Since 4.2BSD, Berkeley UNIX systems have restricted chsh (or a command like it) to change your login shell only to a shell that's listed in the file /etc/shells. That's partly a safety feature, like requiring you to type your old password before you can change to a new one: it keeps other people from giving you a strange login shell as a joke. It's also for security - a way for the system administrator to give a list of shells that are robust enough to run peoples' accounts.
The usual "approved" shells are the Bourne and C shells. If you want to use another shell as your login shell and your system has /etc/shells, ask the system administrator to add your shell. The shell will need to be stored in a secure system directory to make it harder for system crackers to corrupt the shell.
If the system administrator won't approve your login shell, here's a work-around. It lets you log in with an approved shell, then automatically replace the shell with whatever you want. (For background, see article 51.9.)
If your login shell isn't C shell, use chsh or a command like it to change it to the C shell.
If your new shell will be bash, you can skip this step. Otherwise:
In your home directory, make a
this makes the shell
For example, to make a symbolic link in your home directory named
-ksh to the shell /usr/local/bin/ksh, type this command:
Add lines to the top of thefile that replace the csh process with your login shell. (The command replaces a process.)
If you use a Bourne-type shell that reads the .profile file at login time, use lines like these:
# OVERRIDE DEFAULT LOGIN C SHELL TO USE ksh. setenv SHELL /usr/local/bin/ksh # IF $TERM SET (BY login OR rlogin), START LOGIN SHELL. # UNFORTUNATELY, THIS MAKES su USE A LOGIN SHELL TOO. if ($?TERM) then cd exec -ksh # USE "LOGIN SHELL" SYMLINK IN $HOME else exec $SHELL endif echo "******** WARNING: exec ksh FAILED ********"
If your new login shell will be bash, you can replace the line
exec -ksh above with:
exec $SHELL -login
because bash has a -login option that tells it to act like a login shell. Simple, eh?
# OVERRIDE DEFAULT LOGIN C SHELL TO USE tcsh. if (! $?SH_EXECD) then setenv SH_EXECD yes setenv SHELL /usr/local/bin/tcsh # IF $TERM SET (BY login OR rlogin), START LOGIN SHELL. # USE switch, NOT if, DUE TO csh BUG WITH IMBEDDED else. # UNFORTUNATELY, THIS MAKES su USE A LOGIN SHELL TOO. switch ($?TERM) case 1: cd exec -tcsh # USE "LOGIN SHELL" SYMLINK IN $HOME breaksw default: exec $SHELL # USE NON-LOGIN SHELL breaksw endsw echo "******** WARNING: exec tcsh FAILED ********" endif
The C shell may not find your new shell (
unless you have the current directory (
.) in your
(put it at the end of your path!).
You may also be able to use an
to the new shell, but that could hide the leading
minus sign (
-) and the shell might not act like a login shell.
Is there a chance that your new shell might be missing some day? For instance, is it on a network filesystem that might be unavailable? Then it's a good idea to wrap the new code above with a test:
Test your new setup:
Type a command that will work only in your new shell (not in a C shell).
to be sure your new shell startup files work.
You're set to go.
If your login shell isn't listed in /etc/shells, the (actually, the ftpd ) may refuse to transfer files to your account. That's partly to stop ftp access to your system through special accounts that don't have passwords, like sync, who, finger, and so on. If you use the workaround steps above, though, that shouldn't be a problem; you'll have an approved shell listed in /etc/passwd and ftp usually doesn't run your login shell, anyway.program