Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> General >> Sys Admin Best Practices

useradd /sbin/noshell shell

I would like to define an account for sftp use only. I am trying to define the account using /sbin/noshell as the shell. But useradd fails with messge:

UX: useradd: ERROR: /sbin/noshell is not a valid shell. Choose another.

I created /sbin/noshell according to section 8.2 Assign noshell for system accounts (pg 70 Gudie to the Secure Configuration of Solaris 9 - Version 1.0) and added it to the end of /etc/shells.

I'm using the following syntax for useradd: (where $shell="/sbin/noshell")

useradd -u $uid -g $gid -d /export/home/$user -s $shell $user

ls -l /sbin/noshell returns:

-rwxr--r--1 rootroot 228 Apr 13 15:12 /sbin/noshell

Thanks,

Glen

[703 byte] By [sysglena] at [2007-11-27 1:00:58]
«« apt ant task suceeded but did not generate wrapper java/classes
»» Java Certification and Mgmt
# 1

The manpage of useradd states that:

"The value of shell must be a valid executable file."

Since your /sbin/noshell only is executable for the root user, its possible that useradd rejects it as a valid shell.

Try to change the rights of the file and try again (aka: chmod +x /sbin/noshell)

hth

.7/M.

mAbrantea at 2007-7-11 23:35:45 > top of Java-index,General,Sys Admin Best Practices...
# 2
Thanks for the reply. I did try chmod but that did not help. I'm giving up on noshell. Apparently it does not work.Glen
sysglena at 2007-7-11 23:35:45 > top of Java-index,General,Sys Admin Best Practices...
# 3
Did you try to add '/sbin/noshell' into /etc/shells?
davistai@gmail.coma at 2007-7-11 23:35:45 > top of Java-index,General,Sys Admin Best Practices...
# 4
Hi sysglen,try -s /bin/false and your user will be created with no shellwbr Hans
hseidla at 2007-7-11 23:35:45 > top of Java-index,General,Sys Admin Best Practices...
# 5
... or just add the new user with any shell, then edit /etc/passwd.
Codename47a at 2007-7-11 23:35:45 > top of Java-index,General,Sys Admin Best Practices...
# 6

When you use scp, you connecting to machine by ssh and there is executed command

$shell -c /usr/bin/sftp

so you need some shell, which get argument of -c option and then run it. For example make this script

cat /usr/local/bin/scponlyshell

#!/bin/sh

$2

and then make it user's shell. I tried it on solaris 10 and it works as expected.

jhajasa at 2007-7-11 23:35:45 > top of Java-index,General,Sys Admin Best Practices...
# 7
Did the last piece of advise work as i am having the same problem.If not, have you found a resolution.
UnixSTa at 2007-7-11 23:35:45 > top of Java-index,General,Sys Admin Best Practices...
General
Sys Admin Best Practices

General New Topic

General Hot Topic

General

All Classified