Re: How can I tell openssh client to prompt for a username

From: Derek Martin (code_at_pizzashack.org)
Date: 07/13/04

  • Next message: Parkes, Lloyd: "Re: How can I tell openssh client to prompt for a username"
    Date: Wed, 14 Jul 2004 03:49:40 +0900
    To: secureshell@securityfocus.com
    
    
    

    On Fri, Jul 09, 2004 at 11:24:04PM +0200, Jan-Benedict Glaw wrote:
    > > Write a small shell script wrapper around it. For example (untested!):
    > >
    > > #!/bin/bash
    >
    > Bad habit alert. Don't requite /bin/bash if /bin/sh could run the script
    > as well. You'll love that if you ever need to copy that script to a host
    > on which no bash is installed...

    It's actually a lot worse than that. Invoking the script as /bin/bash
    will cause the shell (i.e. the script) to read the user's ~/.bashrc
    and/or ~/.profile, etc. This is almost certainly NOT what you want.
    For example, if this script is invoked by the user's .bashrc file,
    then it may result in an infinite loop which spawns many processes,
    tying up system resources, and preventing the user from actually being
    able to log in. For some time, the implementation of the "which"
    command included with Debian stable suffered from this problem.

    Other possible problems include the possibility that the .bashrc file
    sets some variable that plays havoc with other processes. For
    example, maybe it sets LD_PRELOAD or some similar variable, causing
    things to be all out of whack. Basically, if you're writing a shell
    script to be used on a system-wide (rather than personal) basis, NEVER
    EVER EVER EVER EVER invoke a shell script as #!/bin/bash -- it can
    result in strange and hard to debug problems.

    -- 
    Derek D. Martin
    http://www.pizzashack.org/
    GPG Key ID: 0x81CFE75D
    
    



  • Next message: Parkes, Lloyd: "Re: How can I tell openssh client to prompt for a username"

    Relevant Pages

    • Re: detect shell script language
      ... In the 'old' days, when a user typed in a command, the interactive shell would immediately pass it off to 'exec' to execute. ... So, on return from exec with an error status, the shell would fork a copy of itself to try and run the script. ... As a result of the above, it was hard to tell whether the script was a Bourne shell or C shell, so the convention was introduced of using the Bourne shell no op command, as the first line in a Bourne shell script. ...
      (Debian-User)
    • Re: awk here documents
      ... script called from shell to produce some pre-formatted blocks of code ... awk variable: ... or awk quotes with shell quotes ...
      (comp.unix.shell)
    • Re: [CFT] Patch to bsdinstall to support root-on-ZFS and GELI
      ... implement installing on a ZFS pool. ... sure how to usefully get it just from the shell. ... I wouldn't say any of what is in the proposed patches to bsdinstall is ... sysadmins who are the ones that actually need to be able to script ...
      (freebsd-current)
    • Re: [CFT] Patch to bsdinstall to support root-on-ZFS and GELI
      ... implement installing on a ZFS pool. ... sure how to usefully get it just from the shell. ... I wouldn't say any of what is in the proposed patches to bsdinstall is ... sysadmins who are the ones that actually need to be able to script ...
      (freebsd-current)
    • Re: [CFT] Patch to bsdinstall to support root-on-ZFS and GELI
      ... implement installing on a ZFS pool. ... sure how to usefully get it just from the shell. ... I wouldn't say any of what is in the proposed patches to bsdinstall is ... sysadmins who are the ones that actually need to be able to script ...
      (freebsd-current)