Thread: toor, root and shells
View Single Post
  #1   (View Single Post)  
Old 1st June 2008
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
ISO Quartermaster
  
Join Date: Apr 2008
Location: NYC
Posts: 653
Default toor, root and shells
Way back when, neither the csh or sh shells had tab completion,
scrolling through history with the arrow keys and other things that we
often take for granted.

The original developers of FreeBSD preferred csh to Bourne style shells.

So, at some point it was decided that /bin should only have two shells,
csh and sh. Remember disk space was far more precious then. Because
the original developers preferred csh, the version of csh put in
/bin was actually tcsh, a version of csh with tab completion, history
scrolling and the like. (The interested reader can see this by doing a
ls -i for csh and tcsh. They have the same inode.)

The /bin/sh shell, on the other hand is the very basic Bourne shell.
There are no fancy features such as tab completion. However, it is
there (and indeed, is the default shell if you boot into single user
mode) for those who prefer Bourne style shells.


If you decide to install bash, zsh or ksh, they aren't installed in
/bin. They are installed in /usr/local/bin. They are fine
for day to day use, but not usable if you can only mount / or
if you boot into single user mode. Therefore, one should not
change root's default shell from csh.

However, many people wanted to work as root with an extended Bourne
style shell. While sh is available in /bin, it lacks some features to
which we have become accustomed, such as tab completion. Enter the toor
account.

The toor account is listed in /etc/passwd as Bourne-again Superuser.
Like root, toor has the UID of 0. I believe (according to a couple of
posts on google) that originally the account was only created if the
bash shell was installed, but other posts indicate that it has always
been there. Regardless, the account is created during a default
installation.

The toor account has the same powers as the root account. It has no
password by default. To use it, you have to set a password for it.
(Or log in as root and su to toor).
i

So, this is one use for the toor account, have root's UID, but have a
default shell that lives in /usr/local.

Other people use toor as a backup Superuser account, to use if, for
example, root's shell or account gets corrupted. If toor is being
used for this purpose, then its default shell should remain as /bin/sh,
for the same reasons given above--if it is an emergency use
account, then there might be some reason other shells weren't accessible.


People coming to FreeBSD from Linux sometimes don't realize that sh
and bash are two different things. Unless you need some special feature
of bash that isn't in sh, for example, the select loop, it is always
best to write scripts using /bin/sh rather than /usr/local/bin/bash for
maximum portability. In many Gnu/Linux distributions. /bin/sh is simply
a link to /bin/bash, but they are two different shells.

Various bad things can happen when you change root's shell.

Net and OpenBSD also offer ksh as a default shell during installation. The person more familiar with bash or other Bourne shells is probably better off with ksh than a C shell variant.
Reply With Quote