[CentOS] Changing a user's shell on CentOS Directory Server?
Bill Campbell
centos at celestial.com
Tue Jun 2 04:11:24 UTC 2009
On Mon, Jun 01, 2009, Matt Harrington wrote:
...
>I should have been more precise in my original post. After a second
>read, I see that it sounds like I was asking for policy advice.
>Actually, what I meant to ask was is it expected behavior that "lchsh"
>fails for LDAP users? If so, what are my choices for allowing users
>to change their shells? I can open up the permissions on
>/etc/default/useradd, but maybe there's a better way. I need this
>capability.
>
>"chsh" works for local users, so it's not that CentOS takes a stand
>against users changing their shells.
I think it was chsh that had a major security problem a while
back that would permit user's to change their uid to ``0'' with
the expect bad results. I ran into this on a SuSE system where
chsh was called from usermin.
Bill
--
INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice: (206) 236-1676 Mercer Island, WA 98040-0820
Fax: (206) 232-9186 Skype: jwccsllc (206) 855-5792
"If taxation without consent is not robbery, then any band of robbers
have only to declare themselves a government, and all their robberies
are legalized." -- Lysander Spooner, Letter to Grover Cleveland 1886
More information about the CentOS
mailing list