I'd like to set specific shell for group of users only in 1 host. In my environment already installed FreeIpa. In FreeIpa I can change shell for all my hosts, it is not my requirement.
Asked
Active
Viewed 320 times
1 Answers
0
You can set up an ID View inside FreeIPA for the host. Unfortunately, ID Views are tied to individual users, and there is no way to apply a view to multiple users based on a group membership, so you will have to set up a separate entry in the view for each individual user.
# ipa idview-add my_view
------------------------------------------
Added ID View "my_view"
------------------------------------------
ID View Name: my_view
# ipa idview-apply my_view --hosts=myhost.example.foo
--------------------------------------------
Applied ID View "my_view"
--------------------------------------------
hosts: myhost.example.foo
---------------------------------------------
Number of hosts the ID View was applied to: 1
---------------------------------------------
# ipa idoverrideuser-add my_view some_user --shell=/bin/zsh
-------------------------------
Added User ID override "some_user"
-------------------------------
Anchor to override: some_user
Login shell: /bin/zsh
Note that if the host does not already have a view applied to it, you will need to restart sssd after creating it, as sssd only checks for the presence of a view on startup.
James Sneeringer
- 6,755
- 23
- 27