add-shell

add-shell shell

shell
    Absolute path to the shell executable to add to /etc/shells

The add-shell command appends the pathname of a new shell to the /etc/shells file, marking it as a valid login shell. This is essential for users to switch to non-standard shells via chsh(1) or set in /etc/passwd. It prevents arbitrary shells from being used, enhancing security by limiting approved interpreters.

Typically run as root, it checks if the shell is already listed before adding, avoiding duplicates. The command is simple, with no options, and outputs nothing on success or an error if issues arise, like permission denied.

Common use: After installing a new shell like zsh or fish, run add-shell /usr/bin/zsh to enable it system-wide. Without this, chsh rejects it. Pair with remove-shell for management.

This utility is crucial in multi-user environments for controlled shell deployment, ensuring only vetted shells are usable.

Requires root privileges; does not validate if shell binary exists or is executable; idempotent (skips duplicates).

# add-shell /usr/bin/fish
Appends /usr/bin/fish to /etc/shells if missing.

Only add trusted shells; unverified paths in /etc/shells could allow privilege escalation.

Originated in early Unix-like systems for shell validation; present in Debian's passwd package since ~1990s; maintained in util-linux or shadow suites across distributions.

remove-shell(8), chsh(1), getent(1), /etc/shells(5)