Fixed : SHELL env variable not red - openldap-technical

7 Dec 2011


      Just to update on that :
I have received this RedHat update notification last night :
Synopsis
openldap bug fix and enhancement update
updated : 06/12/11
Subject
Updated openldap packages that fix number of bugs and add various enhancements
are now available for Red Hat Enterprise Linux 6.
Description
...
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.2_Techn...
I updated and the loginShell variable is now properly used over authentication
( with no change on my initial configuration).
I also see that many TLS issues that I have faced in the passed seem to have
been fixed : I'm going to check that.
Best,
---
olivier
On Thu, Dec 1, 2011 at 3:00 PM, Olivier ldap@guillard.nom.fr wrote:
...
Hello,
I have configured nss/pam on a REDHAT6 box to authenticate users
against an ldap : it works but I have a problem with getting my favorite
user shell when I log in.
The "loginShell" shell attribute sounds to not been used to provide users
with their favorite shell when they log in : may be I misunderstood the
usage of this "posixAccount" attribute ?
Thanks for your help, see below for additional indications :
$ ssh olivier@redhatbox.example.fr
olivier@redhatbox.example.fr's password:  < MY LDAP PASSWORD>
RHN Satellite kickstart on 2011-06-16
#####################
 #  redhatbox.example.fr #
 #                                  #
 #           Hello               #
 #####################
sh-4.1$ grep olivier /etc/passwd
           <returns nothing (no local entry for olivier)>
-sh-4.1$ pwd
/home/olivier  (my home directory found in ldap)
-sh-4.1$ env | grep -i shell
SHELL=/bin/sh  ( my shell user environnment is not picked in ldap)
sh-4.1$  ldapsearch -D uid=olivier,ou=staff,ou=people,dc=example,dc=fr
-W uid=olivier
Enter LDAP Password: < MY LDAP PASSWORD>
# olivier, staff, people, example.fr
dn: uid=olivier,ou=staff,ou=people,dc=example,dc=fr
cn: Olivier G
gidNumber: 18000
homeDirectory: /home/olivier
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
sn: olivier
uid: olivier
uidNumber: 1000
shadowLastChange: 15282
loginShell: /bin/tcsh
givenName: Olivier
mail: olivier@example.fr
userPassword:: xxxxxxxxxxxxxxxxxxxxxxx
-sh-4.1$ cat /etc/shells
/bin/sh
/bin/bash
/sbin/nologin
/bin/tcsh            (my favorite shell is allowed)
/bin/csh
ANY HELP ???
Thanks

Olivier