penguins_rule
asked on
Can the /etc/passwd file have a script instead of shell for login-shell on RedHat Enterprise Linux 6.4
On an older RedHat EL 4.6 server, /etc/passwd has a script instead of a shell in the login-shell field. This was for security reasons, so the user could not get into bash.
For example: user:x:520:501:comment:/ho me/:/usr/l ocal/bin/o nline_user s.sh
Is it possible to do on a Red Hat EL 6.4 server? I tried it, but the user gets access denied when she tries to log in. Do I need to set something else up? The user will always be using /bin/bash shell.
For example: user:x:520:501:comment:/ho
Is it possible to do on a Red Hat EL 6.4 server? I tried it, but the user gets access denied when she tries to log in. Do I need to set something else up? The user will always be using /bin/bash shell.
ASKER
If the online_users.sh exists in their /home directory, then it works.
I am having a problem with access control (acl) and permissions. So, I will see what happens once I get that straightened out.
To answer savone: The users log in using putty on a windows PC.
I am having a problem with access control (acl) and permissions. So, I will see what happens once I get that straightened out.
To answer savone: The users log in using putty on a windows PC.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Is it possible to change something in PAM auth to allow any shell?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can enter any program in /etc/shells
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
With information from the experts, I was able to come up with a way to do what i needed to do. Because I did not want to give them access to the shell, this was the method used.
How is the user logging in? Via SSH, GUI, SFTP??