chsh

chsh (an abbreviation of "change shell") is a command on Unix-like operating systems that is used to change a login shell. Users can either supply the pathname of the shell that they wish to change to on the command line, or supply no arguments, in which case chsh allows the user to change the shell interactively.[1]

chsh
Original author(s)Salvatore Valente
Operating systemUnix and Unix-like
TypeCommand

Usage

chsh is a setuid program that modifies the /etc/passwd file, and only allows ordinary users to modify their own login shells. The superuser can modify the shells of other users, by supplying the name of the user whose shell is to be modified as a command-line argument. For security reasons, the shells that both ordinary users and the superuser can specify are limited by the contents of the /etc/shells file, with the pathname of the shell being required to be exactly as it appears in that file. (This security feature is alterable by re-compiling the source code for the command with a different configuration option, and thus is not necessarily enabled on all systems.) The superuser can, however, also modify the password file directly, setting any user's shell to any executable file on the system without reference to /etc/shells and without using chsh.[1][2][3]

On most systems, when chsh is invoked without the -s command-line option (to specify the name of the shell), it prompts the user to select one. On Mac OS X, if invoked without the -s option, chsh displays a text file in the default editor (initially set to vim) allowing the user to change all of the features of their user account that they are permitted to change, the pathname of the shell being the name next to "Shell:". When the user quits vim, the changes made there are transferred to the /etc/passwd file which only root can change directly.[2][4]

Using the -s option (for example: % chsh -s /usr/local/bin/bash) greatly simplifies the task of changing shells.

Depending on the system, chsh may or may not prompt the user for a password before changing the shell, or entering interactive mode. On some systems, use of chsh by non-root users is disabled entirely by the sysadmin.[4]

On many Linux distributions, the chsh command is a PAM-aware application. As such, its behaviour can be tailored, using PAM configuration options, for individual users. For example, an auth directive that specifies the pam_listfile.so module can be used to deny chsh access to individual users, by specifying a file of the usernames to deny access to with the listfile= option to that module (along with the sense=deny option).[5]

Portability

POSIX does not describe utilities such as chsh, which are used for modifying the user's entry in /etc/passwd. Most Unix-like systems provide chsh.[6] SVr4-based systems provided a similar capability with passwd. Two of the three remaining systems (IBM AIX[7] and HP-UX[8]) provide chsh in addition to passwd -e. The exception is Solaris, where non-administrators are unable to change their shell unless a network name server such as NIS or NIS+ is installed.[9][10] The obsolete[11] SGI SVr4 system IRIX64 also lacked chsh.

See also

References

  1. Cameron Newham and Bill Rosenblatt (2005). Learning the Bash Shell: [Unix shell programming]. O'Reilly. pp. 272. ISBN 0596009658.
  2. Mark G. Sobell and Peter Seebach (2005). A Practical Guide To Unix For Mac Os X Users. Prentice Hall PTR. p. 448. ISBN 0131863339.
  3. Æleen Frisch (2002). Essential System Administration. O'Reilly. p. 238. ISBN 0596003439.
  4. Deborah S. Ray and Eric J. Ray (1998). Unix. Peachpit Press. pp. 47. ISBN 0201353954.
  5. Scott Mann and Ellen L. Mitchell (2000). Linux System Security: The Administrator's Guide to Open Source Security Tools. Prentice Hall PTR. pp. 101–102. ISBN 0130158070.
  6. Nelson Beebe (August 11, 2005). "chsh command availability".
  7. "IBM Knowledge Center chsh command". IBM. Retrieved January 24, 2015.
  8. "chsh(1)". Hewlett Packard. Archived from the original on January 28, 2015. Retrieved January 24, 2015.
  9. Peter Smulder (March 12, 2000), chsh on Solaris, LinuxForum
  10. Henry van Cleef (February 4, 2005). "User chsh shell change function needed for Solaris". LinuxForum.
  11. "SGI - Services & Support: SGI Support of MIPS IRIX Products Continues to December 2013". Archived from the original on July 6, 2009. Retrieved January 24, 2015.

Further reading

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.