On Thu, Dec 19, 2002 at 02:34:15PM -0800, Brian Hatch wrote: > To have no shell, you'd want > news:x:9:13:news:/etc/news:/nosuchprogram > or something similar. Many folks use '/bin/false' for > example. I'm wondering why I would want that - until now nobody could give me a good argument although everybody learns to remove the shells :-(
* If I give my users a disabled password, they cannot¹ login via passwd based ssh/ftp/pop3 etc. * But, on the other hand, I can have a su news -c /usr/local/script_running_as_user_news.sh Any hints? bye, -christian- ¹: Yes, except for the rare cases when the PAM developers release a buggy version that interprets '*' as no password instead of no login..