LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Enforcing /etc/shells (http://www.linuxquestions.org/questions/linux-server-73/enforcing-etc-shells-4175440409/)

garion 12-07-2012 04:26 AM

Enforcing /etc/shells
 
It is possible to assign a shell that is not listed in /etc/shells. All I get is a warning message, for example:

Warning: "/bin/DifferentShell" is not listed in /etc/shells.

However, the shell is still changed. Is there anyway of forcing the system to only allow shells listed?

Berhanie 12-07-2012 06:09 AM

i ran strace on chsh on my system, and it shows that chsh consulted /etc/pam.d/chsh. there's a pam_shells module that can be required, and it even has a man page. my man page for chsh was typically incomplete:
Code:

      chsh  will  accept  the  full  pathname of any executable file on the system.  However, it will
      issue a warning if the shell is not listed in the /etc/shells file.  On the other hand, it  can
      also  be  configured  such  that it will only accept shells listed in this file, unless you are
      root.



All times are GMT -5. The time now is 02:05 AM.