Home » Which amongst the given option is TRUE about login shell? [closed]

Which amongst the given option is TRUE about login shell? [closed]


The kernel doesn’t know anything about users other than their numerical ID as a tag on certain things (processes, files). It doesn’t have a notion of “log in”, that happens in user land.

The program that handles the login process (login on a text mode console, a display manager on a graphical console, a daemon such as sshd or telnetd for remote logins, etc.) first authenticates the user and performs other tasks. PAM is often used; it has many capabilities related to authentication, logging, user databases, etc. The last step of the login process (when successful), after the program has switched from running as root to running as the desired user, is to invoke the login shell.

The login shell is determined from the user account database. There are several types of user databases; the most common ones are /etc/passwd (or, rarely, some other file configured through NSS), which is a simple text file found on the local machine, and NIS and LDAP which are networked databases used on networks where accounts can be used from multiple machines.

Users can change their shell with the chsh command for local accounts, with ypchsh for NIS accounts, or with chsh.ldap for LDAP accounts. In some places, the chsh command is set up to work with whatever account database type is in use. Users are only allowed to switch between shells that are listed in the file /etc/shells; this is both a security measure (users whose shell isn’t listed are presumed to have restricted accounts and can’t change) and a safety measure (changing to a non-existent or restricted shell could effectively lock the account). The administrator can change any account’s login shell by running the chsh command or by editing the database directly.

On a normally-configured system, useful shell programs will be listed in /etc/shells and those programs will work. (1) is technically true because the login shell can vary (the user or administrator can call chsh at any time) even if it normally doesn’t, and of course launching any program involves having the kernel load the program file and will fail if the file doesn’t exist or is corrupted.

The login program runs the login shell with argument 0 set to the program name with a dash - before the name. For example, if the login shell is /bin/bash (the full path is necessary, no lookup in $PATH is performed), then argument 0 will be -bash. Argument 0 is normally the program name; the extra dash tells the shell to act as a login shell. Login shells run extra files on startup, e.g. /etc/profile and ~/.profile; see Difference between Login Shell and Non-Login Shell? for more details about this part.

This multiple-choice exam isn’t well-designed because each option could be construed as true.

(1): it is indeed the case that the login shell is determined each time the user logs in. It is also true that the kernel decides on whether the shell is available during the login process. So technically (1) is true (and technical correctness is the best form of correctness, right?). But (1) is very misleading because the kernel doesn’t decide what the login shell is as such, it doesn’t even have a concept of login or shell.

(2) is not true in general since it is possible for different users to have different login shells. However there are setups where for a reason or another all users have the same shell — for example, heterogeneous networks where accounts are shared between machines and the only shell that is guaranteed to be available everywhere is /bin/sh.

(3) is probably the intended answer, because /etc/passwd is one place where the login shell can be configured by the administrator. However /etc/passwd should not be edited directly, but via the vipw command or via a command such as chsh. Furthermore, non-local accounts aren’t stored in /etc/passwd.

Lets check some facts:

  1. Test it. echo $SHELL. Now logout and login again. echo $SHELL. Rinse, wash, repeat. Same answer every time.

  2. The login shell is derived from the contents of /etc/passwd for all users. The value set in that file will be the value of the login shell for each user on the system. It is is possible for a user to run another shell, but it will not be their login shell without the value being set in /etc/passwd.

    You can verify this by trying the command from various shells that you run manually:

    bash -c "get-shell"
    sh   -c "get-shell"
    zsh  -c "get-shell"

    All of these commands will give you the same output no matter which shell you run them under because the value for the login shell is not determined by what shell the user chooses to run but the one set for them in /etc/passwd.

    Note if your system does not have get-shell you can substitute getent passwd $(whoami) | cut -d: -f7 inside the commands above to determine the user login shell.

