LinuxQuestions.org - editing /etc/shells to only allow bash

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - editing /etc/shells to only allow bash (https://www.linuxquestions.org/questions/linux-newbie-8/editing-etc-shells-to-only-allow-bash-262092/)

editing /etc/shells to only allow bash

Hi,

I want to only allow users to use the bash shell. This it to enforce ulimit's - which I believe only works with bash(?). So I plan to make users bash_priofile read only, and set the various ulimits on a per user basis.

Now I know I have to edit /etc/shells and by commenting out lines I can dissalow the use of various shells. This is my /etc/shell from fedora2

Code:

/bin/sh

/bin/bash

/sbin/nologin

/bin/bash2

/bin/ash

/bin/bsh

/bin/tcsh

/bin/csh

So I assume this will be what I need?:

Code:

#/bin/sh

/bin/bash

/sbin/nologin

#/bin/bash2

#/bin/ash

#/bin/bsh

#/bin/tcsh

#/bin/csh

Is the sh shell controllable via ulimit? Would be my 2nd question.. And the third would be should I be allowing any of these other shells?

Thanks for any advice :)

Hello,

in general /bin/sh is a symlink to /bin/bash, so you probably can add it...

Oliv'

Note that the users can still change to another shell after logging in to bash by simply typing the shellname, eg csh. To prevent that you could remove the execute permissions from the shell binaries you don't want anybody to use.

1) what u have done to /etc/shells is correct, if you know what you are doin'.
2) it is ok to allow all other shells :- It has been well thought and some of the most powerful shells listed there.(except ash, bsh, maybe )
3) sh can be controlled by using ulimit- see "man sh" pages:-)