1 |
On Fri, 13 Feb 2009 13:15:12 +0800 |
2 |
Chuanwen Wu <wcw8410@×××××.com> wrote: |
3 |
|
4 |
> Could you please give more details? How to change it to something |
5 |
> default? |
6 |
|
7 |
Well, that's pretty much the basics... |
8 |
Shells for each system user are defined in /etc/passwd, which should be |
9 |
edited by 'vipw' command. |
10 |
|
11 |
What I've meant is the case, when you, or something else changed |
12 |
'/etc/passwd', replacing '/bin/bash' with something like |
13 |
'/sbin/nologin' or some other path, which is not a valid shell. |
14 |
|
15 |
Actually, ssh shouldn't work with invalid shell like that as well, but |
16 |
one, for example, can add some commands to ".bashrc" which will work |
17 |
only in ssh environment (using some env vars, set by ssh, for example). |
18 |
|
19 |
Then, there might be some ssh-only shell, so I'd suggest to set shell |
20 |
to '/bin/sh' (which is actually bash, for gentoo) and disable all the |
21 |
configs it's using, like '~/.bashrc' or '/etc/bashrc' (see 'man bash', |
22 |
for full list). |
23 |
Also, Neil has made a good point that there might be something |
24 |
in /etc/profile, which is usually sourced by all bash-like shells. |
25 |
|
26 |
|
27 |
> I have checked the /var/log/faillog, which I'm not sure whether it's |
28 |
> the right log file, and seems it only contain binary data(I read it |
29 |
> from "vi /var/log/faillog"). |
30 |
|
31 |
Syslog usually uses '/var/log/messages' as a collector for everything |
32 |
that is being sent to it, so I'd check that file first. And make sure |
33 |
the timestamps there are recent - it should mean that syslog is writing |
34 |
to it and is not dead. |
35 |
'dmesg' command is usually a good source for failure messages too, but |
36 |
only on kernel level (when something really nasty happens). There might |
37 |
be some segfaults, produced by your shell, and usually indicate |
38 |
programming or compilation errors. |
39 |
|
40 |
-- |
41 |
Mike Kazantsev // fraggod.net |