[Pkg-shadow-devel] Bug#425363: Bug#425363: DEFAULT_HOME in /etc/login.defs is ignored
Hubert Mercier
hubert.mercier at unilim.fr
Tue May 22 07:31:10 UTC 2007
Hi Christian,
And thanks for this fast reply. To be honest, I tried to login directly
through ssh, since this is the kind of login way I'm trying to limit.
You're right : on my system too, su and login work well (and do not
allow a homeless user). Maybe another ssh / pam issue then... I'll try
to investigate further...
Btw, I'm using a OpenLDAP auth backend (that's why I need to limit
logins on my systems). But it should not interfere...
Cheers,
Christian Perrier a écrit :
> Quoting Hubert Mercier (hubert.mercier at unilim.fr):
>
>> Package: login
>> Version: 1:4.0.18.1-7
>> Severity: normal
>>
>> Hi,
>>
>> Setting DEFAULT_HOME to "no" in /etc/login.defs has no effect : users
>> without valid homedir are still able to log in.
>>
>
> Well, partly in French dans le texte:
>
> root at mykerinos:~> grep DEFAULT_HOME /etc/login.defs
> DEFAULT_HOME no
> root at mykerinos:~> grep spongebob /etc/passwd
> spongebob:x:1002:1002:Sponge Bob SquarePants,,,:/home/spongebob_has_no_home_but_a_pine_apple:/bin/bash
> root at mykerinos:~> login
> mykerinos login : spongebob
> Password:
> Last login: Mon May 21 18:36:18 2007 on pts/2
> Linux cc-mykerinos 2.6.20-1-686 #1 SMP Tue Apr 24 21:52:11 UTC 2007 i686
>
> The programs included with the Debian GNU/Linux system are free software;
> the exact distribution terms for each program are described in the
> individual files in /usr/share/doc/*/copyright.
>
> Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
> permitted by applicable law.
> Impossible d'aller dans le répertoire « /home/spongebob_has_no_home_but_a_pine_apple »
>
>
> So, nothing wrong in my own environment.
>
> The same happens with "su -". Login is still possible with "su" alone,
> but that's the intended behaviour as, in such case, $HOME is inherited
> from the environment of the user who calls "su".
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20070522/271ab638/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hubert.mercier.vcf
Type: text/x-vcard
Size: 332 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20070522/271ab638/attachment.vcf
More information about the Pkg-shadow-devel
mailing list