1 |
HI, thanks! |
2 |
|
3 |
On Fri, Feb 13, 2009 at 3:11 PM, Mike Kazantsev |
4 |
<mike_kazantsev@×××××××.net> wrote: |
5 |
> On Fri, 13 Feb 2009 13:15:12 +0800 |
6 |
> Chuanwen Wu <wcw8410@×××××.com> wrote: |
7 |
> |
8 |
>> Could you please give more details? How to change it to something |
9 |
>> default? |
10 |
> |
11 |
> Well, that's pretty much the basics... |
12 |
> Shells for each system user are defined in /etc/passwd, which should be |
13 |
> edited by 'vipw' command. |
14 |
> |
15 |
> What I've meant is the case, when you, or something else changed |
16 |
> '/etc/passwd', replacing '/bin/bash' with something like |
17 |
> '/sbin/nologin' or some other path, which is not a valid shell. |
18 |
Hi, here is the root infomation in my /etc/passwd: |
19 |
|
20 |
root:x:0:0:root:/root:/bin/bash |
21 |
|
22 |
> |
23 |
> Actually, ssh shouldn't work with invalid shell like that as well, but |
24 |
> one, for example, can add some commands to ".bashrc" which will work |
25 |
> only in ssh environment (using some env vars, set by ssh, for example). |
26 |
> |
27 |
> Then, there might be some ssh-only shell, so I'd suggest to set shell |
28 |
> to '/bin/sh' (which is actually bash, for gentoo) and disable all the |
29 |
> configs it's using, like '~/.bashrc' or '/etc/bashrc' (see 'man bash', |
30 |
> for full list). |
31 |
In the /root, there is no .bashrc, and in other users' home, the |
32 |
.bashrc is normal: |
33 |
/******************************************* |
34 |
$ cat /home/wcw/.bashrc |
35 |
# /etc/skel/.bashrc |
36 |
# |
37 |
# This file is sourced by all *interactive* bash shells on startup, |
38 |
# including some apparently interactive shells such as scp and rcp |
39 |
# that can't tolerate any output. So make sure this doesn't display |
40 |
# anything or bad things will happen ! |
41 |
|
42 |
|
43 |
# Test for an interactive shell. There is no need to set anything |
44 |
# past this point for scp and rcp, and it's important to refrain from |
45 |
# outputting anything in those cases. |
46 |
if [[ $- != *i* ]] ; then |
47 |
# Shell is non-interactive. Be done now! |
48 |
return |
49 |
fi |
50 |
|
51 |
|
52 |
# Put your fun stuff here. |
53 |
/*****************************************************/ |
54 |
|
55 |
> Also, Neil has made a good point that there might be something |
56 |
> in /etc/profile, which is usually sourced by all bash-like shells. |
57 |
Here is my /etc/profile, which I think is normal, too: |
58 |
/*****************************************************/ |
59 |
# cat /etc/profile |
60 |
# /etc/profile: login shell setup |
61 |
# |
62 |
# That this file is used by any Bourne-shell derivative to setup the |
63 |
# environment for login shells. |
64 |
# |
65 |
|
66 |
# Load environment settings from profile.env, which is created by |
67 |
# env-update from the files in /etc/env.d |
68 |
if [ -e /etc/profile.env ] ; then |
69 |
. /etc/profile.env |
70 |
fi |
71 |
|
72 |
# 077 would be more secure, but 022 is generally quite realistic |
73 |
umask 022 |
74 |
|
75 |
# Set up PATH depending on whether we're root or a normal user. |
76 |
# There's no real reason to exclude sbin paths from the normal user, |
77 |
# but it can make tab-completion easier when they aren't in the |
78 |
# user's PATH to pollute the executable namespace. |
79 |
# |
80 |
# It is intentional in the following line to use || instead of -o. |
81 |
# This way the evaluation can be short-circuited and calling whoami is |
82 |
# avoided. |
83 |
if [ "$EUID" = "0" ] || [ "$USER" = "root" ] ; then |
84 |
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${ROOTPATH}" |
85 |
else |
86 |
PATH="/usr/local/bin:/usr/bin:/bin:${PATH}" |
