Supporting vendor given -shells- configuration file
This commit is contained in:
Stefan Schubert
committed by
Serge Hallyn
Serge Hallyn
parent
b2d202cb5d
commit
a27d5c51f1
@@ -115,7 +115,7 @@
|
||||
|
||||
<refsect1 id='note'>
|
||||
<title>NOTE</title>
|
||||
<para>
|
||||
<para condition="without_vendordir">
|
||||
The only restriction placed on the login shell is that the command
|
||||
name must be listed in <filename>/etc/shells</filename>, unless the
|
||||
invoker is the superuser, and then any value may be added. An
|
||||
@@ -125,6 +125,25 @@
|
||||
changing to a restricted shell would prevent the user from ever
|
||||
changing her login shell back to its original value.
|
||||
</para>
|
||||
<para condition="with_vendordir">
|
||||
The only restriction placed on the login shell is that the command
|
||||
name must be listed in <filename>/etc/shells</filename>.
|
||||
If this file does not exist, the definitions are taken from the files
|
||||
<filename>%vendordir%/shells</filename>,
|
||||
<filename>%vendordir%/shells.d/*</filename> and
|
||||
<filename>/etc/shells.d/*</filename> in that order.
|
||||
If <filename>/etc/shells.d/@filename@</filename> exists, then
|
||||
<filename>%vendordir%/shells.d/@filename@</filename> will not be used.
|
||||
If the invoker is the superuser any value may be added regardless what is
|
||||
defined in the configuration files.
|
||||
An account with a restricted login shell may not change her login shell.
|
||||
</para>
|
||||
<para>
|
||||
For this reason, placing <filename>/bin/rsh</filename> in
|
||||
<filename>/etc/shells</filename> is discouraged since accidentally
|
||||
changing to a restricted shell would prevent the user from ever
|
||||
changing her login shell back to its original value.
|
||||
</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1 id='configuration' condition="no_pam">
|
||||
@@ -151,9 +170,31 @@
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><filename>/etc/shells</filename></term>
|
||||
<listitem>
|
||||
<listitem condition="without_vendordir">
|
||||
<para>List of valid login shells.</para>
|
||||
</listitem>
|
||||
<listitem condition="with_vendordir">
|
||||
<para>User defined list of valid login shells.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry condition="with_vendordir">
|
||||
<term><filename>%vendordir%/shells</filename></term>
|
||||
<listitem>
|
||||
<para>Default configuration file if
|
||||
<filename>/etc/shells</filename> does not exist.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry condition="with_vendordir">
|
||||
<term><filename>%vendordir%/shells.d</filename></term>
|
||||
<listitem>
|
||||
<para>Directory for additional vendor specific configuration files.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry condition="with_vendordir">
|
||||
<term><filename>/etc/shells.d</filename></term>
|
||||
<listitem>
|
||||
<para>Directory for additional user defined configuration files.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><filename>/etc/login.defs</filename></term>
|
||||
|
||||
Reference in New Issue
Block a user