Fix shell when creating new linux user account

CHANGES.rst

@@ -2,6 +2,12 @@
 CHANGELOG
 =========
 
+Unreleased
+----------
+
+* Fix shell when creating new linux user account.
+
+
 0.3.3 (2023-09-25)
 ------------------
 

rattail_fabric2/core.py

@@ -129,25 +129,29 @@ def mkdir(c, paths, owner=None, mode=None,
 
 
 def make_normal_user(c, username, full_name=None,
-                     disabled_login=True,
-                     password=None):
+                     shell='/bin/bash',
+                     password=None,
+                     disabled_login=False):
     """
     Make a new "normal" user account.
 
-    :param disabled_login: If true (the default), add the
-       ``--disabled-login`` flag to the ``adduser`` command.  The
-       reason this is the default, is to avoid being prompted for a
-       password to give the new account.
+    :param disabled_login: If true, will leave the account in a
+       non-usable state, i.e. with invalid shell.
     """
-    if not c.run('getent passwd {}'.format(username), warn=True).failed:
+    # do not bother if user exists
+    missing = c.run(f'getent passwd {username}', warn=True).failed
+    if not missing:
         return
 
-    if password:
-        disabled_login = True
-    disabled_login = '--disabled-login' if disabled_login else ''
-    c.sudo("adduser --gecos '{}' {} {}".format(full_name or username,
-                                               disabled_login,
+    # nb. specify --disabled-login to avoid being prompted for password
+    c.sudo("adduser --gecos '{}' --disabled-login {}".format(full_name or username,
                                                              username))
+
+    # then fix the shell unless we shouldn't
+    if not disabled_login:
+        c.sudo(f'usermod -s {shell} {username}')
+
+    # and maybe set password
     if password:
         c.sudo(f"bash -c 'echo {username}:{password} | chpasswd'",
                echo=False)