tag 734775 upstream pending thanks On Thu, Jan 09, 2014 at 01:41:00PM -0500, Ian Bolton wrote: > Package: tiger > Version: 1:3.2.3-11 > Severity: normal > > Dear Maintainer, > The nologin path should be /usr/sbin/nologin for these three instances: (...)
You are correct, I have committed a fix for this issue in Tiger's GIT repository (see attached file). I will update the package with the latest upstream version as soon as possible. Regards Javier
diff --git a/scripts/check_anonftp b/scripts/check_anonftp index bf881c5..75fb163 100755 --- a/scripts/check_anonftp +++ b/scripts/check_anonftp @@ -17,6 +17,8 @@ # # check_anonftp - 06/14/93 # +# 01/09/2013 jfs Added /usr/sbin/nologin to list of valid nologin shells +# (Debian bug #734775) # 08/31/2005 jfs Changed GROUPC to GROUPSS # 06/28/2004 jfs Avoid duplicates for $ftphome # 01/13/2004 rbrad Cleanup noise and add additional check to check_anonftp. @@ -161,7 +163,7 @@ haveallcmds GETUSERHOME && { # Does the ftp user have a valid shell? shell=`echo $ftp_pwentry | $CUT -d: -f7` case "$shell" in - /bin/false|/usr/bin/false|/sbin/nologin) + /bin/false|/usr/bin/false|/sbin/nologin|/usr/sbin/nologin) ;; *) diff --git a/scripts/check_network b/scripts/check_network index e76dc2d..2645b76 100755 --- a/scripts/check_network +++ b/scripts/check_network @@ -339,7 +339,7 @@ sub check_ftpd { close(PASS); return unless ($name); return unless ($shell); - if (( $shell ne '/bin/false' ) || ( $shell ne '/sbin/nologin' )) { + if (( $shell ne '/bin/false' ) || ( $shell ne '/sbin/nologin' ) || ( $shell ne '/usr/sbin/nologin' ) ) { &Fail('netw018f',"Anon ftp user $name has valid shell of $shell"); } diff --git a/scripts/check_passwd b/scripts/check_passwd index 9b58e72..1fc6b6b 100755 --- a/scripts/check_passwd +++ b/scripts/check_passwd @@ -55,6 +55,8 @@ # Add /bin/true as valid shell as well as Solaris shells # 05/20/2006 jfs Add quotation marks to Tiger_Admin_Accounts to prevent # errors if empty (Debian bug #342181) +# 01/09/2013 jfs Added /usr/sbin/nologin to list of valid nologin shells +# (Debian bug #734775) # #----------------------------------------------------------------------------- # TODO: @@ -168,7 +170,7 @@ check_passwd_entries() # TODO: The hardcoded list of shells could be user defined # (i.e. in tigerrc) eval "case \"$shell\" in - /bin/false|/usr/bin/false|/dev/null|/sbin/nologin|/bin/true) + /bin/false|/usr/bin/false|/dev/null|/sbin/nologin|/bin/true|/usr/sbin/nologin) ;; $shcase) [ \"$hash\" = \* ] && {
signature.asc
Description: Digital signature