| A shell is assigned to a user when the user is first created by the system administrator (see Chapter 3, "User Administration") and the full path of the user's shell is stored in the rightmost field of the password file. When users log in to the system, the program defined in the shell field of their password file entry is executed. If the field contained /bin/ksh then that is the command that would run. Likewise, if the field contained /bin/who then that would run instead. In this case, it would display a list of who is currently logged in (which would include the users in question) and then exit back to the login prompt. This kind of entry is often used to enable specific functions to be performed by users who do not have their own login on that server, for example a shutdown user (on no account create a shutdown user called shutdown with a password of shutdown!). Assuming you have /bin/ksh in your password file entry, you will be presented with the usual $ prompt following a successful login. If you want to run the C Shell instead, you can type "csh" and you will now be presented with a % prompt (due to the default value of PS1 in the C Shell). You have not, however, replaced the Korn Shell with the C Shell; the C Shell is running as a subshell, as the ps command will show you: % ps -f UID PID PPIP C STIME TTY TIME CMD djb 421 419 0 22:19:58 pts/4 0:00 -ksh djb 428 421 0 22:34:13 pts/4 0:00 csh djb 430 428 2 22:35:15 pts/4 0:00 ps % The minus sign before the "ksh" shows that it is a login shell. If you wanted to run a C Shell instead of the Korn Shell, rather than as a subprocess to your Korn Shell you could type: $ exec csh $ and then ps would show: % ps -f UID PID PPIP C STIME TTY TIME CMD djb 421 419 1 22:19:58 pts/4 0:00 csh djb 455 421 1 22:43:38 pts/4 0:00 ps % Of course, if users want the C Shell instead of the Korn Shell on a permanent basis, the best course of action is for them to ask the system administrator to change their entry in the password file. The UNIX command exec tells the shell to overlay (replace) itself with the command supplied as an argument to exec. If you supply another command (i.e., not a shell), the current shell will overlay that command, which will run; however, you will be logged out when that command completes (just as you would be when the new shell completes). This function demonstrates how the login process actually operates. The login prompt you see on your terminal is produced by the UNIX command /usr/bin/login. When you type a user name and password, the login program will first validate these against the password and shadow files, and then (if they are valid) will use exec to overlay the program specified in the rightmost field of the password file. This program would normally be a shell, but could be any program you wished. If, for example, a user was added that had /usr/bin/date as the shell field in the password file, then logging in as that user would cause the date and time to be displayed followed by your immediate logoff. You would see no prompt and you would not get any chance to type any commands in. This method has been used on some sites to provide a shutdown user that will enable the server to be shut down by somebody who does not have enough authority to actually log in to perform this manually. The password entry for such a user might look like this: shutdown:x:0:1:Shutdown User:/:/usr/sbin/shutdown When the user logs in, the shutdown program runs instead of the shell and shuts down the server. The UID field must be set to 0 as only root can perform a shutdown. Also, if you decide to create a shutdown user, make sure the password is secure (and definitely NOT the same as the user name). The shell is not a special program. It works just like any other UNIX program; it just happens that its purpose is to execute the commands that it reads on its standard input. A shell actually does a lot more than execute programs, and the next section offers a brief diversion for those interested. | 
