On Saturday, January 12, 2002, at 02:46 PM, Hubert Chan wrote:
I think that if you boot into single mode (e.g. type linux single at
the LILO prompt), you'll drop into whatever shell is defined for root.
More importantly, will it break if, e.g., fsck fails and drops
you into single-user
On Saturday, January 12, 2002, at 02:46 PM, Hubert Chan wrote:
I think that if you boot into single mode (e.g. type linux single at
the LILO prompt), you'll drop into whatever shell is defined for root.
More importantly, will it break if, e.g., fsck fails and drops
you into single-user
On Mon, Jan 14, 2002 at 06:52:49AM -0500, Ivan R. wrote:
to, I can see no reason why not giving a user, that has *no* password,
a shell.
if a user don t need a shell,
why should we give him one?
Because a sysadmin could like to execute scripts under this uid via sudo
as he thinks it's a
En réponse à Hubert Chan [EMAIL PROTECTED]:
Anything that is not a real user can have its shell set to /bin/false.
In fact, depending on how your system is set up, you could probably
even
set root's shell to /bin/false.
ok
Just make sure that you have some way
of doing stuff as root
En réponse à Christian Hammers [EMAIL PROTECTED]:
Apart from the ftp users which (sometimes) need their ftp password to
be stored in /etc/shadow and thus would making it a valid login
password
to, I can see no reason why not giving a user, that has *no* password,
a shell.
ok, but we can
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ivan == \Ivan R \ Ivan writes:
Just make sure that you have some way of doing stuff as root
(e.g. sudo), and that you don't kill single mode. (Never tried this,
but I don't see why you couldn't do this.)
Ivan ok for sudo, but what do you mean
On Mon, Jan 14, 2002 at 06:52:49AM -0500, Ivan R. wrote:
to, I can see no reason why not giving a user, that has *no* password,
a shell.
if a user don t need a shell,
why should we give him one?
Because a sysadmin could like to execute scripts under this uid via sudo
as he thinks it's a
En réponse à Christian Hammers [EMAIL PROTECTED]:
Apart from the ftp users which (sometimes) need their ftp password to
be stored in /etc/shadow and thus would making it a valid login
password
to, I can see no reason why not giving a user, that has *no* password,
a shell.
ok, but we can
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ivan == \Ivan R \ Ivan writes:
Just make sure that you have some way of doing stuff as root
(e.g. sudo), and that you don't kill single mode. (Never tried this,
but I don't see why you couldn't do this.)
Ivan ok for sudo, but what do you mean
hi all!
i want a password file
without hole.
so i have now in /etc/passwd:
root with /bin/bash
daemon, bin and sys with /bin/sh
sync with /bin/sync
normal users with /bin/bash
ftp users with /bin/noshell
here i think that s good
but i have some questions :
what about replace /bin/sh for man
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ivan == \Ivan R \ Ivan writes:
Ivan hi all! i want a password file without hole.
Ivan so i have now in /etc/passwd:
Ivan root with /bin/bash
Ivan daemon, bin and sys with /bin/sh
Ivan sync with /bin/sync
Ivan normal users with /bin/bash
Ivan ftp
On Fri, Jan 11, 2002 at 10:00:32PM -0500, Hubert Chan wrote:
So daemon, bin, sys, ftp, www-data, mail, mysql, etc. can probably be
set to /bin/false. (Why does Debian not do this by default?)
Apart from the ftp users which (sometimes) need their ftp password to
be stored in /etc/shadow and
hi all!
i want a password file
without hole.
so i have now in /etc/passwd:
root with /bin/bash
daemon, bin and sys with /bin/sh
sync with /bin/sync
normal users with /bin/bash
ftp users with /bin/noshell
here i think that s good
but i have some questions :
what about replace /bin/sh for man
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ivan == \Ivan R \ Ivan writes:
Ivan hi all! i want a password file without hole.
Ivan so i have now in /etc/passwd:
Ivan root with /bin/bash
Ivan daemon, bin and sys with /bin/sh
Ivan sync with /bin/sync
Ivan normal users with /bin/bash
Ivan ftp
On Fri, Jan 11, 2002 at 10:00:32PM -0500, Hubert Chan wrote:
So daemon, bin, sys, ftp, www-data, mail, mysql, etc. can probably be
set to /bin/false. (Why does Debian not do this by default?)
Apart from the ftp users which (sometimes) need their ftp password to
be stored in /etc/shadow and thus
15 matches
Mail list logo
