Server Fault Asked by Sergii Skybenko on December 23, 2021
I’d like to set specific shell for group of users only in 1 host. In my environment already installed FreeIpa. In FreeIpa I can change shell for all my hosts, it is not my requirement.
You can set up an ID View inside FreeIPA for the host. Unfortunately, ID Views are tied to individual users, and there is no way to apply a view to multiple users based on a group membership, so you will have to set up a separate entry in the view for each individual user.
# ipa idview-add my_view
------------------------------------------
Added ID View "my_view"
------------------------------------------
ID View Name: my_view
# ipa idview-apply my_view --hosts=myhost.example.foo
--------------------------------------------
Applied ID View "my_view"
--------------------------------------------
hosts: myhost.example.foo
---------------------------------------------
Number of hosts the ID View was applied to: 1
---------------------------------------------
# ipa idoverrideuser-add my_view some_user --shell=/bin/zsh
-------------------------------
Added User ID override "some_user"
-------------------------------
Anchor to override: some_user
Login shell: /bin/zsh
Note that if the host does not already have a view applied to it, you will need to restart sssd after creating it, as sssd only checks for the presence of a view on startup.
Answered by James Sneeringer on December 23, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP