Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 701914 - Using 'chsh' to change account does not find my account in /etc/passwd
Summary: Using 'chsh' to change account does not find my account in /etc/passwd
Status: IN_PROGRESS
Alias: None
Product: Gentoo Infrastructure
Classification: Unclassified
Component: Dev box issues (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Infrastructure
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-03 19:18 UTC by Conrad Kostecki
Modified: 2021-12-09 18:42 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Conrad Kostecki gentoo-dev 2019-12-03 19:18:15 UTC 
Documentation states at https://wiki.gentoo.org/wiki/Project:Infrastructure/LDAP_Guide, to use 'chsh' for changing the shell.

When I do try this, if fails, as it can't my account in /etc/passwd.
But normal ssh login works just fine.

conikost@woodpecker ~ $ chsh -s /bin/zsh
chsh: user 'conikost' does not exist in /etc/passwd

Reproducible: Always
Comment 1 Conrad Kostecki gentoo-dev 2019-12-03 19:24:19 UTC 
Changing manually loginShell via perl_ldap says: Insufficient access at /usr/local/bin/perl_ldap line 379. But access level is user according to doc, so in theory, I should be able to.
Comment 2 Conrad Kostecki gentoo-dev 2019-12-03 21:40:56 UTC 
(In reply to Conrad Kostecki from comment #1)
> Changing manually loginShell via perl_ldap says: Insufficient access at
> /usr/local/bin/perl_ldap line 379. But access level is user according to
> doc, so in theory, I should be able to.

That has been fixed and works manually via perl_ldap now.
Comment 3 Conrad Kostecki gentoo-dev 2021-01-31 22:06:47 UTC 
Still an issue.
Comment 4 Conrad Kostecki gentoo-dev 2021-12-08 23:31:46 UTC 
Still fails.
Comment 5 Alec Warner (RETIRED) archtester gentoo-dev Security 2021-12-09 00:56:57 UTC 
(In reply to Conrad Kostecki from comment #4)
> Still fails.

What does?
Comment 6 Conrad Kostecki gentoo-dev 2021-12-09 08:56:37 UTC 
(In reply to Alec Warner from comment #5)
> (In reply to Conrad Kostecki from comment #4)
> > Still fails.
> 
> What does?

See my initial post for output :-)
Comment 7 Alec Warner (RETIRED) archtester gentoo-dev Security 2021-12-09 16:42:49 UTC 
Lets try again:

chsh will never change your shell on d.g.o or other machines where we use LDAP for NSS; because chsh doesn't know how to edit LDAP.

perl_ldap should work to change your shell.

if perl_ldap doens't work, please provide output so we can fix it.

You wrote in comment #2 that it did work; so I am left slightly confused.

-A
Comment 8 Conrad Kostecki gentoo-dev 2021-12-09 18:42:52 UTC 
(In reply to Alec Warner from comment #7)
> chsh will never change your shell on d.g.o or other machines where we use
> LDAP for NSS; because chsh doesn't know how to edit LDAP.

Well, maybe I did completly missunderstood something here, but https://wiki.gentoo.org/wiki/Project:Infrastructure/LDAP_Guide speaks about chsh for shell change. If you say, that this is not intended for ldap users, then we can close this here, as perl_ldap works fine. But maybe docs should be updated?

> You wrote in comment #2 that it did work; so I am left slightly confused.

Yes, this was, back then, suggested as an alternative, while I was asked to fill a ticket for chsh.