Bug#366546: exim4-daemon-heavy: Use /bin/nologin instead of /bin/false in /etc/passwd

Jari Aalto jari.aalto at cante.net
Tue May 9 15:43:19 UTC 2006 

Package: exim4-daemon-heavy
Version: 4.62-1
Severity: normal
Tags: security

file /etc/passwd reads:

  Debian-exim:x:102:102::/var/spool/exim4:/bin/false

SUGGESTION

The new login package includes binary /bin/nologin which behaves the
as /bin/false, but helps with security auditions by leaving a trace
of login attempt to syslog.

Please chenge to use 'nologin' in place of 'false'

-- Package-specific info:
Exim version 4.62 #1 built 02-May-2006 11:54:25
Copyright (c) University of Cambridge 2006
Berkeley DB: Sleepycat Software: Berkeley DB 4.3.29: (September  6, 2005)
Support for: crypteq iconv() IPv6 PAM Perl GnuTLS move_frozen_messages Content_Scanning Old_Demime
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql
Authenticators: cram_md5 cyrus_sasl plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.16-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US)

Versions of packages exim4-daemon-heavy depends on:
ii  exim4-base              4.62-1           support files for all exim MTA (v4
ii  libc6                   2.3.6-7          GNU C Library: Shared libraries
ii  libdb4.3                4.3.29-5         Berkeley v4.3 Database Libraries [
ii  libgnutls13             1.3.5-1+b1       the GNU TLS library - runtime libr
ii  libldap2                2.1.30-13        OpenLDAP libraries
ii  libmysqlclient15off     5.0.20a-2        mysql database client library
ii  libpam0g                0.79-3.1         Pluggable Authentication Modules l
ii  libpcre3                6.4-2            Perl 5 Compatible Regular Expressi
ii  libperl5.8              5.8.8-4          Shared Perl library
ii  libpq4                  8.1.3-4          PostgreSQL C client library
ii  libsasl2                2.1.19.dfsg1-0.2 Authentication abstraction library

exim4-daemon-heavy recommends no packages.

-- no debconf information

More information about the Pkg-exim4-maintainers mailing list