>Presumably, you are suggesting additions to the addnerd command.
>Perhaps a quick discussion of the options is appropriate.  I see the
>following possibilities:
>
>1.  -s /sbin/nologin; no -p option or -p *; warn that the user may wish
>      to change this via vipw/passwd
>
>2.  -s $MAJORDOMO_SHELL (default /bin/sh); -p *; similar warning
>
>Any comments on which is preferable or ideas on other options?

I think either no -p option or -p *, followed by a warning, is fine. I do 
*not* think that the default shell should be anything other than 
/sbin/nologin, even if -p * is specified. If someone is going to take the 
unlikely step of allowing someone to log in as majordom, they can make the 
shell change in vipw.