Opened 6 years ago
Closed 4 years ago
#5554 closed defect (no-action)
documentation suggests su -s /bin/bash, but the default shell is selected without the -s option
| Reported by: | Andrew | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | programming | Keywords: | |
| Cc: | Parent Tickets: |
Description
If the documentation is merely enforcing the selection of /bin/bash, then perhaps that is redundant, or it should be set in /etc/passwd. if the intention is to give the mediagoblin user no shell access by default, then the thing to do might be to set the shell to /bin/false.
however, the problem with that is that the user is brought back to their root shell, and they may continue with commands that should not be run as root.
Change History (3)
comment:1 by , 4 years ago
comment:2 by , 4 years ago
Hi Ben, and thanks for the update. Yeah, I see that your use case makes a lot of sense. If /bin/sh is the default shell in /etc/passwd, then this command should help with that situation, without needing to change one's default shell.
Feel free to close this issue. : )
comment:3 by , 4 years ago
| Resolution: | → noaction |
|---|---|
| Status: | new → closed |
Closing with no action; thanks Andrew!
Hi Andrew,
Another sorry for the delay, and thanks for taking the time to raise an issue.
I'm not clear on the issue here. As far as I can see, the command is saying "give me a full-featured bash shell to do some one-off setup work in rather than whatever the default is". In that regard it seems to work as I would expect and pops me into bash as the mediagoblin user, rather than sh, which is the default on the machine I tested on.
I'm assuming you're looking at the section "Deployment - Drop Privileges for MediaGoblin".
Could you clarify the issue please?
Regards,
Ben