search

YunoHost / issues

General issue tracker for the YunoHost project
71 stars 8 forks source link

Allow users to change their shell by themselves #2140

Open Salamandar opened 1 year ago

Salamandar commented 1 year ago
Old issue Some configuration is required to allow users to select their shell via LDAP (`chsh.ldap`) : https://ibug.io/blog/2022/03/linux-openldap-server/ Basically what they're saying is that this should be added: ``` olcAccess: {0}to attrs=userPassword by self write by anonymous auth by * none ``` And for that, here's the LDIF call they do: ``` dn: olcDatabase={1}mdb,cn=config changetype: modify replace: olcAccess olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break olcAccess: to attrs=userPassword by self write by anonymous auth by * none olcAccess: to attrs=loginShell by self write by * none olcAccess: to attrs=shadowLastChange by self write by * read olcAccess: to * by * read ``` I'm not a ldap/ldif expert *at all* so I won't even test this on my server. the `replace: olcAccess` scares me a bit. Would it be possible to incorporate this into the yunohost configuration of slapd ? Thanks !

But IMHO it doesn't close the issue: users should be able to change their shell themselves without sudo.

tituspijean commented 1 year ago

Ping @kay0u who recently worked on https://github.com/YunoHost/yunohost/pull/1538.

Actually the aforementioned feature works for me. Can you try its command? sudo yunohost user update salamandar -s "/usr/bin/zsh"

Salamandar commented 1 year ago

~Ping @kay0u who recently worked on YunoHost/yunohost#1538.~

Actually the aforementioned feature works for me. Can you try its command? sudo yunohost user update salamandar -s "/usr/bin/zsh"

Crap you could have said RTFM 😭 will test that as soon as i have wifi again.

tituspijean commented 1 year ago

Well, there was no documentation on the feature except for the bare minimum update of the yunohost user update --help command, and one line in detailed changelog of 11.1, so... very small RTFM to you. 😛

kay0u commented 1 year ago

~Ping @kay0u who recently worked on YunoHost/yunohost#1538.~

Actually the aforementioned feature works for me. Can you try its command? sudo yunohost user update salamandar -s "/usr/bin/zsh"

Yes, that's how you are supposed to use it.

There is no zsh completion at this time. I will try to find some time to work on this PR.

Salamandar commented 1 year ago

There is no zsh completion at this time. I will try to find some time to work on this PR.

would love to see that ! <3

Alright, so yunohost user update -s <shell> worked for me, thanks !

But IMHO it doesn't close the issue: users should be able to change their shell themselves without sudo.