Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Different login shells in LDAP
Top Forums UNIX for Advanced & Expert Users Different login shells in LDAP Post 302382807 by nabramovitz on Friday 25th of December 2009 07:10:50 PM
Old 12-25-2009
We are also going the route of a single home directory and a single login shell for our AIX/HPUX/Solaris/SuSE/Redhat across i686, ia64, powerpc, sparc hardware boxes but we are using NIS instead of LDAP.

How are your user profile files ($HOME/.profile/.login/.cshrc, etc, etc) being designed so your users can start their shell of choice?

How are you planning handle the user's private bin directories?,

How are you going to handle the issue the user wants unique home directories verses having a common home directory for all machines?

How are you handling shell variables defined by the LDAP login shell that do not belong to the user's defined shell that have been exported?

How are you handling the shell command history file?

How are you handling programs that look in the user's HOME directory for startup files?

Do you know if the .Xauthority file can be shared across all your environments?


I started working this issue by having the initial user profile define variables for hostname, ostype, platform and osversion.

From these values the code decides which shell to run.

I also use these values to make shell variables unique to the level the user wants such as the HISTFILE and HOME variables.

I needed to create small c programs that would call the proper shell as a login shell to allow the proper shell initialization to occur. Also the profile file needed to call these c programs using the exec builtin to replace the original shell. The c program also adds a shell variable to deal with the recursion issue since the user's profile will be called a second time.

A function was written for adding to PATH style variables to avoid adding the same directory twice.

Figuring out which shell variables that need to be removed from the environment is a work in progress.

I have not worked the BSD C shell issues yet but expect that I will need to use the source command to separate Bourne shell style syntax away from the BSD C shell style syntax.

Have you considered using the Korn shell for the all platforms as your LDAP login shell? At least for us either the ATT version the PD version exists on our servers.

What other issues do you know of we might run into?
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Shells

I have came across the definitions of these shells korn bourne c etc .. but honestly till now i din't get the exact difference between these threes , the advantages ..... can anyone pinpoint me where it actually lies ..... don;t include me answers like aliasing in c is posible and not in bourne ..... (3 Replies)
Discussion started by: dino_leix
3 Replies

2. Web Development

APACHE: Tie in Web Page login with server login

Hello, I have created a web page on a server using apache and added .htaccess and .htpasswd in the folder for authentification. I was wondering if there was anyway to tie-in the login for this page with the login used to logon to the server. i.e. the same login info. is used for both,... (2 Replies)
Discussion started by: WhotheWhat
2 Replies

3. UNIX for Advanced & Expert Users

why we have different shells?

Can you pls. tell me, why we have different shells in UNIX OS ( Eg. SunOs) and also I would like to know what is the specific difference b/w SVR and BSD ? Thanks. (2 Replies)
Discussion started by: shahnazurs
2 Replies

4. UNIX for Advanced & Expert Users

something like LDAP Administrator 2011.1 "LDAP-SQL" but for the CLI

Hi I am searching a tool like "LDAP Administrator 2011.1"/ "LDAP-SQL" but for the CLI. Wish to use LDAP-SQL in scripts (non Windows GUI environment) http://ldapadministrator.com/resources/english/2011.1/images/sqlquery_large.png Softerra LDAP Administrator 2011.1 - What's New OS is... (2 Replies)
Discussion started by: slashdotweenie
2 Replies

5. Red Hat

How to cache login in ldap clients !!! Please helpppp !!!!

Hey guys iīve one big problem with nscd.conf this donīt work i tried many examples of configuration the nscd.conf simply donīt work when i stop the ldap server i try access by ssh on the client i canīt make logon. And the database on /var/db/nscd donīt work. follows below the conf of... (0 Replies)
Discussion started by: paulo_eduardo
0 Replies

6. UNIX for Dummies Questions & Answers

Shells

Lets say my default shell is bash and then i load up csh and then ksh. How would i exit csh without exiting ksh? so basically i gone from bash > csh > ksh and i wish to close csh (2 Replies)
Discussion started by: Bill Thompson
2 Replies

7. OS X (Apple)

Where does OS X store LDAP and login settings?

I'm writing scripts to check for compliance with the DISA STIG. Several items refer to manually click-click-clicking to verify settings regarding LDAP or accounts like guest account disabled, "Allow Guests to connect to shared folders", "Display login window as:", "Show input menu in login... (7 Replies)
Discussion started by: jnojr
7 Replies

8. UNIX for Dummies Questions & Answers

Please what are shells?

I mean like this: http://shells.red-pill.eu/ Can anyone explain how this works? I hope my post is not spam. I think its related to linux. Thank you (1 Reply)
Discussion started by: postcd
1 Replies

9. UNIX for Advanced & Expert Users

Can adding to a new group be effective in current login environment without re-login?

Hey folks, When a user is added to a new group, the user has to be log out and log in again to make the new group effective. Is there any system command or technique to refresh user group ID update without re-login? I am not talking about to use "login" or "su -l" commands which can only make... (2 Replies)
Discussion started by: hce
2 Replies

10. Solaris

LDAP Client not connecting to LDAP server

I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful. The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)
Discussion started by: solaris_1977
9 Replies

LEARN ABOUT OPENDARWIN

su

SU(1)							    BSD General Commands Manual 						     SU(1)

NAME

     su -- substitute user identity

SYNOPSIS

     su [-flm] [login] [-c shell arguments]

DESCRIPTION

     su requests the password for login and switches to that user and group ID after obtaining proper authentication.  A shell is then executed,
     and any additional shell arguments after the login name are passed to the shell.  If su is executed by root, no password is requested and a
     shell with the appropriate user ID is executed.

     The options are as follows:

     -c      Invoke the following command in a subshell as the specified user.

     -f      If the invoked shell is csh(1), this option prevents it from reading the ``.cshrc'' file.

     -l      Simulate a full login.  The environment is discarded except for HOME, SHELL, PATH, TERM, and USER.  HOME and SHELL are modified as
	     above.  USER is set to the target login.  PATH is set to ``/bin:/usr/bin''.  TERM is imported from your current environment.  The
	     invoked shell is the target login's, and su will change directory to the target login's home directory.  This option is identical to
	     just passing "-", as in "su -".

     -m      Leave the environment unmodified.	The invoked shell is your login shell, and no directory changes are made.  As a security precau-
	     tion, if the target user's shell is a non-standard shell (as defined by getusershell(3)) and the caller's real uid is non-zero, su
	     will fail.

     The -l and -m options are mutually exclusive; the last one specified overrides any previous ones.

     Only users in group ``wheel'' (normally gid 0) or group ``admin'' (normally gid 20) can su to ``root''.

     By default (unless the prompt is reset by a startup file) the super-user prompt is set to ``#'' to remind one of its awesome power.

SEE ALSO

     csh(1), login(1), sh(1), skey(1), kinit(1), kerberos(1), passwd(5), group(5), environ(7)

ENVIRONMENT

     Environment variables used by su :

     HOME  Default home directory of real user ID unless modified as specified above.

     PATH  Default search path of real user ID unless modified as specified above.

     TERM  Provides terminal type which may be retained for the substituted user ID.

     USER  The user ID is always the effective ID (the target user ID) after an su unless the user ID is 0 (root).

HISTORY

     A su command appeared in Version 7 AT&T UNIX.

BSD
								  April 18, 1994							       BSD
All times are GMT -4. The time now is 07:08 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy