is a setuid program that modifies the file, and only allows ordinary users to modify their own login shells. The superuser can modify the shells of other users, by supplying the name of the user whose shell is to be modified as a command-line argument. For security reasons, the shells that both ordinary users and the superuser can specify are limited by the contents of the file, with the pathname of the shell being required to be exactly as it appears in that file. The superuser can, however, also modify the password file directly, setting any user's shell to any executable file on the system without reference to and without using. On most systems, when is invoked without the command-line option, it prompts the user to select one. On Mac OS X, if invoked without the option, displays a text file in the default editor allowing the user to change all of the features of their user account that they are permitted to change, the pathname of the shell being the name next to "Shell:". When the user quits vim, the changes made there are transferred to the /etc/passwd file which only root can change directly. Using the option greatly simplifies the task of changing shells. Depending on the system, may or may not prompt the user for a password before changing the shell, or entering interactive mode. On some systems, use of by non-root users is disabled entirely by the sysadmin. On many Linux distributions, the command is a PAM-aware application. As such, its behaviour can be tailored, using PAM configuration options, for individual users. For example, an directive that specifies the module can be used to deny access to individual users, by specifying a file of the usernames to deny access to with the option to that module.
Portability
does not describe utilities such as, which are used for modifying the user's entry in. Most Unix-like systems provide. SVr4-based systems provided a similar capability with passwd. Two of the three remaining systems provide in addition to. The exception is Solaris, where non-administrators are unable to change their shell unless a network name server such as NIS or NIS+ is installed. The obsolete SGISVr4 system IRIX64 also lacked.