  3. This would depend heavily on the knowledge level of the administrator. Editing the /etc/passwd file requires knowledge of how to launch a text editor as root and the dexterity not to mess up even a single character in the file. While a ninja might pull this off, an administrator who reads man chsh would see that is the program to adjust login shells:

    chsh is used to change your login shell

  4. If at least one of the answers above is true, this must be false.

Related Solutions

How can I pass a command line argument into a shell script?

The shell command and any arguments to that command appear as numbered shell variables: $0 has the string value of the command itself, something like script, ./script, /home/user/bin/script or whatever. Any arguments appear as "$1", "$2", "$3" and so on. The...

What is pointer to string in C?

argv is an array of pointers pointing to zero terminated c-strings. I painted the following pretty picture to help you visualize something about the pointers. And here is a code example that shows you how an operating system would pass arguments to your...

How do I change the name of my Android device?

To change the hostname (device name) you have to use the terminal (as root): For Eclair (2.1): echo MYNAME > /proc/sys/kernel/hostname For Froyo (2.2): (works also on most 2.3) setprop net.hostname MYNAME Then restart your wi-fi. To see the change, type...

How does reverse SSH tunneling work?

I love explaining this kind of thing through visualization. 🙂 Think of your SSH connections as tubes. Big tubes. Normally, you'll reach through these tubes to run a shell on a remote computer. The shell runs in a virtual terminal (tty). But you know this part...

Difference between database vs user vs schema

In Oracle, users and schemas are essentially the same thing. You can consider that a user is the account you use to connect to a database, and a schema is the set of objects (tables, views, etc.) that belong to that account. See this post on Stack Overflow:...

What’s the output of this code written in java?

//if you're using Eclipse, press ctrl-shift-f to "beautify" your code and make it easier to read int arr[] = new int[3]; //create a new array containing 3 elements for (int i = 0; i < 3; i++) { arr[i] = i;//assign each successive value of i to an entry in...

How safe are password managers like LastPass?

We should distinguish between offline password managers (like Password Safe) and online password managers (like LastPass). Offline password managers carry relatively little risk. It is true that the saved passwords are a single point of failure. But then, your...

Can anyone tell me why this program go to infinite times?

while (i <= 2) { while (i > 0) { a = a + b; i--; <- out the inner while loop when i = 0 } printf("%d", a); i++; <- at here, the i==0 each time, so infinity loop } Because your nested loop always restores the value of i to 0, And 0 <= 2 is always...

How to conditionally do something if a command succeeded or failed

How to conditionally do something if a command succeeded or failed That's exactly what bash's if statement does: if command ; then echo "Command succeeded" else echo "Command failed" fi Adding information from comments: you don't need to use the [ ... ] syntax...

How to turn JSON array into Postgres array?

Postgres 9.4 or newer Obviously inspired by this post, Postgres 9.4 added the missing function(s): Thanks to Laurence Rowe for the patch and Andrew Dunstan for committing! json_array_elements_text(json) jsonb_array_elements_text(jsonb) To unnest the JSON array....

Implementing a 2D destructible landscape (like Worms)

I don't know how the landscape in worms was implemented exactly, but I'm pretty sure they used a bitmap for the landscape (at least in the older games of the series). A very basic approach would be a bitmap image (B/W) where black pixels represent air and white...

Huge procedurally generated ‘wilderness’ worlds

I think I better understand what you are asking now. Noise is not random - it's random-looking but is completely based on a mathematical formula and is repeatable. All the information is encoded in the formula. This means that you can have a formula that...

How does one prevent homing missiles from orbiting their targets?

First of all, you should make all calculations about what acceleration to apply in the missile's frame of reference (that's where the missile is stationary and everything else moves around it, also often called "object coordinates" or "local coordinates" in...

Is UDP still better than TCP for data-heavy realtime games?

No, UDP is still superior in terms of performance latency, and will always be faster, because of the philosophy of the 2 protocols - assuming your communication data was designed with UDP or any other lossy communication in mind. TCP creates an abstraction in...