Re: /etc/passwd->shell
En réponse à Hubert Chan <hackerhue@geek.com>:
> Anything that is not a real user can have its shell set to /bin/false.
> In fact, depending on how your system is set up, you could probably
> even
> set root's shell to /bin/false.
ok
> Just make sure that you have some way
> of doing stuff as root (e.g. sudo),
> and that you don't kill single
> mode. (Never tried this, but I don't see why you couldn't do this.)
ok for sudo, but what do you mean by "don t kill single mode"?
> So daemon, bin, sys, ftp, www-data, mail, mysql, etc. can probably be
> set to /bin/false. (Why does Debian not do this by default?)
i just tried to put /bin/false in /etc/passwd for ftp, www-data, mysql, man
and that s ok. i ll try to do so for daemon, bin and sys at home
(i prefer than to do this at work :p)
> I don't know what the sync user is for, though, so I don't know if you
> can set it to /bin/false. /bin/sync looks like it was put there for a
> reason.
yes, you re right too. sync is called by updated to flush the filesystem buffers
every 30 seconds.
i ll tell you what about daemon, bin and sys soon.
thanks for all ;D
-----
Ivan R.
sysadmin
Reply to: