[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Commands Reference, Volume 5

shell Command


Executes a shell with the user's default credentials and environment.




The shell command re-initializes a user's login session. When the command is given, the port characteristics of the process's controlling terminal are reset and all access to the port is revoked. The shell command then resets the process credentials and environment to the defaults established for the user and executes the user's initial program. All credentials and environment are established according to the login user ID of the invoking process.

If the shell command is invoked on the trusted path and the user's tpath attribute in the /etc/security/user file does not have a value of always, the trusted environment of the terminal is not maintained.

Note: The shell command does not reset the login ID of the user.


Access Control: The command should be setuid to the root user to reset the user's process credentials, and grant execute (x) access to all users. The command should have the trusted computing base attribute.

Files Accessed:

Mode File
r /etc/passwd
r /etc/group
r /etc/security/audit/config
r /etc/security/environ
r /etc/security/limits
r /etc/security/user

Auditing Events:

Event Information
USER_Shell portname


To re-initialize your session to your default credentials and environment after using the trusted shell (tsh), enter:



/usr/bin/shell Contains the shell command.
/etc/security/user Contains the extended attributes of users.
/etc/passwd Contains user IDs.
/etc/group Contains group IDs.
/etc/security/audit/config Contains the audit configuration information.
/etc/security/environ Defines the environment attributes for users.
/etc/security/limits Defines process resource limits for each user.

Related Information

The getty command, init command, login command, logout command, setgroups command, su command, tsh command, tsm command.

For more information about the identification and authentication of users, discretionary access control, the trusted computing base, and auditing, refer to Security Administration in AIX 5L Version 5.2 Security Guide.

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]