--- mksh.install.original	2017-12-09 23:52:45.000000000 +0000
+++ mksh.install	2017-12-09 23:53:28.518856409 +0000
@@ -1,9 +1,47 @@
+pre_install() {
+  :
+}
+
 post_install() {
-  grep -x /bin/mksh /etc/shells >/dev/null || echo /bin/mksh >>/etc/shells
+  grep -x '/bin/mksh' /etc/shells 2>/dev/null || echo '/bin/mksh' >> /etc/shells
+  # need to also add /usr/bin/mksh to /etc/shells to avoid https://bugs.archlinux.org/task/55053
+  grep -x '/usr/bin/mksh' /etc/shells 2>/dev/null || echo '/usr/bin/mksh' >> /etc/shells
+}
+
+pre_upgrade() {
+  :
+}
+
+post_upgrade() {
+  post_install
+}
+
+pre_remove() {
+  # This is only necessary on alternate shells. sh and bash 
+  # are at the base of Arch and cannot be removed.
+  # To test this you should have a spare root shell already open.
+  # Otherwise, if this doesn't work, you will need to learn how to bypass
+  # the default shell on login.
+  # http://stackoverflow.com/questions/11059067/what-is-the-nix-command-to-view-a-users-default-login-shell
+  if getent passwd root | cut -d: -f7 | grep -qle '/bin/mksh'; then
+    echo '**********************************************'
+    echo '*** Warning: ROOT HAS mksh as the login shell.'
+    echo '*** Shell changed to sh to prevent loss of root access.'
+    echo '**********************************************'
+    # sh is more likely to guarantee a login than bash because sh is typically
+    # unmodified. Crappy, but guaranteed.
+    chsh -s '/bin/sh'
+  fi
+  sed -i -r '/^(\/usr)?\/bin\/mksh$/d' '/etc/shells'
 }
 
 post_remove() {
-  sed -i "/^\/bin\/mksh$/d" /etc/shells
+  mandb -q
+  # /usr/bin/mksh is also detected
+  if getent passwd | cut -d: -f7 | grep -qle '/bin/mksh'; then
+    echo '*** Warning: Some users have mksh as their login shell.'
+    echo '*** Fix promptly to restore access.'
+  fi
 }
 
 # vim:set ts=2 sw=2 et: