[ On Sat, July 18, 1998 at 10:02:19 (-0400), Todd Vierling wrote: ]
> Subject: Re: bin/5788: su enhancement: allow root to su explicitly with /bin/sh
>
> : 	When a user has a non-generic shell (i.e. not one of the normal
> : 	command-line shells such as /bin/sh, but instead something like
> : 	/sbin/nologin), it is impossible, even for root, to start a normal
> : 	shell as that user.
> 
> It's not quite impossible.  Try "su -m".  That preserves the caller's
> environment, including $PATH and $HOME, however.  (For me, it's less useful
> to have a fresh environment for someone with no shell, but that may be
> different for you.)

I'd consider that yet another bug, actually.

"preserving the caller's environment" should be totally separate from
affecting what shell is invoked.  I.e. "environment" != shell.

Su currently makes too many assumptions.

In fact it also looks like there's an order-of-exection problem with the
order that perms checks are done too:

	23:51 [83] $ su -m daemon -c id 
	Password:
	su: permission denied (shell).

I think the error message should appear *before* the "Password:" prompt.

-- 
							Greg A. Woods

+1 416 443-1734      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>