Description of problem: According to the README.pam_shells file, if a login has an empty shell field in /etc/passwd, "/bin/sh" is used. Although we have "/bin/sh" in our /etc/shells file, ftp logins are denied by pam_shells when the login does not have a shell assigned in /etc passwd. Everything works well, when /etc/passwd is changed to list "/bin/sh" (or "/bin/bash") in /etc/passwd. How reproducible: always Steps to Reproduce: 1. create login "x1" with empty shell field in /etc/passwd 2. try to "ftp machine" using login "x1" 3. observe, that it is not possible to login with ftp 4. it is possible to login with telnet, though 5. if the shell field in /etc/passwd is changed to "/bin/sh", ftp login is allowed
The README was modified to reflect the reality in the upstream CVS.