HPE Community
Operating System - HP-UX
1833758 Members
2132 Online
110063 Solutions
New Discussion

Problem with chsh under HPUX 11

 
SOLVED
Go to solution
Arnfried Kaiser
New Member

‎02-25-2003 05:18 AM

‎02-25-2003 05:18 AM

Problem with chsh under HPUX 11

Hello,
I can't change the login-shell from /usr/bin/csh to /usr/bin/bash with the "chsh"-command.
Also I can't change the login-shell from /usr/bin/bash to any other shell with the "chsh"-command.
The file "/etc/shells" contains all shells.
The error-message
"Couldn't change passwd/attributes for user" came from /usr/lib/security/libpam_unix.1 .
The patch PHCO_26089 is installed.
Is this an error in PAM ?

Thank you in advance.
0 Kudos
Reply
9 REPLIES 9
Armin Feller
Honored Contributor

‎02-25-2003 05:45 AM

‎02-25-2003 05:45 AM

Re: Problem with chsh under HPUX 11

Please check if you are able to change the users passwds. For me it sounds a little like problems in NIS (passwds).
0 Kudos
Reply
V. Nyga
Honored Contributor

‎02-25-2003 05:47 AM

‎02-25-2003 05:47 AM

Re: Problem with chsh under HPUX 11

Hi,

you could try it with SAM.
Go to 'accounts for users ..'
then 'users' and try to modify
shell.

Regards
Volkmar
*** Say 'Thanks' with Kudos ***
0 Kudos
Reply
Arnfried Kaiser
New Member

‎02-25-2003 07:45 AM

‎02-25-2003 07:45 AM

Re: Problem with chsh under HPUX 11

Our users must be able to change the login-shell, therfore I can't use the SAM.

To change the password is able.

Also change the login-shell from any login-shell to any login-shell is able so long as the is shell is not the bash but the shell is sh or ksh or csh.
0 Kudos
Reply
doug hosking
Esteemed Contributor

‎02-28-2003 12:38 AM

‎02-28-2003 12:38 AM

Solution

Re: Problem with chsh under HPUX 11

Are you by chance running on an NIS client?
If so, what about /etc/shells on the server?

Also, is the path an exact match?
For example, /bin/csh and /usr/bin/csh resolve to the same file but the validation routines aren't always smart enough to figure that out.
Reply
U.SivaKumar_2
Honored Contributor

‎02-28-2003 12:54 AM

‎02-28-2003 12:54 AM

Re: Problem with chsh under HPUX 11

Hi,

Do this as root.

#chmod u+s /usr/bin/chsh

And try again

regards,

U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
doug hosking
Esteemed Contributor

‎02-28-2003 01:49 AM

‎02-28-2003 01:49 AM

Re: Problem with chsh under HPUX 11

I'd be surprised if this is a permissions problem. On versions of HP-UX that support PAMified chsh, /usr/bin/chsh and /usr/bin/passwd should be hard links to each other. Given that the passwd binary would have to be setuid in order for a non-privileged user to run it, and that they can apparently change passwords on the system in question, that would imply that chsh is also properly setuid, unless someone broke the hard link somehow.
0 Kudos
Reply
Arnfried Kaiser
New Member

‎03-03-2003 01:44 AM

‎03-03-2003 01:44 AM

Re: Problem with chsh under HPUX 11

Hi ,
thanks for the help and support!

The file "/etc/shells" on the NIS-server - that's the solution !
(The bash isn't installed on our NIS-server hence it is absent in this file.)

But I'm disconcerted:

"shells" is NOT a NIS-file and the NIS-server needs not to be a NIS-client.
Therefore I'm surprised, that the "chsh"-command on the NIS-client checks the "shells"-file on the NIS-server.
Is this wrong?
I think : yes. Then I'd think the login-shell-field in the passwd-file works as the home-dir-field - the home-dir of an user must not exist on the NIS-server so long as it exists on the NIS-client-host where the user is logging on.
0 Kudos
Reply
Ralf Buchhold
Regular Advisor

‎06-22-2004 11:48 PM

‎06-22-2004 11:48 PM

Re: Problem with chsh under HPUX 11

Hello
I have the same problem.
but what is:

/etc/shell

what do you write to the file ?

Thanks
Ralf
0 Kudos
Reply
Lethuillier
Frequent Advisor

‎06-23-2004 04:41 AM

‎06-23-2004 04:41 AM

Re: Problem with chsh under HPUX 11

The /etc/shells file contains a list of login shells on the system. Applications use this file to determine whether a shell is valid. For each shell, a single line should be present, consisting of the shell's path, relative to root.

To see the legal shells for your system run 'man getusershell'.

This file is consulted by chsh to determine whether a normal user may change the login shell for her own account. If the command name is not listed, the user will be denied of change.

It is a requirement for applications such as FTP daemons which traditionally disallow access to users with shells not included in this file.

All shells referred to in /etc/passwd or in the NIS passwd map should be valid shells or links on this system and be listed in /etc/shells.

Il faut avoir la foi et non les foies - Il faut avoir la forme et non les formes - Il faut faire la paix et non des pets
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.