[Pkg-shadow-devel] Bug#433587: Bug#433587: request to add /usr/sbin/nologin to /etc/shells
nipsy at bitgnome.net
Wed Jul 18 07:05:35 UTC 2007
On 18 Jul 2007, Christian Perrier wrote:
> At first reaction, I am not very keen at doing this *by default*.
> nologin is intended as a replacement shell field for accounts that
> have been disabled. So, making it a valid shell defeats that.
> I recommend you to do it manually locally with add-shell(8)
> Other shadow maintainers, do we have an agreement, here?
Well, I did add it manually of course to work around the
issue. But I think this is the exact type of situation where it
should be defined as a valid shell in /etc/shells.
The reason to not include it would be if there is a
security situation where having it defined allows some other
unintended level of access. If such a situation exists, then I
can understand not having it in the list. I just wasn't aware of
any such situation whereas I clearly ran across the opposite with
Maybe including it as a debconf item would be the best
option? Or maybe an informational notice of some kind?
But it's whatever. I just ran across this one situation
where it should be defined and thought that it might be something
to consider. Thanks for thinking about it.
Mark Nipper e-contacts:
4320 Milam Street nipsy at bitgnome.net
Bryan, Texas 77801-3920 http://nipsy.bitgnome.net/
(979)575-3193 AIM/Yahoo: texasnipsy ICQ: 66971617
-----BEGIN GEEK CODE BLOCK-----
GG/IT d- s++:+ a- C++$ UBL++++$ P--->+++ L+++$ !E---
W++(--) N+ o K++ w(---) O++ M V(--) PS+++(+) PE(--)
Y+ PGP t+ 5 X R tv b+++@ DI++ D+ G e(*) h r(%) y+(**)
------END GEEK CODE BLOCK------
---begin random quote of the moment---
As a computer, I find your faith in technology amusing.
----end random quote of the moment----
More information about the Pkg-shadow-devel