Linux: neither chsh nor ypchsh is working, can I change my shell?
I'm an old-school Unix guy, so my Linux skills are probably slightly out-dated. But this seems like it should be simple enough.
On a Red Hat Linux system where I do not have root (it is administered by the company IT department), I want to be able to change my login shell. Running chsh gives me:
$ chsh -s /bin/bash
chsh: can only change local entries; use ypchsh instead.
So, I ran ypchsh instead:
$ ypchsh userid
ypchsh: can't find the master ypserver: Internal NIS error
What gives? Anyone have any other ideas?
NIS:
ypchsh
-
LDAP:
$ ldapmodify <<EOF dn: YOUR_DN changetype: modify replace: loginShell loginShell: /bin/bash - EOF
(YOUR_DN might be in the form
uid=$USER,ou=people,dc=example,dc=org
; tryldapwhoami
to see) Hesiod: Ask system administrator.
Active Directory: Ask system administrator.
I have used one workaround to change my shell at login.
I have just put bash
which is used to change the shell in my .profile
file.
You can find .profile
in the user's home directory – use ls -la
to see it.
Your .profile
file may have something like this:
PATH=/usr/bin
export PATH
#Add this to go bash at login
bash
#end
So the real answer in my case is that the system admins (IT) want to lock down the standard config, so you have to ask them. But in the processt I discovered some more helpful commands for figuring out your LDAP configuration (if that happens to be how you are configured), just in case your system reports the same SASL error "ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL(-4): no mechanism available:"
List the SASL authentication methods that your system supports:
ldapsearch -x -LLL -s "base" -b "" supportedSASLMechanisms
Results might be something like:
dn:
supportedSASLMechanisms: EXTERNAL
supportedSASLMechanisms: DIGEST-MD5
You can then pass the authentication method to LDAP commands using the -Y option like so:
ldappasswd -Y DIGEST-MD5
ldapmodify -Y DIGEST-MD5
Another solution is to simply override your YP shell:
Add this line to your /etc/passwd
:
+<USERNAME>::::::/bin/bash
Example:
+psalm33::::::/bin/bash
And add the following to your /etc/nsswitch.conf
:
passwd: compat
passwd_compat: nis