ramsey@sundance.llnl.gov (Susanne Ramsey) (11/06/90)
I have a sun 4/330 which I just upgraded to SUNOS 4.1. As we have been de-
bugging we have found that a person who has tcsh as a default shell can not
FTP to that account. Any other shell seems to work just fine.. We have the
latest version of tcsh ( i think 8-))
Anyone seen this before..???
Susanne Ramsey
LLNL
ramsey@sundance.llnl.gov
--
.^.^. Susanne Barbera-Ramsey Lawrence Livermore National Laboratory
o o . 7000 East Avenue L-630 | (415) 423-9530
>>v<<. Livermore Ca 94550 | ramsey@lll.llnl.gov
_mm.mm_____________________________________________________________________ron@woan (Ronald S. Woan) (11/08/90)
In article <ramsey.657905203@sundance>, ramsey@sundance.llnl.gov (Susanne Ramsey) writes: Susanne> I have a sun 4/330 which I just upgraded to SUNOS 4.1. As we Susanne> have been de- bugging we have found that a person who has Susanne> tcsh as a default shell can not FTP to that account. Any Susanne> other shell seems to work just fine.. We have the latest Susanne> version of tcsh ( i think 8-)) I think most administrators have seen this before. It is usually caused by not having /bin/tcsh defined as a login shell in /etc/shells. Ron +-----All Views Expressed Are My Own And Are Not Necessarily Shared By------+ +------------------------------My Employer----------------------------------+ + Ronald S. Woan woan@peyote.cactus.org or woan%austin@iinus1.ibm.com + + other email addresses Prodigy: XTCR74A Compuserve: 73530,2537 +
vendiswc@aix.aix.kingston.ibm.com (Shaun Codner) (11/08/90)
In article <ramsey.657905203@sundance> ramsey@sundance.llnl.gov (Susanne Ramsey) writes: >I have a sun 4/330 which I just upgraded to SUNOS 4.1. As we have been de- >bugging we have found that a person who has tcsh as a default shell can not >FTP to that account. Any other shell seems to work just fine.. We have the >latest version of tcsh ( i think 8-)) > >Anyone seen this before..??? > >Susanne Ramsey Yes, this is probably because you do not have the path for tcsh ( usually /usr/local/bin/tcsh) in the /etc/shells file. FTP checks this file for "legal" shells when somebody FTP's in. Just append the path to the end of /etc/shells and all should be fine. If not, then it may be something a wee bit more complicated. :-) -Shaun -- ------------------------------------------------------------------------------- ---- Shaun Codner Telephone 914-385-7189 Office 005-3 6NW05 ---- ---- TIE 695-7189 E-Mail swc@frantic ---- -------------------------------------------------------------------------------
moore@srl.mew.mei.co.jp (W. Phillip Moore) (11/09/90)
In article <ramsey.657905203@sundance> ramsey@sundance.llnl.gov (Susanne Ramsey) writes:
I have a sun 4/330 which I just upgraded to SUNOS 4.1. As we have been de-
bugging we have found that a person who has tcsh as a default shell can not
FTP to that account. Any other shell seems to work just fine.. We have the
latest version of tcsh ( i think 8-))
Anyone seen this before..???
Yes, as a matter of fact. Most of our users usr /bin/csh, but myself and a
few others use /usr/local/bin/bash. We had the same problem. The solution
was to create the file /etc/shells and list all the possible shells which
were acceptable on our system. If you use /bin/sh, or /bin/csh, and this
file doesn't exist (and the others conditions for allwing ftp are met) then
ftp is possible. From the Sun OS 4.0.3 man page for ftpd:
ftpd authenticates users according to three rules.
o The user name must be in the password data base,
/etc/passwd, and not have a null password. In this
case a password must be provided by the client before
any file operations may be performed.
o If the file /etc/ftpusers exists, the user name must
not appear in that file.
o The user must have a standard shell returned by
getusershell(3).
o If the user name is anonymous or ftp, an anonymous FTP
account must be present in the password file (user
ftp). In this case the user is allowed to log in by
specifying any password (by convention this is given as
the client host's name).
Then go check out getusershell(3) and you'll see the reference to
/etc/shells, for which there is no shells(5) man page 8-(. The format is
trivial. Our looks like:
/bin/sh
/bin/csh
/usr/local/bin/bash
/usr/local/bin/tcsh
Hope this solves the problem for you.
W. Phillip Moore Phone: 06-908-1431
LSI Research Group FAX: 06-906-7251
Semiconductor Research Laboratory E-mail: moore@mew.mei.co.jp
Matsushita Electric Works, Ltd. 1048 Kadoma, Osaka 571, Japansweh@tharr.UUCP (Stephen Harris) (11/09/90)
In article <4416@aix.aix.kingston.ibm.com> vendiswc@aix.aix.kingston.ibm.com (Shaun Codner) writes: >In article <ramsey.657905203@sundance> ramsey@sundance.llnl.gov (Susanne Ramsey) writes: [Problems with FTP and tcsh on a Sun] >Yes, this is probably because you do not have the path for tcsh ( usually >/usr/local/bin/tcsh) in the /etc/shells file. FTP checks this file >for "legal" shells when somebody FTP's in. Just append the path to >the end of /etc/shells and all should be fine. If not, then it may be >something a wee bit more complicated. :-) What is this file /etc/shells ? I am on a MicroVAX running Ultrix 3.1, and there is no such file. Is this SunOS specific, or am I missing an important file? I can FTP OK to and from this machine without the file, even though I am using /usr/new/csh as my shell. -- Stephen Harris Disclaimer: me have an opinion? | Email: ..!ukc!axion!tharr!sweh What an idea! | sweh%tharr.uucp@uk.co.bt.axion Wanted: humour transplant | tharr!sweh@uk.ac.ukc <-- tharr *free* public access to Usenet in the UK 0234 261804 -->
rickert@mp.cs.niu.edu (Neil Rickert) (11/09/90)
In article <1408@tharr.UUCP> sweh@tharr.UUCP (Stephen Harris) writes: >In article <4416@aix.aix.kingston.ibm.com> vendiswc@aix.aix.kingston.ibm.com (Shaun Codner) writes: >>In article <ramsey.657905203@sundance> ramsey@sundance.llnl.gov (Susanne Ramsey) writes: >[Problems with FTP and tcsh on a Sun] >>Yes, this is probably because you do not have the path for tcsh ( usually >>/usr/local/bin/tcsh) in the /etc/shells file. FTP checks this file > >What is this file /etc/shells ? I am on a MicroVAX running Ultrix 3.1, and >there is no such file. >Is this SunOS specific, or am I missing an important file? >I can FTP OK to and from this machine without the file, even though I am >using /usr/new/csh as my shell. > Newer version of 'ftpd' check this file to see if a user's shell is in the file. If the file does not exist, they allow only /bin/sh and /bin/csh as valid shells. This is a security measure. Many systems have an account for 'sync' with no password, and with /etc/sync as the shell. With no security restrictions at all this would allow anybody to ftp into the system and see all files. The older mechanism was to exclude specific users with the file /etc/ftpusers where you would list login's such as 'sync' for which ftp should not be permitted. Recent versions of 'ftpd' also check the users shell in /etc/shells, and prohibit ftp to an account without a password. This is a more robust approach than simple reliance on remembering to update the /etc/ftpusers file. -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Neil W. Rickert, Computer Science <rickert@cs.niu.edu> Northern Illinois Univ. DeKalb, IL 60115. +1-815-753-6940