The idea here is to run:
% ./gen-etc-shells.sh > /tmp/shells
to make sure it's what you want. Then:
% mv /tmp/shells /etc/shells
It lists the 10 built-in shells allowed by
It then uses
to extract all passwd entries; these
are piped to an
script which extracts the shell information.
Once this is cleaned up and some known bogus entries are stripped out, the
resulting output is appropriate for creating a new
file, which will allow exactly the shells that were allowed previously, but
Download the shell script.