[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: prevent user from login?



Thanks very much for the explanation!

Regards.

On 9/24/06, Roberto C. Sanchez <roberto@connexer.com> wrote:
On Sun, Sep 24, 2006 at 02:34:24PM +0800, Deephay wrote:
> thanks for the help.
> but I am not very much understand what is the meaning of changing the
> default login shell to /bin/false. Could you explain it? Thanks.
>

Certainly,

The man page for /bin/false reads:

"false - do nothing, unsuccessfully"

Basically, when the user logs in the system executes the shell program
that is listed in /etc/passwd.  If the shell program exits immdiately
when the user authenticates, you have, in effect, prevented the user
from logging in.  In reality you have not, because the system still
accepted the user's name and password and tried to execute a shell, but
you have just made the user's shell useless.

The other option is to disable the user's password, by placing an
asterisk at the beginning of it in /etc/shadow.  However, this would
also prevent your users from being able to login with their mail clients
to check mail, which you probably do not want.

Regards,

-Roberto
--
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFFFikB5SXWIKfIlGQRAqr8AJ9nztOquTpYXoEGtqcafzfPqkXiTgCfRgxm
5W3eQCEdTVbPI+7gXcU6xqU=
=o6SE
-----END PGP SIGNATURE-----






Reply to: