19

I use a samba4 domain account to log in on my laptop. I wanted to try zsh out, but since my user doesn't reside in /etc/passwd I found that chsh can't find my user. Can anyone advise how I can change my login_shell?

I couldn't see anything in my ldap.conf, nssswitch.conf or anything in /etc/pam.d that helped...

Looking on the domain controller I thought maybe I could use samba-tool, but I saw nothing in help that pointed me in the right direction...

7ochem
  • 280
  • 1
  • 3
  • 12
Rumbles
  • 915
  • 1
  • 12
  • 27

3 Answers3

29

I asked about this in the #suse channel on Freenode, and Miuku suggested the same as Arul, however, he mentioned two things, if I were using a Windows domain I could set the loginShell attribute.

Sadly, I'm on a samba domain, so that didn't help. But his final suggestion was perfect, get the output of:

getent passwd USERNAME

This will have the valid entry equivalent for your user in /etc/passwd, take this, paste it in to /etc/passwd and update the shell at the end for the valid path of the shell you want to use. This way it doesn't change it for all users, and you can make sure that shell is on the machine you're configuring this on before making the change.

Rumbles
  • 915
  • 1
  • 12
  • 27
  • If you don't want to copy and paste, you can use: `getent passwd \`id -un\` | sudo tee -a /etc/passwd`. Not sure if it works in all shells but at least bash and tcsh are ok. – Tom Saleeba Feb 21 '18 at 04:07
  • Doing this on a RHEL 7 box connected to a Windows AD domain caused me to be locked out of the server until the line was removed from the /etc/passwd file... – Taegost Dec 20 '18 at 21:38
  • Thanks for the info @Taegost, I hadn't tried on RHEL – Rumbles Dec 24 '18 at 11:52
  • 1
    This works if you change the `*` to `x`. `*` is interpreted as an account lockout, so you'll never be able to login. `x` allows authentication. See [this stackexchange link](https://unix.stackexchange.com/a/219264/105087) for more info. – Cory Ringdahl Mar 05 '21 at 15:58
  • I needed `*` on my system (Ubuntu 20.04) and `x` didn't work. From `man passwd`: > If the password field is a lower-case “x”, then the encrypted password is actually stored in the shadow(5) file instead; there must be a corresponding line in the /etc/shadow file, or else the user account is invalid. > If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means) – iliis Jul 08 '22 at 10:02
7

I had exactly the same issue. Since not all machines in my domain have zsh installed, and since I did not want to affect all users, I ended up putting in my .bashrc:

if [ -x /usr/bin/zsh ]; then
  echo 'starting zsh'
  # export SHELL=/bin/zsh #edit: this is probably not what you want, see the comment.
  exec /usr/bin/zsh
fi

This might be inelegant, but at least it gets the job done.

Tripp Kinetics
  • 115
  • 9
Matteo Giani
  • 93
  • 2
  • 10
  • Someone at my work was doing something similar recently, he had issues with his method not loading the .zshrc file. I don't know if your method would work in that respect, have you tried it? Also, your SHELL variable isn't the same as the path to your zsh bin, is that correct? I changed their config to my method of setting it in the passwd file – Rumbles Feb 15 '18 at 10:18
  • Interesting - my .zshrc is correctly read. about your second point, thanks for brining it up, it was a mistake from my side. See here for an answer: https://unix.stackexchange.com/questions/330233/why-is-echo-shell-always-showing-bin-bash – Matteo Giani Feb 15 '18 at 13:07
  • Well it's definately one way of doing it, I still prefer to set it in the /etc/passwd file as with my accepted answer as you don't invoke bash then load zsh with bash (plus I guess if you press ctrl-D in your setup you are dropped to a bash shell?) - It does require the user to ensure you have zsh installed and for an admin to make the change – Rumbles Feb 15 '18 at 13:21
  • Wouldn't it be better, instead of using `/usr/bin/zsh`, to instead use `exec /usr/bin/zsh` to replace the `bash` shell process with the `zsh` shell process? – Tripp Kinetics Aug 27 '18 at 21:06
  • I think you may be right @TrippKinetics. – Matteo Giani Aug 31 '18 at 10:53
  • This approach has the unfortunate side effect of rendering remote commands useless. E.g. `ssh host command` will now always block forever. Where another solution is not possible, I would do the same thing, but in `~/.bash_profile` so it only impacts interactive shells. – dpwrussell Aug 21 '21 at 14:35
2

If you have access to edit the samba domain controller config, you can set the following property that allows you to set the shell in smb.conf

template shell    = /bin/zsh

Not sure what happens if you login to a machine that does not have zsh installed (not all distros have zsh installed by default), but my guess is that it will invoke distro default shell.

If you simply want to try it, just type zsh to get a subshell which I am sure you know that already.

Arul Selvan
  • 1,338
  • 12
  • 11
  • Thanks, but won't that affect all users, not just mine? – Rumbles Nov 15 '15 at 14:14
  • Yes, it is a global parameter that affects all users. In this case, all users who have `zsh` installed. I am not sure you can restrict this to specific user but I would check `idmap uid` parameter which might allow you to do that. – Arul Selvan Nov 15 '15 at 14:56
  • Thanks, but that's not what I'm after. I don't want to change everyone shell, I just want to change my shell. I tried changing this setting in my local smb.conf and after rebooting it had no effect – Rumbles Nov 16 '15 at 09:47