Re: Changing a user's shell on CentOS Directory Server?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, Jun 01, 2009, Matt Harrington wrote:
...
>I should have been more precise in my original post.  After a second
>read, I see that it sounds like I was asking for policy advice.
>Actually, what I meant to ask was is it expected behavior that "lchsh"
>fails for LDAP users?  If so, what are my choices for allowing users
>to change their shells?  I can open up the permissions on
>/etc/default/useradd, but maybe there's a better way.  I need this
>capability.
>
>"chsh" works for local users, so it's not that CentOS takes a stand
>against users changing their shells.

I think it was chsh that had a major security problem a while
back that would permit user's to change their uid to ``0'' with
the expect bad results.  I ran into this on a SuSE system where
chsh was called from usermin.

Bill
-- 
INTERNET:   bill@xxxxxxxxxxxxx  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186  Skype: jwccsllc (206) 855-5792

"If taxation without consent is not robbery, then any band of robbers
have only to declare themselves a government, and all their robberies
are legalized." -- Lysander Spooner, Letter to Grover Cleveland 1886
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux