Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-9896: Missing shell for Solaris 11.x /etc/shells file

Auditing and Monitoring Service ,  

12 February,18 at 12:18 PM

Applies to: All version of Centrify DirectAudit

Problem:
 
On Solaris 11.x or above, there is a shell called pfbash located in /bin, if users set this shell as their default shell, they will fall into emergency shell during login as this shell is not listed in /etc/shells.
 
Cause:
 
Solaris does not have /etc/shells by default and it is generated by Centrify.
Centrify Direct Audit calls the OS function getusershell() if it exists. In most cases, it just returns the entries in /etc/shells.

However, note the following special implementation of getusershell() in Solaris:

If /etc/shells does not exist, the following locations of the standard system shells are used in its place:

/bin/bash /bin/csh
/bin/jsh /bin/ksh
/bin/pfcsh /bin/pfksh
/bin/pfsh /bin/sh
/bin/tcsh /bin/zsh
/sbin/jsh /sbin/pfsh
/sbin/sh /usr/bin/bash
/usr/bin/csh /usr/bin/jsh
/usr/bin/ksh /usr/bin/pfcsh
/usr/bin/pfksh /usr/bin/pfsh
/usr/bin/sh /usr/bin/tcsh
/usr/bin/zsh /usr/sfw/bin/zsh
/usr/xpg4/bin/sh

Centrify DirectAudit checks if the file returned from the function exists or not, pfbash is NOT in this list and therefore, /etc/shell will not include this shell for auditing.
 
Workaround:

  1. Disable audit by running: dacontrol -d
  2. Manually append the /bin/pfbash into /etc/shells file
  3. Enable audit by running:  dacontrol -e
  4. Once done, check if /bin/cdax/pfbash is created
  5. If so, try login as the affected user again

Related Articles

 articleKB-7441: List of error codes Adclient and DAD daemons generated for Solaris and Linux clients articleKB-5982: Executing shell command from within FTP results in a warning message about missing shell and Direct Audit emergency shell is executed instead articleKB-4872: How do I use Deployment manager with OS X 10.10 Yosemite articleKB-6041: How to show current license type in use by adclient articleKB-4291: What files are modified by Centrify DirectControl or DirectAudit during install & adjoin process articleKB-6040: How to change the license type in use after adclient successful joined to the AD? articleKB-7120: Suite 2016.1 Deployment Manager is reporting unsupported CentOS 6.8 articleKB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role? articleKB-6056: How to report the group policy settings that are in effect for the local computer?