87 |
fi |
88 |
export PATH |
89 |
unset ROOTPATH |
90 |
|
91 |
# Extract the value of EDITOR |
92 |
[ -z "$EDITOR" ] && EDITOR="`. /etc/rc.conf 2>/dev/null; echo $EDITOR`" |
93 |
[ -z "$EDITOR" ] && EDITOR="/bin/nano" |
94 |
export EDITOR |
95 |
|
96 |
if [ -n "${BASH_VERSION}" ] ; then |
97 |
# Newer bash ebuilds include /etc/bash/bashrc which will setup PS1 |
98 |
# including color. We leave out color here because not all |
99 |
# terminals support it. |
100 |
if [ -f /etc/bash/bashrc ] ; then |
101 |
# Bash login shells run only /etc/profile |
102 |
# Bash non-login shells run only /etc/bash/bashrc |
103 |
# Since we want to run /etc/bash/bashrc regardless, we source it |
104 |
# from here. It is unfortunate that there is no way to do |
105 |
# this *after* the user's .bash_profile runs (without putting |
106 |
# it in the user's dot-files), but it shouldn't make any |
107 |
# difference. |
108 |
. /etc/bash/bashrc |
109 |
else |
110 |
PS1='\u@\h \w \$ ' |
111 |
fi |
112 |
else |
113 |
# Setup a bland default prompt. Since this prompt should be useable |
114 |
# on color and non-color terminals, as well as shells that don't |
115 |
# understand sequences such as \h, don't put anything special in it. |
116 |
PS1="`whoami`@`uname -n | cut -f1 -d.` \$ " |
117 |
fi |
118 |
|
119 |
for sh in /etc/profile.d/*.sh ; do |
120 |
if [ -r "$sh" ] ; then |
121 |
. "$sh" |
122 |
fi |
123 |
done |
124 |
unset sh |
125 |
/*****************************************************/ |
126 |
> |
127 |
> Syslog usually uses '/var/log/messages' as a collector for everything |
128 |
> that is being sent to it, so I'd check that file first. And make sure |
129 |
> the timestamps there are recent - it should mean that syslog is writing |
130 |
> to it and is not dead. |
131 |
I got the login information below from the tail of /var/log/messages: |
132 |
/********************************************/ |
133 |
Feb 13 15:47:18 Gentoo-F304-Server login[5735]: |
134 |
pam_unix(login:session): session opened for user root by LOGIN(uid=0) |
135 |
Feb 13 15:47:18 Gentoo-F304-Server login[15097]: ROOT LOGIN on 'tty1' |
136 |
Feb 13 15:47:18 Gentoo-F304-Server login[5735]: |
137 |
pam_unix(login:session): session closed for user root |
138 |
Feb 13 15:48:21 Gentoo-F304-Server login[15099]: |
139 |
pam_unix(login:session): session opened for user wcw by LOGIN(uid=0) |
140 |
Feb 13 15:48:21 Gentoo-F304-Server login[15099]: |
141 |
pam_unix(login:session): session closed for user wcw |
142 |
Feb 13 15:50:01 Gentoo-F304-Server cron[15469]: (root) CMD (test -x |
143 |
/usr/sbin/run-crons && /usr/sbin/run-crons ) |
144 |
Feb 13 15:50:01 Gentoo-F304-Server cron[15477]: (root) CMD (root^Itest |
145 |
-x /usr/sbin/run-crons && /usr/sbin/run-crons ) |
146 |
Feb 13 15:50:45 Gentoo-F304-Server sshd[15531]: Accepted |
147 |
keyboard-interactive/pam for wcw from 192.168.1.7 port 59220 ssh2 |
148 |
Feb 13 15:50:45 Gentoo-F304-Server sshd[15534]: |
149 |
pam_unix(sshd:session): session opened for user wcw by (uid=0) |
150 |
/********************************************/ |
151 |
|
152 |
The first two logins, which the timestamps are Feb 13 15:48:21 and Feb |
153 |
13 15:50:01, is from the terminal. And the last one is from ssh. |
154 |
|
155 |
> 'dmesg' command is usually a good source for failure messages too, but |
156 |
> only on kernel level (when something really nasty happens). There might |
157 |
> be some segfaults, produced by your shell, and usually indicate |
158 |
> programming or compilation errors. |
159 |
> |
160 |
> -- |
161 |
> Mike Kazantsev // fraggod.net |
162 |
> |
163 |
> |
164 |
Thanks for your patience and help! |
165 |
|
166 |
|
167 |
-- |
168 |
wcw |