While 'ldapsearch -x uid=tools.huji loginShell' returns 'loginShell: /usr/bin/zsh'; 'ldapsearch -x uid=tools.huji loginShell' returns 'loginShell: /bin/bash'. Since 'become huji' is effectively 'sudo -niu tools.huji' (after running some checks) it will check what the configured shell is for tools.huji and use bash right now. Tomorrow morning I will check into changing that for you.
Cheers, ------------------------------------- Chico Venancio Cloud Services Tech Support
On Sun, Jan 28, 2018 at 9:27 PM, Huji Lee huji.huji@gmail.com wrote:
The method proposed above works with my own username (huji). But when I do "become huji" (my bot's name is also huji), the new "tools.huji" account still uses bash. How can I make that one use another shell?
On Sun, Dec 31, 2017 at 3:14 PM, Bryan Davis bd808@wikimedia.org wrote:
On Sun, Dec 31, 2017 at 10:02 AM, Alex Monk krenair@gmail.com wrote:
I think there might just be some caching going on. I ran chsh.ldap on bastion.wmflabs.org and when I went to deployment-puppetmaster02.deployment-prep.eqiad.wmflabs, it executed the new shell. bastion still didn't.
We run nscd (https://linux.die.net/man/8/nscd) on every host in Cloud VPS to cache NSS lookup data. The cache time for passwd data is set to 3600 seconds (1 hour).
Bryan
Bryan Davis Wikimedia Foundation bd808@wikimedia.org [[m:User:BDavis_(WMF)]] Manager, Cloud Services Boise, ID USA irc: bd808 v:415.839.6885 x6855
Wikimedia Cloud Services mailing list Cloud@lists.wikimedia.org (formerly labs-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/cloud
Wikimedia Cloud Services mailing list Cloud@lists.wikimedia.org (formerly labs-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/cloud