Subject: Re: bin/5788: su enhancement: allow root to su explicitly with /bin/sh
To: Todd Vierling <email@example.com>
From: Greg A. Woods <firstname.lastname@example.org>
Date: 07/18/1998 23:55:42
[ On Sat, July 18, 1998 at 10:02:19 (-0400), Todd Vierling wrote: ]
> Subject: Re: bin/5788: su enhancement: allow root to su explicitly with /bin/sh
> : When a user has a non-generic shell (i.e. not one of the normal
> : command-line shells such as /bin/sh, but instead something like
> : /sbin/nologin), it is impossible, even for root, to start a normal
> : shell as that user.
> It's not quite impossible. Try "su -m". That preserves the caller's
> environment, including $PATH and $HOME, however. (For me, it's less useful
> to have a fresh environment for someone with no shell, but that may be
> different for you.)
I'd consider that yet another bug, actually.
"preserving the caller's environment" should be totally separate from
affecting what shell is invoked. I.e. "environment" != shell.
Su currently makes too many assumptions.
In fact it also looks like there's an order-of-exection problem with the
order that perms checks are done too:
23:51  $ su -m daemon -c id
su: permission denied (shell).
I think the error message should appear *before* the "Password:" prompt.
Greg A. Woods
+1 416 443-1734 VE3TCP <email@example.com> <robohack!woods>
Planix, Inc. <firstname.lastname@example.org>; Secrets of the Weird <email@example.com>