Tim Newsham sez:
# der Mouse wrote:
# > What is /etc/shells good for?  Anything?  Or is it just following a
# > tradition started by someone looking for a quick fix?  Even if it still
# > has some use, I'd really like to see a way that I, as a sysadmin, can
# > configure it such that _any_ program is considered a "standard shell".
# > With /etc/shells as it stands, the only way to do that is something
# > like "find / -type f -print > /etc/shells", and that (a) will make
# > getusershell() take _forever_ and (b) needs to be rerun every time
# > someone compiles a new program.
# 
# I can think of at least one problem that would arise if
# /etc/shells wasnt used to restrict chsh's:
# 
#   - yppasswdd could be used to change your shell from
#     a special restricted shell to a full access shell.

As you are probably aware, it is also used to restrict FTP access.

I was not aware that chsh/yppasswd made sure that both shells were
in /etc/shells.

Perhaps there should be a way of wildcarding paths in /etc/shells.

# 
# yppasswd needs only the account name, the new shell and
# the account pasword.  Currently it makes sure that both
# the old shell and the new shell are in /etc/shells before
# doing anything.
# 
# There may be other cases like this lurking around.
# 
# > 			       mouse@rodents.montreal.qc.ca
#