I still don't like the defaults on update-passwd
I really think many of these should by default
*NOT* be given a shell at all.
At the very least, the insecure change requests
should be split out from the security neutral ones
like the GECOS and sasl ones.
--------
The list of proposed changes is:
Changing shell of daemon from /dev/null to /bin/sh
Changing shell of bin from /dev/null to /bin/sh
Changing shell of sys from /dev/null to /bin/sh
Changing shell of sync from /dev/null to /bin/sync
Changing shell of games from /dev/null to /bin/sh
Changing shell of man from /dev/null to /bin/sh
Changing shell of lp from /dev/null to /bin/sh
Changing shell of mail from /dev/null to /bin/sh
Changing shell of news from /dev/null to /bin/sh
Changing shell of uucp from /dev/null to /bin/sh
Changing shell of proxy from /dev/null to /bin/sh
Changing shell of www-data from /dev/null to /bin/sh
Changing shell of backup from /dev/null to /bin/sh
Changing shell of operator from /dev/null to /bin/sh
Changing GECOS of list from "SmartList" to "Mailing List Manager".
Changing shell of list from /dev/null to /bin/sh
Changing shell of irc from /dev/null to /bin/sh
Changing shell of gnats from /dev/null to /bin/sh
Adding group "sasl" (45)
Would commit 19 changes
It is highly recommended that you allow update-passwd to make these changes
(a backup file of modified files is made with the extension .org so you can
always restore the current settings).
May I update your system? [Y/n] n
------
--
------------------------------------------------------
IN MY NAME: Dale Amon, CEO/MD
No Mushroom clouds over Islandone Society
London and New York. www.islandone.org
------------------------------------------------------
Reply to: