On Thu, Dec 19, 2002 at 02:34:15PM -0800, Brian Hatch wrote:
> To have no shell, you'd want
> news:x:9:13:news:/etc/news:/nosuchprogram
> or something similar. Many folks use '/bin/false' for
> example.
I'm wondering why I would want that - until now nobody could give me a
good argument although everybody learns to remove the shells :-(
* If I give my users a disabled password, they cannot¹ login via passwd
based ssh/ftp/pop3 etc.
* But, on the other hand, I can have a
su news -c /usr/local/script_running_as_user_news.sh
Any hints?
bye,
-christian-
¹: Yes, except for the rare cases when the PAM developers release a
buggy version that interprets '*' as no password instead of no
login..
