Date: Mon, 4 Feb 2002 14:50:48 -0500 From: Michael Lucas <mwlucas@blackhelicopters.org> To: Scott Gerhardt <scott@gerhardt-it.com> Cc: FreeBSD <freebsd-questions@FreeBSD.ORG> Subject: Re: Shells Question Message-ID: <20020204145048.A37974@blackhelicopters.org> In-Reply-To: <KPEMLBLEMPMHGLJOCDEGOEHCDMAA.scott@gerhardt-it.com>; from scott@gerhardt-it.com on Mon, Feb 04, 2002 at 01:45:02PM -0600 References: <20020204143851.A37856@blackhelicopters.org> <KPEMLBLEMPMHGLJOCDEGOEHCDMAA.scott@gerhardt-it.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Oh, okay. Then I would recommend /usr/ports/sysutils/no-login It's an actualy C program, so it avoids spawning a new shell. On Mon, Feb 04, 2002 at 01:45:02PM -0600, Scott Gerhardt wrote: > > > > > I would use login classes instead of shells; that's what they're there > > for. To toot my own horn a bit: > > > > http://www.onlamp.com/pub/a/bsd/2001/06/28/Big_Scary_Daemons.html > > > > On Mon, Feb 04, 2002 at 01:35:09PM -0600, Scott Gerhardt wrote: > > > To disallow shell accounts for ftp and pop users etc., > > > Is it better to use /sbin/nologin or /nonexistent for a > > shell entry in > > > /etc/passwd? > > > > > > "/nonexistent" does not exist > > > "/sbin/nologin" exists and actually fires up a shell and returns > > > something. > > > > > > FTP users must have a valid shell but this can be set to anything in > > > /etc/shells. > > > > > > Can't seem to find a definitive answer to this. > > Thanks Michael, > > I do use login classes, but I would like to still add the appropriate entry > to /etc/passwd just to be on the safe side (I don't manage that many users > on my system). I have the following entries in my /etc/login.access. > > -:ALL EXCEPT wheel:console > -:ALL EXCEPT wheel:ALL > > I will add other users/groups to the second entry as needed. > > > - Scott -- Michael Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org my FreeBSD column: http://www.oreillynet.com/pub/q/Big_Scary_Daemons http://www.blackhelicopters.org/~mwlucas/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020204145048.A37974>