LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 12-07-2012, 04:26 AM   #1
garion
Member
 
Registered: Nov 2003
Posts: 35

Rep: Reputation: 15
Enforcing /etc/shells


It is possible to assign a shell that is not listed in /etc/shells. All I get is a warning message, for example:

Warning: "/bin/DifferentShell" is not listed in /etc/shells.

However, the shell is still changed. Is there anyway of forcing the system to only allow shells listed?
 
Old 12-07-2012, 06:09 AM   #2
Berhanie
Senior Member
 
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625

Rep: Reputation: 165Reputation: 165
i ran strace on chsh on my system, and it shows that chsh consulted /etc/pam.d/chsh. there's a pam_shells module that can be required, and it even has a man page. my man page for chsh was typically incomplete:
Code:
       chsh  will  accept  the  full  pathname of any executable file on the system.  However, it will
       issue a warning if the shell is not listed in the /etc/shells file.  On the other hand, it  can
       also  be  configured  such  that it will only accept shells listed in this file, unless you are
       root.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
nagios - SELINUX [enforcing mode ] fritz001 Linux - Networking 6 01-12-2012 04:38 PM
[SOLVED] Can all shells read all environmental variables set by other shells? carlodelmundo Linux - Newbie 2 07-23-2010 02:03 PM
enforcing unix permissions on directories goncalopp Linux - Security 2 12-16-2009 08:52 AM
LXer: RIAA to help enforcing the GPL LXer Syndicated Linux News 0 04-05-2008 06:40 PM
LXer: Enforcing the GPL LXer Syndicated Linux News 0 05-11-2006 07:33 PM


All times are GMT -5. The time now is 05:07 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration