Subject: Re: Single user mode files (was: Rototil ...)
To: William Allen Simpson <wsimpson@greendragon.com>
From: Steven M. Bellovin <smb@research.att.com>
List: current-users
Date: 06/06/2003 15:42:42
In message <3EE0DB98.F2D0EB8D@greendragon.com>, William Allen Simpson writes:
>"Steven M. Bellovin" wrote:
>>
>> In message <20030605235926.GF7074@goldberry.poofy.goof.com>, "Aaron J. Grier
>" w
>> rites:
>> >On Thu, Jun 05, 2003 at 12:05:53PM -0700, Greywolf wrote:
>> >
>> >> It's up to the individual, of course, and I can see where / and /usr
>> >> make a good merge now (but don't enforce it, please, by doing
>> >> something stupid like making dependencies on /usr being mounted in
>> >> single-user mode!),
>> >...
>> >how far can things be split out?
>> >
>> >what is the minimum partition required for single user mode?
>> >...
>> >
>> >besides /bin, /sbin, and /dev, what else is necessary on the root
>> >partition for single user mode?
>> >
>>
>> Probably /etc, for /etc/rc* to get out of single-user mode cleanly.
>>
>Funny thing, I was just annoyed the other day about a /usr dependency
>in single user mode. You see, I'd not su'd on that particular machine
>in over 4 months, and couldn't remember the root password. (All my
>machines have different passwords for every account, don't yours? And
>of course, I wouldn't write them down, would you?)
>
>passwd is in /usr/bin. Not even /usr/sbin -- where I'd have guessed
>"security" binaries might be stored!
>
>In single user mode, without /usr mounted, it took a long time to find.
>
>IMHO, passwd really should be in /sbin. And chmod, more & less, and
>other really basic file commands, should be in /bin.
passwd is invoked by ordinary users, which means it should be in /bin
if it's to be moved.
>
>The reason I hadn't used the root password on that particular machine
>is: NetBSD won't let me SSH to root.... Oh, I already did that rant 6
>months ago when I came back to NetBSD after a long hiatus....
Sure you can -- just set
PermitRootLogin yes
in /etc/ssh/sshd_config.
The philosophical split between /bin (/sbin) and /usr/bin (/usr/sbin)
is whether or not you "need" it while in single-user mode; it has
nothing to do with security, but rather, with repair. On those
grounds, The split between /bin (/usr/bin) and /sbin (/usr/sbin) is
whether or not ordinary users need the command. They do need passwd.
They don't need chown, since it's privileged.
ipsec is an interesting case, since arguably it's a crucial part of
networking that you need before going multi-user, i.e., to mount a
remote file system securely.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)