HPE Community
Operating System - HP-UX
1751966 Members
4666 Online
108783 Solutions
New Discussion юеВ

Re: root shell changed - boot message

 
SOLVED
Go to solution
Ken Englander
Regular Advisor

тАО11-05-2009 08:54 AM

тАО11-05-2009 08:54 AM

root shell changed - boot message

We have an application that is normally setup using ksh and our documentation has instructions to change the shell for root to ksh.

After spending some time reviewing information from HP I tested booting in single-user mode with root setup to use ksh. When I did I received the following messages, but I was able to continue using the system. There did not seem to be any need to reboot and change it.

-----------------------------------------------

INIT: SINGLE USER MODE

INIT: WARNING: Bad shell "/usr/bin/ksh" for root.
FIX root ENTRY IN /etc/passwd AND REBOOT !!!



INIT: Running /sbin/sh

-----------------------------------------------

So it seems something is solving this problem on-the-fly but this is not documented.

I'm very interested in what experiences others have had with this situation.

Also, since the messages are prefixed with "INIT" I guess that is the program/module that is running. Could this be a fix in that program/module and if so how can I track it down to determine if a given system has it?

Thanks!
Ken
0 Kudos
Reply
10 REPLIES 10
James R. Ferguson
Acclaimed Contributor

тАО11-05-2009 09:07 AM

тАО11-05-2009 09:07 AM

Solution

Re: root shell changed - boot message

Hi Ken:

As you have found, do _NOT_ change root's shell in '/etc/passwd' from '/sbin/sh' to anything else.

The '/sbin/sh' uses statically linked libraries so that no filesystems other than '/stand' need to be mounted. Shells like '/usr/bin/sh' [the same Posix shell but with dynamic libraries to be found in '/usr'] and shells like '/usr/bin/ksh' require '/usr' to be mounted for their library support.

Thus, during startup, before '/usr' is mounted, you have complete functionality for root with the '/sbin/sh'. This also applies (of course) to single-user mode.

This said, you will also find that the '/usr/bin/ksh' shell offered with standard HP-UX is a Korn88 shell and hardly differs at all from the standard HP-UX Posix one.

Fix your '/etc/passwd' root entry.

Regards!

...JRF...
Reply
Torsten.
Acclaimed Contributor

тАО11-05-2009 09:20 AM

тАО11-05-2009 09:20 AM

Re: root shell changed - boot message

Since the fix is already above I can only ask - lesson learned?

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Reply
Ken Englander
Regular Advisor

тАО11-05-2009 09:36 AM

тАО11-05-2009 09:36 AM

Re: root shell changed - boot message

James thanks for the explanation, but that does not answer the question about the apparent self-healing mode.

Also, just FYI - I/we do not have the option to change it because we have so much code that MIGHT be adversely affected if I change the shell back. I would much rather leave it using the Posix shell but it is not my decision and again, it could have a serious impact. Our code and this procedure is deployed on hundreds of systems with thousands of users. We cannot make a change like this without lots of testing.
0 Kudos
Reply
Torsten.
Acclaimed Contributor

тАО11-05-2009 09:40 AM

тАО11-05-2009 09:40 AM

Re: root shell changed - boot message

It stuck in single user mode, right?

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Reply
OldSchool
Honored Contributor

тАО11-05-2009 09:52 AM

тАО11-05-2009 09:52 AM

Re: root shell changed - boot message

I guess I fail to understand what root would be "running" that might be impacted...

or why "We have an application that is normally setup using ksh and our documentation has instructions to change the shell for root to ksh"

usually, in such cases, what they mean is "login as root, change to ksh and...."

in which case you simply run ksh at the prompt and proceed on.

If it's 3rd party stuff, I'd contact the vendor and ask them what's going on.
0 Kudos
Reply
Tingli
Esteemed Contributor

тАО11-05-2009 11:05 AM

тАО11-05-2009 11:05 AM

Re: root shell changed - boot message

Maybe now, the init is smart enough to figure out that under single user mode, it is better to use /sbin/sh in case /usr is corrupted otherwise systems admin will be stuck in no where.

But when the system can go to level 3, then /sbin/sh won't be so critical and it won't bother to use it.
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО11-05-2009 07:33 PM

тАО11-05-2009 07:33 PM

Re: root shell changed - boot message

> Also, just FYI - I/we do not have the option to change it because we have so much code that MIGHT be adversely affected if I change the shell back. I would much rather leave it using the Posix shell but it is not my decision and again, it could have a serious impact. Our code and this procedure is deployed on hundreds of systems with thousands of users. We cannot make a change like this without lots of testing.

I think there is a misunderstanding. The requirement to use /sbin/sh is only for root. I would hope that none of your code and users are logging in as root. Most auditors will issue a security/stability finding for such a situation. The root login should be reserved only for system maintenance that cannot be accomplished by standard users.

And as mentioned, /sbin/sh is actually a superset of ksh (technically, ksh-1988) and only some obscure scripting constructs are different between the two shells. It is important not to confuse /sbin/sh (and /usw/bin/sh) with the Bourne shell. On HP-UX, the obsolete Bourne shell is hidden in /usr/old/bin.

But the bottom line is that a version of ksh with archived libraries (needed for single user mode) is not available. The only commands available in single user mode are found in /sbin. While it is true that you can mount /usr and then ksh would work, but your interface to HP-UX does not exist until a shell starts -- only /sbin/sh will work.


Bill Hassell, sysadmin
Reply
Viktor Balogh
Honored Contributor

тАО11-06-2009 04:48 AM

тАО11-06-2009 04:48 AM

Re: root shell changed - boot message

You have had luck with this, a long ago I could completely lock myself out with a bad shell entry in passwd. It was a test machine at our local HP learning center, and the machine with 11i v1 didn't want me to let in. (No user accounts, only root)

The single user mode was our last hope, it hasn't prompted for a password but terminated our session with simply a "bad shell" and nothing else could have been done. The system must have been completely reinstalled. :O

Which version are you talking about? I'm glad that the single user mode login was modified.
****
Unix operates with beer.
0 Kudos
Reply
Ken Englander
Regular Advisor

тАО11-06-2009 07:59 AM

тАО11-06-2009 07:59 AM

Re: root shell changed - boot message

Thank you all for your input!

Do any of you know where is the code that is sending me the messages, which I was guessing is called INIT based on the messages?

Torsten
No, it is not stuck anywhere. The problem has been resolved. I just want to find out if anyone knows specifically about it being fixed since that is what the messages and what happened suggests to me.

OldSchool
The application is written by my company. The HP-UX systems serve as clients so very few people log in to them. However, much of our procedures related to configuring and updating our software rely on root access.

I understand your suggestion, but you do not understand that we cannot simply change the process in an overnight sort of fashion.

Bill
Thanks for your input. I do understand we are only talking about root but changing its shell COULD introduce a problem. Our code has a habit of finding obscure things!

The root login should only be used by a few individuals, but unfortunately all of our stuff has been tested with the shell set to ksh. Standard users do not even login to our servers - all of their work is done from clients, typically PC-like.

Viktor
I am using HP-UX 11i v3 based on the Mar08 update.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.