Not for vms that created other users…
You mean multi-user environments such as user2, user3, i.e. /home/user2, /home/user3? Indeed.
The symlink cannot easily be created on a multi user system. But I might find a solution for that. (Similar to security-misc’s home folder permission lockdown.)
Ignoring the multi-user issue…
Perhaps a symlink from
/home/user/.zshrc) to some file in
/etc/zsh/dist would help here for user
Only for that user, yes…
Can we do a package
Provides: zsh and patches the
/etc/zsh/zshrc by appending
source /etc/zsh/dist/.zshrc? What is the problem with that? Seem bulletproof.
This kind of compromise seems better than missing with user home dir.
Maybe something even easier but requires compilation
Any of these files may be pre-compiled with the zcompile builtin com‐
mand (see zshbuiltins(1)). If a compiled file exists (named for the
original file plus the .zwc extension) and it is newer than the origi‐
nal file, the compiled file will be used instead.
If we combile the zsh files, it will be newer than the system ones and will be used instead… seems much better
Also an option but I think harder to understand then config-package-dev method. Because then we need to add the compilation at some step (postinst script) but the source files in /etc/zsh wouldn’t correspond to the script files. And user making changing would also require surprising documentation.
Yeah. At this point with the remaining issues (Zsh prompt after SSH login (for Kicksecure servers), ZDOTDIR “stolen” from user, zsh-newuser-install broken)…
Best to avoid melding in user’s home folder. Environment variables approach also non-idea (above issue). So config-package-dev it is. Kali is also using dpkg diversions.
Will implement this soon.
This is now implemented. Could you have a look please if all is still working as before?
Also useful for developers, that’s why I didn’t notice this issue before:
sudo rm -r /etc/zsh/dist
Working great, awesome. Just noticed a regression to aliasrc, probably file name, will fix.
Nothing extraordinary, but
interactivecomments is important, I don’t know why that is not the default…
If you put a
# in front of the line now, it will behave as comment, before that it was making an error.
sudo apt-get-reset desktop-config-dist
Now I keep getting this prompt:
This is the Z Shell configuration function for new users,
But it’s weird because otherwise all functionality (colors, command completion) are functional as expected.
For testing, please make sure you don’t have a local
~/.zshrc file. That would avoid reproduction of this issue.
At which moment do you get this prompt?
I deleted ~/.zshrc and ran zsh but not warning appeared.
Edit: on one machine I could reproduce.
Will disable the zsh-newuser module as per man:
WHEN THE SHELL STARTS
When it starts, the shell reads commands from various files. These can be created or
edited to customize the shell. See the section Startup/Shutdown Files in zsh(1).
If no personal initialization files exist for the current user, a function is run to help
you change some of the most common settings. It won't appear if your administrator has
disabled the zsh/newuser module. The function is designed to be self-explanatory. You
can run it by hand with `autoload -Uz zsh-newuser-install; zsh-newuser-install -f'. See
also the section User Configuration Functions in zshcontrib(1).
THE ZSH/NEWUSER MODULE
The zsh/newuser module is loaded at boot if it is available, the RCS option is set, and
the PRIVILEGED option is not set (all three are true by default). This takes place imme‐
diately after commands in the global zshenv file (typically /etc/zsh/zshenv), if any, have
been executed. If the module is not available it is silently ignored by the shell; the
module may safely be removed from $MODULE_PATH by the administrator if it is not required.
On loading, the module tests if any of the start-up files .zshenv, .zprofile, .zshrc or
.zlogin exist in the directory given by the environment variable ZDOTDIR, or the user's
home directory if that is not set. The test is not performed and the module halts pro‐
cessing if the shell was in an emulation mode (i.e. had been invoked as some other shell
If none of the start-up files were found, the module then looks for the file newuser first
in a sitewide directory, usually the parent directory of the site-functions directory, and
if that is not found the module searches in a version-specific directory, usually the par‐
ent of the functions directory containing version-specific functions. (These directories
can be configured when zsh is built using the --enable-site-scriptdir=dir and --en‐
able-scriptdir=dir flags to configure, respectively; the defaults are prefix/share/zsh and
prefix/share/zsh/$ZSH_VERSION where the default prefix is /usr/local.)
If the file newuser is found, it is then sourced in the same manner as a start-up file.
The file is expected to contain code to install start-up files for the user, however any
valid shell code will be executed.
The zsh/newuser module is then unconditionally unloaded.
Note that it is possible to achieve exactly the same effect as the zsh/newuser module by
adding code to /etc/zsh/zshenv. The module exists simply to allow the shell to make ar‐
rangements for new users without the need for intervention by package maintainers and sys‐
The script supplied with the module invokes the shell function zsh-newuser-install. This
may be invoked directly by the user even if the zsh/newuser module is disabled. Note,
however, that if the module is not installed the function will not be installed either.
The function is documented in the section User Configuration Functions in zshcontrib(1).
still searching how to disable a zsh module
Trying to avoid this debian - Disable the configuration tool in Zsh - Unix & Linux Stack Exchange
changing /etc/zsh/zshenv because the answer is not good at all, it will clear the function and the user won’t be able to use it if they want to run manually.