La commande 'chsh' permet de modifier le langage de commande utilisé par un utilisateur ou l'utilisateur courant.
Sans argument, la commande vous liste les shells disponibles et vous demande si vous souhaitez le modifier.
Dans l'affirmative, vous devez alors saisir le nom absolu du Shell de la liste proposé.
Il est également possible de passer directement le Shell et le nom d'utilisateur à changer sur la même ligne de commandes.
Exemple :
# chsh user5 /usr/bin/ksh
pour changer le Shell de l'utilisateur 'user5'.
chsh Command
Purpose
Changes a user's login shell.
Syntax
chsh [ -R load_module ] [ Name [ Shell ] ]
Description
The chsh command changes a user's login shell attribute. The shell attribute defines the initial program that runs after a user logs in to the system. This attribute is specified in the /etc/passwd file. By default, the chsh command changes the login shell for the user who gives the command.
The chsh command is interactive. When you run the chsh command, the system displays a list of the available shells and the current value of the shell attribute. Then, the system prompts you to change the shell. You must enter the full path name of an available shell.
If you have execute permission for the chuser command, you can change the login shell for another user. To change the login shell for another user, specify a Name parameter. Valid shells are defined in the usw stanza of the /etc/security/login.cfg file. The default list of valid shells is: /usr/bin/ksh, /usr/bin/sh, /usr/bin/bsh, /usr/bin/csh but your system manager may have defined more.
For users that are created with an alternate Identification and Authentication (I&A) mechanism, the -R flag can be used to specify the I&A load module used to create the user. Load modules are defined in the /usr/lib/security/methods.cfg file.
Flag
| Item | Description |
|---|---|
| -R load_module | Specifies the loadable I&A module used to change the user's shell. |
Exit Status
| Item | Description |
|---|---|
| 0 | The command runs successfully and all requested changes are made. |
| >0 | An error occurred. The printed error message gives further details about the type of failure. |
Security
Access Control
All users should have execute (x) access to this command since the program enforces its own access policy. This command should be installed as a program in the trusted computing base (TCB). The command should be owned by the security group with the setgid (SGID) bit set.
Files Accessed
| Mode | File |
|---|---|
| x | /usr/bin/chuser |
| r | /etc/security/login.cfg |
| rw | /etc/passwd |
Attention RBAC users and Trusted AIX® users: This command can perform privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in Security. For a list of privileges and the authorizations associated with this command, see the lssecattr command or the getcmdattr subcommand.
Limitations
Changing a user's shell may not be supported by all loadable I&A modules. If the loadable I&A module does not support changing a user's shell, an error is reported.
Examples
- To change the shell that runs after you log in to the system, type:
Information similar to the following appears:chsh
Indicate that a change should be made by enteringyafter the change(y/n)?prompt. Then, add the name of the shell you want when theto?prompt appears, as in the following example:current available shells: /usr/bin/sh /usr/bin/bsh /usr/bin/csh /usr/bin/ksh: current login shell: /usr/bin/ksh change (y/n)? >
The next time you log in, the /usr/bin/csh shell appears.change (y/n)? > y to? > /usr/bin/csh - To change the shell to/usr/bin/kshforkim, type:
chsh kim /usr/bin/ksh - To change the shell for LDAP I&A load module defined userdavis, type:
chsh -R LDAP davis
Files
| Item | Description |
|---|---|
| /usr/bin/chsh | Specifies the path to the chsh command. |
| /usr/bin/chuser | Changes user information. |
| /etc/passwd | Contains the basic user attributes. |
| /etc/security/login.cfg | Contains login configuration information. |
