While 'ldapsearch -x uid=tools.huji loginShell' returns 'loginShell: /usr/bin/zsh'; 'ldapsearch -x uid=tools.huji loginShell' returns 'loginShell: /bin/bash'.

Since 'become huji' is effectively 'sudo -niu tools.huji' (after running some checks) it will check what the configured shell is for tools.huji and use bash right now.

Tomorrow morning I will check into changing that for you.

Cheers,

-------------------------------------

Chico Venancio

Cloud Services Tech Support

On Sun, Jan 28, 2018 at 9:27 PM, Huji Lee <huji.huji@gmail.com> wrote:

The method proposed above works with my own username (huji). But when I do "become huji" (my bot's name is also huji), the new "tools.huji" account still uses bash. How can I make that one use another shell?

On Sun, Dec 31, 2017 at 3:14 PM, Bryan Davis <bd808@wikimedia.org> wrote:
On Sun, Dec 31, 2017 at 10:02 AM, Alex Monk <krenair@gmail.com> wrote:
> I think there might just be some caching going on. I ran chsh.ldap on
> bastion.wmflabs.org and when I went to
> deployment-puppetmaster02.deployment-prep.eqiad.wmflabs, it executed
> the new shell. bastion still didn't.

We run nscd (<https://linux.die.net/man/8/nscd>) on every host in
Cloud VPS to cache NSS lookup data. The cache time for passwd data is
set to 3600 seconds (1 hour).

Bryan
--
Bryan Davis Wikimedia Foundation <bd808@wikimedia.org>
[[m:User:BDavis_(WMF)]] Manager, Cloud Services Boise, ID USA
irc: bd808 v:415.839.6885 x6855

_______________________________________________
Wikimedia Cloud Services mailing list
Cloud@lists.wikimedia.org (formerly labs-l@lists.wikimedia.org)
https://lists.wikimedia.org/mailman/listinfo/cloud

_______________________________________________
Wikimedia Cloud Services mailing list
Cloud@lists.wikimedia.org (formerly labs-l@lists.wikimedia.org)
https://lists.wikimedia.org/mailman/listinfo/cloud