beautypg.com

2 chfn, 3 chsh – IBM Novell 10 SP1 EAL4 User Manual

Page 209

background image

14. Invokes pam_chauthok() to rejuvenate user’s authentication tokens.
15. Exits.

5.13.1.2 chfn

The chfn program allows users to change their finger information. The finger command displays the

information, stored in the /etc/passwd file. Refer to the chfn man page for detailed information. chfn

generally follows these steps:

1. Sets language.
2. Gets invoking user’s ID.
3. Parses command-line arguments.
4. Performs a check that a non-root user is not trying to change finger information of another user.
5. Invokes pam_start() to initialize the PAM library and to identify the application with a particular

service name.

6. Invokes pam_authenticate() to authenticate the application user. Generates an audit record to

log the authentication attempt and its outcome.

7. Invokes pam_acct_mgmt() to perform module-specific account management.
8. Invokes pam_chauthok() to rejuvenate the user’s authentication tokens.
9. Invokes pam_setcred() to set credentials.
10. Prompts for new finger information if not supplied on the command line.
11. Updates appropriate database files with new finger information.
12. Exits.

5.13.1.3 chsh

The chsh program allows users to change their login shells. If a shell is not given on the command line,
chsh prompts for one. Refer to the chsh man page for detailed information. chsh generally follows these

steps:

1. Sets language.
2. Gets invoking user’s ID.
3. Parses command-line arguments.
4. Performs a check that a non-root user is not trying to change shell of another user.
5. Performs a check to ensure that a non-root user is not trying to set his or her shell to a non standard

shell.

6. Invokes pam_start() to initialize the PAM library and to identify the application with a particular

service name.

7. Invokes pam_authenticate() to authenticate the application user. Generates an audit record to

log the authentication attempt and its outcome.

8. Invokes pam_acct_mgmt() to perform module-specific account management.
9. Invokes pam_chauthok() to rejuvenate the user’s authentication tokens.
10. Checks the shell to make sure that it is accessible.

197

See also other documents in the category IBM Computers: