[Pkg-shadow-devel] Bug#293492: useradd: by default creates user with unspecified shell, this causes problems

Martin Quinson martin.quinson@loria.fr
Thu, 12 May 2005 13:41:58 +0200 

--qD3brAgIG4LbUq6d
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, May 12, 2005 at 12:56:33PM +0200, Tomasz K?oczko wrote:
> On Thu, 12 May 2005, Martin Quinson wrote:
> [..]
> > And, as a conclusion, I'd like to note that if you agree with me, the f=
ix
> > follows:
> > Index: shadow-4.0.3/src/useradd.c
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> > --- shadow-4.0.3.orig/src/useradd.c	2005-05-12 11:05:27.577364326 +0200
> > +++ shadow-4.0.3/src/useradd.c	2005-05-12 11:07:39.748616230 +0200
> > @@ -76,7 +76,7 @@ RCSID (PKG_VER "$Id: useradd.c,v 1.32 20
> >  static gid_t def_group =3D 100;
> >  static const char *def_gname =3D "other";
> >  static const char *def_home =3D "/home";
> > -static const char *def_shell =3D "";
> > +static const char *def_shell =3D "/bin/bash";
> >  static const char *def_template =3D SKEL_DIR;
> > =20
> >  #ifdef SHADOWPWD
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> >=20
> > Should we discuss any further for such a simple thing?
>=20
> In Solaris if user do not have specified in passwd shell program this mea=
n=20
> user uses /bin/sh. Probably it will be good prepare for this shadow, PAM=
=20
> and other things. For example on Solaris is very usefull if shell for roo=
t=20
> account will be entered ith some typos. In this case on login is showed=
=20
> error message about this and as fall back shell is runed /bin/sh. /bin/sh=
=20
> is also runed as fall back shell if shell specified in passwd wil finish=
=20
> work with SIGSEV. This kind behavior few times save my ass^H^H^H^H^H^Hman=
y=20
> time on system recovery.
>=20
> And second: in system *must be* installed /bin/sh but /bin/bash is allway=
s=20
> optional.
> Summarize: above patch can't be commited in shadow CVS source tree.

What if we have:
-static const char *def_shell =3D "";
+static const char *def_shell =3D "/bin/sh";

I agree that putting bash is not a great idea, I just wanted to mimick the
previous fix to that bug, back in the days.

It would fix half of the issue you report, at least, by setting a sane
default. Then, we have to make sure that it is also a fallback for when
things go seriously wrong. But this may be seen as a separate issue.

Bye, Mt.

--qD3brAgIG4LbUq6d
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCg0EGIiC/MeFF8zQRAuVhAKCk29+f2pJNfolm6ojadcECQqn7kwCfexb4
WKA7YYvs4bFl6rK/cn0efLI=
=Pusv
-----END PGP SIGNATURE-----

--qD3brAgIG4LbUq6d--