HPE Community
Operating System - HP-UX
1834051 Members
2277 Online
110063 Solutions
New Discussion

/etc/shells

 
Tony Chiu
Advisor

‎04-18-2001 01:30 AM

‎04-18-2001 01:30 AM

/etc/shells

Hi all,

I want to know whether we have to include all the shells allowed to be used in the system in /etc/shells file. My system currently does not have /etc/shells file, but I need to set some a/c to /usr/bin/false but allow them to use ftp. Adding /usr/bin/false in /etc/shells is a must to do so.

Thanks in advance,
Tony.
0 Kudos
Reply
6 REPLIES 6
Vincent Stedema
Esteemed Contributor

‎04-18-2001 01:50 AM

‎04-18-2001 01:50 AM

Re: /etc/shells

Tony,

All shells that are used by users who need ftp access need to be included in /etc/shells. If, for instance, only one user uses csh, but this user does'nt need ftp access, csh doesnt's have to be included in /etc/shells.

Vincent
0 Kudos
Reply
federico_3
Honored Contributor

‎04-18-2001 01:50 AM

‎04-18-2001 01:50 AM

Re: /etc/shells

If this file does not exist all the shells are allowed ( also /usr/bin/false)

Federico
0 Kudos
Reply
Tony Chiu
Advisor

‎04-18-2001 02:04 AM

‎04-18-2001 02:04 AM

Re: /etc/shells

Thanks Vincent and Federico.

It seems that the man page of /etc/shells is quite vague, it does not say about shells for ftp.

Tony.
0 Kudos
Reply
Vincent Stedema
Esteemed Contributor

‎04-18-2001 02:44 AM

‎04-18-2001 02:44 AM

Re: /etc/shells

Tony,

/etc/shells is used to identify which shells have ftp access and which don't. These shells are not used during the ftp-session itself. You can't restrict ftp access for a specific user by giving them a rksh shell. If you want to restrict the "shell" of an ftp-user and you're using hp-ux 11.00, take a look at the man page for "ftpaccess".

Vincent
0 Kudos
Reply
Bruce Regittko_1
Esteemed Contributor

‎04-18-2001 05:01 AM

‎04-18-2001 05:01 AM

Re: /etc/shells

Hi,

According to the man page for getusershell(3c) - which is used by ftpd(1m) - the following are the "standard shells" if the /etc/shells file does not exist:

/sbin/sh
/usr/bin/sh
/usr/bin/rsh
/usr/bin/ksh
/usr/bin/rksh
/usr/bin/csh
/usr/bin/keysh

Since /usr/bin/false is not in the list, you would have to create an /etc/shells file.

For other ftp access related issues, check out the man pages for ftpaccess(4) and ftpusers(4).

--Bruce
www.stratech.com/training
0 Kudos
Reply
Berlene Herren
Honored Contributor

‎04-18-2001 05:14 AM

‎04-18-2001 05:14 AM

Re: /etc/shells

Tony, rule of thumb is, if your user gets a 530 error trying to ftp, type #env, check out the shell and add it to /etc/shells.

Berlene
http://www.mindspring.com/~bkherren/dobes/index.htm
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.