-----BEGIN PGP SIGNED MESSAGE----- OK, I am sure this has been discussed to death at some point, but I just have to ask: Is it really a good idea to have /bin/sh a symlink to bash? I know bash is a nicer shell to use, and provides a superset of the traditional sh's functionality, but I think that it's a better idea to use something like ash as /bin/sh, or at least as root's default login shell.
This post in inspired by a recent post to this list made by someone who broke all logins on their system by screwing up libncurses or something like that. Root couldn't even log in. This is a very bad thing, especially for remotely administered machines for which booting with a rescue floppy is not practical. I suggest that Debian ship something like ash as the default root login shell. Ash has 2 library dependencies, as compared to bash's 5 (a fully statically linked ash would be even better). By reducing the number of things that root's shell depends on, we reduce the number of things that could prevent root from being able to log in. Another reason I feel that linking /bin/sh to /bin/bash is that, because bash contains a superset of the sh functionality, it's too easy to write shell scripts (as in #!/bin/sh) that are really bash scripts. This screws with portability in a way that the author might not even be aware of. Yet another reason (though this is more my own personal philosophy) is that root's environment should not be a comfortable environment to work in. A user should only log in as root when a specific root-level task needs to be done. Tab-completion and command history are bad things in root's environment, if you ask me. It's far easier for a single erroneous keypress to blow something crucial away when thse two features are present. Can anyone give a counter-argument as to why bash SHOULD be used as /bin/sh and as root's login shell? Is there anything in Debian that will break if I install ash and use it as root's login shell? I will most likely not go changing /bin/sh to point to /bin/ash out of concern for the possibility that Debian setup scripts might depend on bash and break if I use ash. Noah PGP public key available at http://lynx.dac.neu.edu/home/httpd/n/nmeyerha/mail.html or by 'finger -l [EMAIL PROTECTED]' This message was composed in a 100% Microsoft free environment. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNu1nMYdCcpBjGWoFAQEfSwQAuqcvcC3h6otcG8PcOeNn5FrVJI4peytO a4Mou5b8OEe6i3uWgvJmS5mYU1P/OxtNtqlbgu11kZ9WrIwbhkosQHEV6teoeqtQ gA3cBQcpzs0YvKgWI2Cd23Z2pPZERjoRZHROrAtwEXfOLFWHhHB0iP/kEptgjBpH h5GnYKqqz4A= =Kd4a -----END PGP SIGNATURE-----
