Re: Bug#274229: System accounts with valid shells
On Tue, Jan 07, 2014 at 03:59:34PM +0000, Colin Watson wrote:
> Russ supplied a patch to allow update-passwd to use debconf for
> prompting, which I've now merged after some tweaking between us. As of
> base-passwd 3.5.30, all these accounts will have their shells changed to
> /usr/sbin/nologin, with debconf prompts at priority medium defaulting to
> true.
There's been a bit of fallout from the change of shells. A codesearch
run suggests that it isn't bad enough that I'd want to revert parts of
it, but I'm reporting bugs collected here:
http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=base-passwd@packages.debian.org;tag=shell-fallout
In short, if you're using "su <user>" for any of the affected users
(daemon bin sys games man lp mail news uucp proxy www-data backup list
irc gnats nobody), and you weren't already passing an -s option, you
must add "-s /bin/sh". Quite a few packages were already doing this
since this was already a fairly common local customisation, but there
are some stragglers.
--
Colin Watson [cjwatson@debian.org]
Reply to: