345:respawn:/sbin/getty --noclear 38400 tty1
> 
> Otherwise when the shell exits (due to the errors) the getty will
> respawn and it will clear the screen.
> 
>> I logged in as root and changed my regular user's default shell back
>> to the previous /bin/bash, and now it works fine.
> 
> I suspect a typo in your previous edit.  Or an error in your path.  Or
> an error in your shell.  Because using /usr/local/bin/bash as a login
> shell works perfectly fine.  You said it worked fine for you when you
> did it to the root user.  So the path was fine.
> 
> If it works as a login shell for root but not as a non-root user then
> one possible problem is that the file permissions do not allow
> non-root users to execute the shell.  But there are many errors
> possible.  I couldn't guess all of them.
> 
> Bob
reply via email to
[Prev in Thread] Current Thread [Next in Thread]