On Mon, Apr 04, 2011 at 08:32:50PM +0100, Lars Wirzenius wrote: > On ma, 2011-04-04 at 19:43 +0100, Roger Leigh wrote: > > Regarding the root shell issue, I wouldn't have an issue with it > > being /bin/sh. The admin is always free to chsh it to the shell > > of their choice.
> We could even have d-i set the root shell to bash if it installs bash. > Or have bash do it always, even, if root's shell is /bin/sh. This doesn't address the problem that the package manager will no longer be treating bash as Essential, with the result that root's login shell may be rendered unusable at some point during an upgrade. It also removes the requirement that the bash maintainer ensure the package is usable when unpacked but not yet configured. How do we mitigate this? The latter could be mitigated by calling out the requirement separately in Policy, but what about the former? Users who have made a conscious decision to use a different shell as their root shell (such as zsh) may have accepted this incremental increase in risk, but I'm not convinced that we want to do this for all users by default (if bash is still Priority: required, it will be installed by default, so all users will be affected unless they opt out). And if /bin/sh is going to be dash (which I think is what we want), I wouldn't like to inflict that on anyone as the default root login shell. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: Digital signature
