[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: using /usr/bin/nologin instead of /bin/false in adduser?



Bernhard R. Link wrote:
> * Marc Haber <mh+debian-devel@zugschlus.de> [060513 16:34]:
> 
>>in login 4.0.13, /usr/bin/nologin has appeared which seems to be a
>>good default choice for accounts that do not allow shell login.
> 
> 
> /bin/false and /bin/true have the advantage of relatively well-defined
> meanings (no login vs. no shell login).
> So some absurd ftp server or something might compare it with /bin/false,
> but then of course the second defense line of an disabled password hash
> is still there.
> 

Out of curiousity, what happens when someone tries to login and /usr is
unavailable?  If the shell is set to something in /bin, it will still be
used.  What is the default action when the user's shell is not available?

-Roberto

-- 
Roberto C. Sanchez
http://familiasanchez.net/~roberto

Attachment: signature.asc
Description: OpenPGP digital signature


Reply to: