/usr/bin/toolbox should be added to /etc/shells #1523
Comments
I don't think such an odd/complicated script like toolbox should be allowed by unprivileged chsh and in /etc/shells by default. Instead of chsh privilaged usermod should work though: But there is still the issue of /etc/shells, there is a PAM check for that too. This has come up before and I thought we had removed |
My original problem was I wanted to do this in ignition with the core user but according to the spec it only works with new users. I imagine it works with cloud-config but haven't tested it. Running a command interactively is obviously less than ideal when the cluster provisions itself fully otherwise. Although after using it on a few systems as the default shell I'm not sure I like not having a way to escape the toolbox and get back to a bash prompt on the host. I'm still undecided if I like it, but I do think it should be an option. Whether that's via /etc/shells or PAM doesn't matter to me. |
We have removed the PAM module that was blocking logins with user shells not listed in |
Issue Report
Bug
CoreOS Version
Environment
What hardware/cloud provider/hypervisor is being used to run CoreOS? Any
Expected Behavior
I should be able to change the core user shell with
chsh -s /usr/bin/toolbox
Actual Behavior
I get the error
chsh: /usr/bin/toolbox is an invalid shell
Reproduction Steps
chsh -s /usr/bin/toolbox
Other Information
You can set the shell by manually editing /etc/passwd but that's not ideal because it's harder to script or include in ignition.
Feature Request
Please add /usr/bin/toolbox to /etc/shells
The text was updated successfully, but these errors were encountered: